| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 10, Trotux eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.02.2017, 17:10
| #1 |
 |  Win 10, Trotux eingefangen Hallo Ich hatte mir vor ein paar Tagen den Trotux virus eingefangen, als ich ein Spiel herunterladen wollte. Gemerkt hatte ich das, als plötzlich eine andere Startseite im Firefox als üblich erschien. Das habe ich mittlerweile zwar hingekriegt, aber ich kann den Windows Defender nicht mehr starten und möchte gerne alle Überreste beseitigt haben. Dazu brauche ich aber Hilfe. Was ich bisher gemacht habe:
Logfile AdwCleaner: Code:
ATTFilter # AdwCleaner v6.043 - Logfile created 02/02/2017 at 20:06:41
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-02.1 [Server]
# Operating System : Windows 10 Pro (X64)
# Username : Strat_000 - STRATOS
# Running from : C:\Users\Strat_000\Downloads\adwcleaner_6.043.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: 979432646fb8d2c72e38eabd0feca534
[-] Service deleted: adf3af545da818dd3bf2dcd267c40b7a
[-] Service deleted: rtop
[-] Service deleted: Lace514
***** [ Folders ] *****
[-] Folder deleted: C:\Users\Strat_000\AppData\Roaming\download Manager
[-] Folder deleted: C:\Program Files\ByteFence
[-] Folder deleted: C:\ProgramData\ByteFence
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ByteFence
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sear Browser Enhancer
[-] Folder deleted: C:\Program Files (x86)\myfree codec
[-] Folder deleted: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
***** [ Files ] *****
[-] File deleted: C:\WINDOWS\SysNative\drivers\979432646fb8d2c72e38eabd0feca534.sys
[-] File deleted: C:\WINDOWS\SysNative\drivers\LACE_WPF_X64.SYS
[-] File deleted: C:\END
[-] File deleted: C:\ProgramData\NTUSER.POL
[-] File deleted: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\yahoo! powered.xml
[#] File deleted: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\SEARCHPLUGINS\YAHOO! POWERED.XML
[-] File deleted: C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
[-] Task deleted: 5trJBx8MaJ
***** [ Registry ] *****
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key deleted: HKU\.DEFAULT\Software\ByteFence
[-] Key deleted: HKU\.DEFAULT\Software\jhtrsq
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Myfree Codec
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\WajIEnhance
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Yahoo\Companion
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\csastats
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Key deleted on reboot: HKU\S-1-5-18\Software\ByteFence
[#] Key deleted on reboot: HKU\S-1-5-18\Software\jhtrsq
[#] Key deleted on reboot: HKCU\Software\Myfree Codec
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\WajIEnhance
[#] Key deleted on reboot: HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: HKCU\Software\csastats
[-] Key deleted: HKLM\SOFTWARE\ByteFence
[-] Key deleted: HKLM\SOFTWARE\Myfree Codec
[-] Key deleted: HKLM\SOFTWARE\OtherSearch
[-] Key deleted: HKLM\SOFTWARE\trotuxSoftware
[-] Key deleted: HKLM\SOFTWARE\Socia2Sear Browser Enhancer
[-] Key deleted: HKLM\SOFTWARE\jhtrsq
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OtherSearch
[#] Key deleted on reboot: [x64] HKCU\Software\Myfree Codec
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\WajIEnhance
[#] Key deleted on reboot: [x64] HKCU\Software\Yahoo\Companion
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: [x64] HKLM\SOFTWARE\Socia2Sear Browser Enhancer
[-] Key deleted: [x64] HKLM\SOFTWARE\jhtrsq
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Data restored: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Key deleted: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658}
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658}
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
***** [ Web browsers ] *****
[-] Chrome preferences cleaned: "browser.search.selectedEngine" - "Yahoo! Powered"
[-] [C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Deleted: hxxp://www.trotux.com/?z=78c02b1356d030e119603b1g8z1b6q4e7q0gcqbw4q&from=isr&uid=ST500LM000-1EJ162_W372VR2RXXXXW372VR2R&type=hp
[-] [C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Deleted: hxxp://www.trotux.com/?z=78c02b1356d030e119603b1g8z1b6q4e7q0gcqbw4q&from=isr&uid=ST500LM000-1EJ162_W372VR2RXXXXW372VR2R&type=hp
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6715 Bytes] - [02/02/2017 20:06:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [7021 Bytes] - [02/02/2017 20:05:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6861 Bytes] ##########
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017
Ran by Strat_000 (administrator) on STRATOS (08-02-2017 16:44:37)
Running from C:\Users\Strat_000\Desktop
Loaded Profiles: Strat_000 & (Available Profiles: Strat_000 & Guest & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dassault Systemes) C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Autodesk, Inc.) D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
(MakerBot) D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
(3Dconnexion) D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
(National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-23] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-14] ()
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-18] (Logitech Inc.)
HKLM\...\Run: [3DxWare Service] => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2160512 2015-12-10] (3Dconnexion, INC)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26142864 2017-01-18] (Dropbox, Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342201\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345252\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Policies\Explorer: []
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Policies\Explorer: []
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Policies\Explorer: []
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342853\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346364\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKLM\...\Providers\81bd26iq: C:\Program Files (x86)\Terbaent Center\local64spl.dll [289792 2017-02-02] ()
ShellExecuteHooks: No Name - {1215881A-DE48-11E6-9639-64006A5CFC23} - C:\Users\Strat_000\AppData\Roaming\Taptherzijaty\Cliqichpuger.dll [148992 2017-02-02] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.11.0.dll [2017-01-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-12-21]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation)
Startup: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-31]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-968931954-2191872932-1542864395-1001] => hxxp://pac.zhaw.ch/proxy.pac
AutoConfigURL: [S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317] => hxxp://pac.zhaw.ch/proxy.pac
AutoConfigURL: [S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420] => hxxp://pac.zhaw.ch/proxy.pac
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320 2012-05-31] (National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368 2012-05-31] (National Instruments Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
ManualProxies: 0hxxp://pac.zhaw.ch/proxy.pac
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317 -> {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420 -> {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-05] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> hxxp://www.startpage.com/
FireFox:
========
FF ProfilePath: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default [2017-02-08]
FF NewTab: Mozilla\Firefox\Profiles\bcrhru5j.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\bcrhru5j.default -> www.startpage.com
FF Keyword.URL: Mozilla\Firefox\Profiles\bcrhru5j.default -> user_pref("keyword.URL", true);
FF Extension: (Codebender.cc Plugin) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\codebender@codebender.cc [2016-04-14]
FF Extension: (Speed Manager Plus) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{936216dc-1346-4a00-9d4d-ee8a61977a6d}.xpi [2016-05-18] [not signed]
FF Extension: (Speed Addon) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{afebcc45-0538-4b91-9ab9-4390df4928c2}.xpi [2015-12-19] [not signed]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\81bd26iq.xml [2017-02-02]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\ecosia.xml [2016-04-19]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-images.xml [2014-10-29]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-maps.xml [2014-10-29]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\qwantcom.xml [2015-04-08]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\start-page.xml [2016-11-21]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage---deutsch.xml [2017-01-21]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage-https---deutsch.xml [2017-01-29]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\wikispaces-arduino-info.xml [2016-02-19]
FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\youtube.xml [2015-11-21]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-03] [not signed]
FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found
FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found
FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found
FF Plugin: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll [2014-05-23] ()
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-24] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll [2013-07-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-24] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2012-10-04] (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.trotux.com/search/?q={searchTerms}&z=78c02b1356d030e119603b1g8z1b6q4e7q0gcqbw4q&from=isr&uid=ST500LM000-1EJ162_W372VR2RXXXXW372VR2R&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> trotux
CHR Profile: C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-02] <==== ATTENTION
CHR Extension: (Google Präsentationen) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-30]
CHR Extension: (Google Docs) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-04]
CHR Extension: (Google Drive) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-04]
CHR Extension: (YouTube) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-30]
CHR Extension: (Google Docs Offline) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-30]
CHR Extension: (Google Mail) - C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 BBDemon; C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe [53520 2014-12-12] (Dassault Systemes)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [File not signed]
R2 Ckemghrajock; C:\Program Files (x86)\Sahotplerpoied\rdkhst.dll [149504 2017-02-02] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-01-04] (Dropbox, Inc.)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation)
S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.)
R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation)
R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.)
R2 MakerBot Conveyor Service; D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe [85504 2016-01-01] (MakerBot) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 MDESIGNCanon; C:\Program Files (x86)\MDESIGN\MDESIGNCanon.dll [225280 2017-02-02] () [File not signed]
R2 Mgl3DCtlrRPCService; D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2015-12-10] (3Dconnexion) [File not signed]
R2 mitsijm2014; D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation)
R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation)
R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-11-14] (NVIDIA Corporation)
S2 OtherSearch; C:\Program Files (x86)\vHQ9mIqDCy\kl.dll [517632 2017-01-31] () [File not signed] <==== ATTENTION
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-09-29] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [39184 2015-11-07] (3Dconnexion SAM)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-02] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-02] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2015-11-07] (3Dconnextion Inc.)
R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2015-11-07] (3Dconnextion Inc.)
S3 LAN7500; C:\WINDOWS\system32\DRIVERS\lan7500-x64-n630f.sys [105960 2015-07-22] (SMSC)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176584 2017-02-02] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-02-02] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-02] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-02-08] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [4112656 2015-09-23] (Intel Corporation)
S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation)
S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation)
R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation)
S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation)
R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation)
S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation)
R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R3 VSTWinDriver6; C:\WINDOWS\system32\drivers\VSTwindrvr6.sys [252928 2015-08-27] (Jungo)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-08 16:44 - 2017-02-08 16:44 - 00048596 _____ C:\Users\Strat_000\Desktop\FRST.txt
2017-02-08 16:44 - 2017-02-08 16:44 - 00000000 ____D C:\FRST
2017-02-08 16:38 - 2017-02-08 16:38 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\09CF649C.sys
2017-02-02 21:00 - 2017-02-08 16:42 - 02421248 _____ (Farbar) C:\Users\Strat_000\Desktop\FRST64.exe
2017-02-02 20:23 - 2017-02-02 20:23 - 00176584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-02 20:22 - 2017-02-08 16:38 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-02 20:22 - 2017-02-02 20:22 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-02 20:22 - 2017-02-02 20:22 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-02 20:22 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-02-02 20:09 - 2017-02-02 20:09 - 00007000 _____ C:\Users\Strat_000\Desktop\AdwCleaner[C0].txt
2017-02-02 20:08 - 2017-02-02 20:08 - 00000000 ____D C:\WINDOWS\Panther
2017-02-02 20:04 - 2017-02-02 20:06 - 00000000 ____D C:\AdwCleaner
2017-02-02 19:54 - 2017-02-02 20:07 - 00000000 ____D C:\Program Files (x86)\Sahotplerpoied
2017-02-02 19:54 - 2017-02-02 19:55 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-02 19:54 - 2017-02-02 19:54 - 00006120 _____ C:\WINDOWS\System32\Tasks\Terbaent Center
2017-02-02 19:54 - 2017-02-02 19:54 - 00003776 _____ C:\WINDOWS\System32\Tasks\Tirationaneberse
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Taptherzijaty
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Roresebekage
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avira
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avg
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\Program Files (x86)\vHQ9mIqDCy
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\Program Files (x86)\Terbaent Center
2017-01-30 22:50 - 2017-01-30 22:50 - 03296953 _____ C:\WINDOWS\985ce68a3bd4faf34928a63da520e81d.exe
2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Python34
2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyScripter-x64
2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Program Files\PyScripter
2017-01-25 14:06 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-01-25 14:05 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Deployment
2017-01-25 14:05 - 2017-01-25 14:05 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Apps\2.0
2017-01-25 12:59 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 12:59 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-01-24 21:36 - 2017-01-24 21:36 - 00000000 ____D C:\Users\Strat_000\Downloads\temp
2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Risen2
2017-01-20 20:14 - 2017-01-20 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-20 20:12 - 2017-01-20 20:12 - 00000000 ____D C:\ProgramData\Firefly Studios
2017-01-20 20:11 - 2017-01-20 20:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2
2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2017-01-20 17:15 - 2017-01-20 19:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold
2017-01-15 14:56 - 2017-01-15 15:40 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Notepad++
2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\Program Files\Notepad++
2017-01-12 20:14 - 2017-01-12 20:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-01-12 20:14 - 2017-01-12 20:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-01-12 20:14 - 2017-01-12 20:14 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-01-11 17:39 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:39 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:39 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:39 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:39 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:39 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:39 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:39 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:39 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:39 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:39 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:39 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:39 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:39 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:39 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:39 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:39 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:39 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:39 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:39 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:39 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:39 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:39 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:39 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:39 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:39 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:39 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:39 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:39 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:39 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:39 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:39 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:39 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:39 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:39 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:39 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:39 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:39 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:39 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:39 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:39 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:39 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:39 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:39 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:39 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:39 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:39 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:39 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:39 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:39 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:39 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:39 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:39 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:39 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:39 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:39 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:39 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:39 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:39 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:39 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:39 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:39 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:39 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:39 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:39 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:39 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:39 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:39 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:39 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:39 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:39 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:39 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:39 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:39 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:39 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:39 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:39 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:39 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:39 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:39 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:39 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:39 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:39 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:39 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:39 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:39 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:39 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:39 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:39 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:39 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 17:39 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 17:39 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 17:39 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 17:39 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 17:39 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:39 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:39 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:39 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:39 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:39 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:39 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:39 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:39 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:39 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:39 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:39 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:39 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:39 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:39 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:39 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:39 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:39 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:39 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:39 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:39 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:39 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:39 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:39 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:39 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:39 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:39 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:39 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:39 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:39 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:39 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:39 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:39 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:39 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:39 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:39 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:39 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:39 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:39 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:39 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:39 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:39 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:39 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:39 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:39 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:39 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:39 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:39 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:39 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:39 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:39 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:39 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:39 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:39 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:39 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:39 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:39 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:39 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:39 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:39 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:39 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:39 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:39 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:39 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:39 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-11 17:39 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-08 16:44 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-08 16:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-08 16:41 - 2016-04-30 11:19 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-08 16:39 - 2016-10-12 16:10 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Akamai
2017-02-08 16:38 - 2016-09-28 20:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-08 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-08 16:38 - 2016-03-27 09:41 - 00000000 __SHD C:\Users\Strat_000\IntelGraphicsProfiles
2017-02-02 21:53 - 2016-09-28 21:00 - 00000000 ____D C:\Users\Strat_000
2017-02-02 20:29 - 2016-09-28 20:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-02 20:15 - 2014-04-04 09:15 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-02-02 20:11 - 2016-09-28 21:00 - 01601276 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-02 20:08 - 2016-09-28 21:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-02 20:07 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-02 19:55 - 2014-09-23 15:50 - 00000000 ____D C:\Program Files (x86)\MDESIGN
2017-02-02 19:54 - 2016-12-21 17:02 - 00000000 ____D C:\Program Files (x86)\National Instruments
2017-02-02 19:54 - 2016-09-29 06:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-02 19:54 - 2014-08-22 21:03 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2017-01-30 15:50 - 2015-06-28 14:29 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Eclipse
2017-01-30 15:50 - 2015-06-28 14:23 - 00000000 ____D C:\Users\Strat_000\.p2
2017-01-29 09:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-25 16:36 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-25 13:19 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-24 20:05 - 2015-10-16 09:42 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Ansys
2017-01-24 16:36 - 2015-09-12 07:18 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-24 16:17 - 2016-10-05 16:11 - 00000760 _____ C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini
2017-01-24 16:17 - 2016-10-05 16:11 - 00000463 _____ C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini
2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-24 10:06 - 2014-08-28 21:03 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Adobe
2017-01-22 22:03 - 2014-08-21 22:11 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Packages
2017-01-21 17:57 - 2015-11-04 21:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-21 12:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-21 10:32 - 2014-11-02 11:08 - 00000000 ___RD C:\Users\Strat_000\Dropbox
2017-01-20 20:14 - 2016-11-08 20:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-01-20 17:15 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-01-20 17:15 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-01-20 17:15 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-01-13 16:07 - 2014-08-21 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-13 16:04 - 2016-09-28 20:56 - 00446272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-13 10:19 - 2016-09-28 21:14 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-13 08:38 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-13 08:37 - 2014-08-22 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-12 21:24 - 2014-08-22 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-12 21:22 - 2014-08-22 15:46 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-12 21:21 - 2014-08-22 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
==================== Files in the root of some directories =======
2016-02-16 20:23 - 2016-02-16 20:23 - 0001164 _____ () C:\Users\Strat_000\AppData\Roaming\CoolTerm_Prefs.plist
2016-10-05 16:11 - 2017-01-24 16:17 - 0000463 _____ () C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini
2014-09-15 09:29 - 2016-10-05 16:27 - 0001390 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV3.ini
2016-10-05 16:11 - 2017-01-24 16:17 - 0000760 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini
2016-10-03 10:51 - 2016-10-04 16:20 - 0000103 _____ () C:\Users\Strat_000\AppData\Roaming\WB.CFG
2015-09-05 20:13 - 2015-09-06 16:34 - 0000337 _____ () C:\Users\Strat_000\AppData\Local\Perfmon.PerfmonCfg
2016-12-29 18:14 - 2016-12-29 18:14 - 0013951 _____ () C:\Users\Strat_000\AppData\Local\recently-used.xbel
2016-09-28 20:58 - 2016-09-28 20:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-08-21 20:45 - 2014-08-21 20:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
2017-01-25 14:09 - 2017-01-25 14:09 - 22300400 _____ () C:\Users\Strat_000\AppData\Local\Temp\carambis_driver_updater_142a09cc71d44bb5813296336cc515d7965cb751.exe
2017-01-20 20:11 - 2006-08-21 22:09 - 0040960 _____ () C:\Users\Strat_000\AppData\Local\Temp\comver.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-29 10:28
==================== End of FRST.txt ============================
Gruss Stratos |
|
08.02.2017, 17:12
| #2 |
| | Win 10, Trotux eingefangen Und noch das Logfile Addition.txt (Achtung musste es in mehreren Posts senden, weil zu viele Zeichen):
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2017
Ran by Strat_000 (08-02-2017 16:45:10)
Running from C:\Users\Strat_000\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-28 20:15:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-968931954-2191872932-1542864395-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-968931954-2191872932-1542864395-503 - Limited - Disabled)
Guest (S-1-5-21-968931954-2191872932-1542864395-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-968931954-2191872932-1542864395-1003 - Limited - Enabled)
Strat_000 (S-1-5-21-968931954-2191872932-1542864395-1001 - Administrator - Enabled) => C:\Users\Strat_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D XML Player (HKLM\...\{383D9F1B-A4F6-4C6C-A925-05A2636A0176}) (Version: 16.7.14143 - Dassault Systemes)
3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.3.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.3.0.12346 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2016 (Version: 2.1.1 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST8 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS 2005 - 2016 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.2.1 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (x32 Version: 1.0.2.12216 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2016 (Version: 6.1.2 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2016 (Version: 5.1.1 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v11.0 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.4 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.3 - 3Dconnexion) Hidden
3Dconnexion Viewer and Assembly Demo (x32 Version: 0.9.0.0 - 3Dconnexion) Hidden
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.7 - Arduino LLC)
AutoCAD Electrical 2014 - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
AutoCAD Electrical 2014 Language Pack - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
Autodesk 123D Catch (HKLM-x32\...\{413A0A2B-D154-4457-833F-3299DB3183FF}) (Version: 1.0.654 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD Electrical 2014 - Deutsch (German) (HKLM\...\AutoCAD Electrical 2014 - Deutsch (German)) (Version: 11.0.57.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2449 - Autodesk, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2449 - Autodesk, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2449 - Autodesk, Inc.)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Professional 2014 - Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.1.22200.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.1.22200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - Deutsch (German) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 SP1 (HKLM\...\Autodesk Inventor Professional 2014 SP1) (Version: 18.1.22200.0000 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Product Design Suite 2014 (HKLM\...\Autodesk Product Design Suite 2014) (Version: 3.0.100.017 - Autodesk)
Autodesk Product Design Suite 2014 (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk Product Design Suite 2014 Language Pack (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
Berkeley Madonna (HKLM-x32\...\{27AB9BD6-4A3E-4BBD-8381-CD445E474936}) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Cura 15.04 (HKLM-x32\...\Cura_15.04) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dassault Systemes Software Version 5-6 Release 2015 (B25) (HKLM\...\Dassault Systemes B25_0) (Version: - )
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell System Detect (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell System Detect (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
D-Fend Reloaded 1.4.4 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dropbox (HKLM-x32\...\Dropbox) (Version: 18.4.32 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
EVE Online (HKLM\...\Steam App 8500) (Version: - CCP)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
FARO LS 1.1.504.10 (64bit) (HKLM-x32\...\{08828409-24D2-4FD6-9EC4-DF2D8CCC183B}) (Version: 5.4.10.43135 - FARO Scanner Production)
FileZilla Client 3.14.0 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FileZilla Client 3.14.0 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
FileZilla Client 3.14.0 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.98.721 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.24.627 - Digital Wave Ltd)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.7.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6e3d3c5f-ea0c-4457-850d-9dd60b6ab95a}) (Version: 16.8.0 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JCreator Pro 5.00 (HKLM-x32\...\JCreator Pro_is1) (Version: - Xinox Software)
KeyShot 5 Floating 64 bit (HKLM-x32\...\KeyShot 5 Floating_64) (Version: 5.0 64 bit Floating - Luxion ApS)
KISSsoft 03-2015 (HKLM-x32\...\{C0293A42-6D5D-4F71-9042-74007EBAFA55}) (Version: 15.03.000 - KISSsoft AG)
K-Lite Codec Pack 12.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.5 - KLCP)
Kontur-Scanner (HKLM-x32\...\{04270C05-149B-46F3-BDB3-22AF8A8B54C2}) (Version: 1.0.5 - Keller)
Logger Pro 3.10.1 (HKLM-x32\...\{B91FFD97-1C41-4877-7B97-9D62814E50AD}) (Version: 5.182.666 - Vernier Software & Technology)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
MakerBot_Bundle_BETA_3.9.1.1346_x64 (HKLM-x32\...\MakerBot) (Version: 3.9.1.1346 - MakerBot)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
Math-Kernel-Bibliotheken (64 Bit) (Version: 1.0.23.0 - National Instruments) Hidden
Math-Kernel-Bibliotheken (x32 Version: 1.0.23.0 - National Instruments) Hidden
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
MDESIGN 2014 (HKLM-x32\...\MDESIGN explorer 15) (Version: 15 - TEDATA)
Mendeley Desktop 1.14 (HKLM-x32\...\Mendeley Desktop) (Version: 1.14 - Mendeley Ltd.)
Mesh Enabler (HKLM-x32\...\{539C1162-6FC6-4011-B59A-FC20916F575E}) (Version: 1.0.5 - Autodesk)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 11.0.544 - Autodesk, Inc.)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.6.0.6200 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
Myo Connect (HKLM-x32\...\Thalmic Labs Myo Connect) (Version: 1.0.1 - Thalmic Labs)
MySQL Connector C++ 1.1.4 (HKLM\...\{1F5C1E97-AE40-4EE7-9959-3D8038B6EAC8}) (Version: 1.1.4 - Oracle and/or its affiliates)
MySQL Connector/C 6.1 (HKLM\...\{4E2AAB30-1E42-4ACA-B1A9-3AE8629D0C89}) (Version: 6.1.5 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.5 (HKLM-x32\...\{BCF64211-43D1-4152-A152-7E30D0D7570D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Examples and Samples 5.5 (HKLM-x32\...\{33A3D172-0E98-4D16-80DD-9CB3D4AC814D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{2D5C73E8-EA6C-4A0A-8B27-FF48B04977E5}) (Version: 1.3.7.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Utilities (HKLM-x32\...\{0B18AA75-6A44-4950-A0A2-A486C2D839A0}) (Version: 1.4.4 - Oracle Corporation)
National Instruments - Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NI Authentication 12.0.0 (64-bit) (Version: 12.0.367.0 - National Instruments) Hidden
NI Authentication 12.0.0 (x32 Version: 12.0.367.0 - National Instruments) Hidden
NI Certificates Deployment Support (x32 Version: 1.03.49152 - National Instruments) Hidden
NI Curl 12.0.0 (64-bit) (Version: 12.0.412.0 - National Instruments) Hidden
NI Curl 12.0.0 (x32 Version: 12.0.412.0 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.10.393 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 12.0.0 (x32 Version: 12.0.46.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 12.0.0 (Version: 12.0.46.0 - National Instruments) Hidden
NI LabVIEW 2012 Deployment Framework (x32 Version: 12.0.369.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 f3 (x32 Version: 12.0.435.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 (x32 Version: 12.0.204.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Webserver 2012 (x32 Version: 12.0.406.0 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI Logos 5.4 (64 Bit) (Version: 5.4.303.0 - National Instruments) Hidden
NI Logos 5.4 (x32 Version: 5.4.303.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.4.295.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.4.295.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.10.393 - National Instruments) Hidden
NI mDNS Responder 2.1 for Windows 64-bit (Version: 2.10.49152 - National Instruments) Hidden
NI mDNS Responder 2.1.0 (x32 Version: 2.10.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 Support (x32 Version: 12.0.125.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 12.0.218.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 12.0.358.0 - National Instruments) Hidden
NI System Web Server 12.0 (x32 Version: 12.0.414.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (64-bit) (Version: 12.0.407.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (x32 Version: 12.0.407.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (64 Bit) (Version: 2.4.55.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (x32 Version: 2.4.55.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 12.0.401.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 12.0.401.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.10.393 - National Instruments) Hidden
NI Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2012. (x32 Version: 12.0.363.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI Web Application Server 12.0 (64 Bit) (Version: 12.0.422.0 - National Instruments) Hidden
NI Web Application Server 12.0 (x32 Version: 12.0.422.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 (x32 Version: 2.7.180.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0 - National Instruments) Hidden
NI-ActiveX-Container (64-bit) (Version: 12.0.14.0 - National Instruments) Hidden
NI-ActiveX-Container (x32 Version: 12.0.14.0 - National Instruments) Hidden
NI-DIM 1.13.0f0 (x32 Version: 1.130.49152 - National Instruments) Hidden
NI-DIM 1.13.0f0 for 64 Bit Windows (Version: 1.130.49152 - National Instruments) Hidden
NI-Fehlerprotokolle 2012 (x32 Version: 12.0.172.0 - National Instruments) Hidden
NI-ORB 1.10.0f0 (x32 Version: 1.100.49152 - National Instruments) Hidden
NI-ORB 1.10.0f0 for 64 Bit Windows (Version: 1.100.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 (x32 Version: 10.91.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 for 64 Bit Windows (Version: 10.91.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 (x32 Version: 4.30.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 for 64 Bit Windows (Version: 4.30.49152 - National Instruments) Hidden
NI-VISA Runtime 5.2.0 (x32 Version: 5.20.49152 - National Instruments) Hidden
NI-VISA x64 support 5.2.0 (Version: 5.20.49152 - National Instruments) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3 - Notepad++ Team)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC)
PureSync (x32 Version: 4.4.2 - Jumping Bytes) Hidden
PureSync 4.4.2 (HKLM-x32\...\PureSync) (Version: 4.4.2 - Jumping Bytes)
PyScripter 2.6.0 (HKLM\...\PyScripter_is1) (Version: 2.6.0 - PyScripter)
Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version: - Piranha Bytes)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SMSC LAN7500 Device Driver (HKLM\...\{DE2877F8-0FD0-471D-9A5C-79B8FD6EEE61}) (Version: 13.08.08.0 - SMSC)
Social2Search (HKLM\...\adf3af545da818dd3bf2dcd267c40b7a) (Version: 11.12.1.308 (i1.0) - Social2Search) <==== ATTENTION
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0046 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version: - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version: - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version: - FireFly Studios)
Stronghold Legends (HKLM\...\Steam App 40980) (Version: - FireFly Studios)
SWITCHdrive (HKLM-x32\...\SWITCHdrive) (Version: 1.8.1.328 - SWITCH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
TI-Nspire™ CX CAS Student Software (HKLM-x32\...\{E994956D-8CA7-4091-BFF5-0C749470BA2E}) (Version: 4.0.0.235 - Texas Instruments Inc.)
trotux - Uninstall (HKLM-x32\...\{BB8ED0C6-702D-4078-8C64-8CBEFD5BBD2D}) (Version: - ) <==== ATTENTION
Unterstützung für NI SSL (64 Bit) (Version: 12.0.408.0 - National Instruments) Hidden
Unterstützung für NI SSL (x32 Version: 12.0.408.0 - National Instruments) Hidden
Update for Skype for Business 2015 (KB3141468) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PRJPROR_{0BA3C700-ABED-4994-BB60-2FD66DFAF674}) (Version: - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VISA Shared Components 64-Bit (HKLM-x32\...\VISASharedComponents) (Version: - )
VISA Shared Components 64-Bit (Version: 1.4.0 - IVI Foundation Inc.) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
WhatsApp (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
WhatsApp (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
WhatsApp (HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Driver Package - MakerBot Industries (WinUsb) USBDevice (09/11/2015 100.2.0.0) (HKLM\...\D015024C58122C3796867839B7E92961E6A4C307) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\04E27032638FDAAC836AACDBF2A93300A4E13BD1) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\0ED5517650E58DD9FB879217FC7CF165DEC4583B) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\67352CAC0149049BD2BE7B68AB77464472C339CD) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\9F57D28C2B5AEBAF582F84C4BE4F2AB1798631C9) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami)
yEd Graph Editor 3.13 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.13 - yWorks GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)
Z88Aurora V3 (HKLM\...\{3AFDAB60-DBBD-449F-974E-6EF6430440E3}) (Version: 2.0 - Lehrstuhl fuer Konstruktionlehre und CAD, Universitaet Bayreuth)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\Autodesk\webdeploy\production\b8535b136583feacdb288f6ed972e6555b191b85\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\Autodesk\webdeploy\production\b8535b136583feacdb288f6ed972e6555b191b85\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
============================
|
|
08.02.2017, 17:13
| #3 |
| | Win 10, Trotux eingefangen Hier noch der zweite Teil der Addition.txt:
__________________Code:
ATTFilter CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\Autodesk\webdeploy\production\b8535b136583feacdb288f6ed972e6555b191b85\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01AC3BCD-91B5-442A-838C-06A4AECEDB68} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {10FF88E4-4F5C-4210-9CF1-FCF6FE125565} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-09] (Realtek Semiconductor)
Task: {276A56A3-61FE-48EF-A91B-6A45BF7A44F3} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {27A5FBFB-A20A-44D3-BEE1-CE8D54127415} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29ED19C1-4DB1-4E68-9D61-D58D1F051D58} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {34442C84-E788-4C75-810E-2C62198AF600} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CDB011F-78FE-464C-ACF0-73C56EDE66D0} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2015-12-10] (3Dconnexion, INC)
Task: {55CA8361-4353-450A-95B9-9ECC893231FE} - System32\Tasks\Tirationaneberse => /i hxxp://d2buh1bf1g584w.cloudfront.net/msi/rel.php?u=ST500LM000-1EJ162_W372VR2RXXXXW372VR2R&v=201722 /q
Task: {5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6A0B907B-24B9-40C9-BD32-913B05D1D72B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6ACCE957-2398-43C6-AE25-584C75C63E4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {6DD54919-F068-4A0A-8871-0CA3EA898CB5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {6E8B881F-E3C2-4164-8878-2876EA2DE1D9} - System32\Tasks\{88AC59FD-2726-4F6F-A67C-F19C07F7D797} => pcalua.exe -a C:\Users\Strat_000\Downloads\Arduino\CDM_v2.12.00_WHQL_Certified.exe -d C:\Users\Strat_000\Downloads\Arduino
Task: {71F5F33F-9F6D-4917-A791-46476F8F8196} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-06] (Synaptics Incorporated)
Task: {73EC7F04-D64B-4B09-9880-782D0B9E8A63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {774D4959-E21E-48AC-9B68-6F4664BB7CE3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {81E0FC16-5D40-4E14-A306-744E9744283D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {855DD682-45F8-422C-97BC-413992ED2AF5} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-01] ()
Task: {88A50F63-9FBE-4DC8-9311-3932E2C4C74E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8C1F448D-150B-42ED-B35D-1179B9A5C2B3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {944BDA3A-5EFE-477C-9B12-1DFFF82E983D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {A146860A-EB9D-4058-9225-8B1F04E65473} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A49DA27C-BFD6-4512-B975-40563AFC6375} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.6\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {A61FA6F1-8E22-4429-B94D-BCD11AF58D68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7827E95-2F5C-4356-83EA-2BB2B5F78E86} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AA028DCF-8E68-4658-8FBE-995D7AB78540} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ACCFAFE1-0665-4ED4-81E6-0D3585C8AE6C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B272403A-7AC5-4DC3-86F8-2D6E3039D046} - System32\Tasks\Terbaent Center => C:\Program Files (x86)\Sahotplerpoied\coakory.exe [2017-02-02] (Glarysoft Ltd)
Task: {B4808A2E-A8D2-4050-B621-AB299C0F4D4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BFF9D5AA-8F2F-4682-81C3-6F259CB8BFA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE06EE05-1671-4C23-BCD8-F0380A83F633} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wurm Online\Wurm Online.lnk -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.wurmonline.com/client/wurmclient.jnlp "C:\Users\Strat_000\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\5fef8269-714a391b"
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Loaded Modules (Whitelisted) ==============
2017-02-02 19:54 - 2017-02-02 19:54 - 00289792 ____H () C:\Program Files (x86)\Terbaent Center\local64spl.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-22 17:17 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-22 23:12 - 2016-02-22 23:12 - 00138240 _____ () D:\Program Files\Makerbot\MakerWare\jsoncpp.dll
2015-12-07 20:18 - 2015-12-07 20:18 - 00111616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ctypes.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00047616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_socket.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 01210368 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ssl.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00474624 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_hashlib.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00010752 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\select.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00689664 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\unicodedata.pyd
2015-08-19 22:48 - 2015-08-19 22:48 - 02596352 _____ () D:\Program Files\Makerbot\MakerWare\vtkCommon.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 03111424 _____ () D:\Program Files\Makerbot\MakerWare\vtkFiltering.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 04569600 _____ () D:\Program Files\Makerbot\MakerWare\vtkIO.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 05822464 _____ () D:\Program Files\Makerbot\MakerWare\vtkGraphics.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02572288 _____ () D:\Program Files\Makerbot\MakerWare\opencv_core2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 01200640 _____ () D:\Program Files\Makerbot\MakerWare\opencv_calib3d2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02236928 _____ () D:\Program Files\Makerbot\MakerWare\opencv_imgproc2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02413056 _____ () D:\Program Files\Makerbot\MakerWare\opencv_highgui2410.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00019456 _____ () D:\Program Files\Makerbot\MakerWare\boost_system-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00050688 _____ () D:\Program Files\Makerbot\MakerWare\boost_date_time-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00116224 _____ () D:\Program Files\Makerbot\MakerWare\boost_filesystem-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00100864 _____ () D:\Program Files\Makerbot\MakerWare\boost_thread-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00243200 _____ () D:\Program Files\Makerbot\MakerWare\vtksys.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00159232 _____ () D:\Program Files\Makerbot\MakerWare\vtkverdict.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00116736 _____ () D:\Program Files\Makerbot\MakerWare\vtkDICOMParser.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00783360 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00110592 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF_cxx.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00080896 _____ () D:\Program Files\Makerbot\MakerWare\LSDyna.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00611328 _____ () D:\Program Files\Makerbot\MakerWare\vtkmetaio.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00127488 _____ () D:\Program Files\Makerbot\MakerWare\vtkpng.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00065024 _____ () D:\Program Files\Makerbot\MakerWare\vtkzlib.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00141312 _____ () D:\Program Files\Makerbot\MakerWare\vtkjpeg.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00314880 _____ () D:\Program Files\Makerbot\MakerWare\vtktiff.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00128000 _____ () D:\Program Files\Makerbot\MakerWare\vtkexpat.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00656896 _____ () D:\Program Files\Makerbot\MakerWare\opencv_flann2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00869888 _____ () D:\Program Files\Makerbot\MakerWare\opencv_features2d2410.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00028672 _____ () D:\Program Files\Makerbot\MakerWare\boost_chrono-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 02085888 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00097280 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5_hl.dll
2016-02-23 00:11 - 2016-02-23 00:11 - 00107520 _____ () D:\Program Files\Makerbot\MakerWare\tinything.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-28 20:59 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla\FileZilla FTP Client\fzshellext_64.dll
2015-05-14 16:36 - 2015-05-14 16:36 - 00059904 _____ () C:\Program Files (x86)\SWITCHdrive\shellext\OCUtil_x64.dll
2016-07-06 19:10 - 2016-07-06 19:10 - 01249792 _____ () C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2016-09-29 19:13 - 2016-09-29 19:13 - 00959168 _____ () C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-29 06:53 - 2016-09-29 06:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:39 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-02 20:22 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-02 20:22 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-11 17:39 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:39 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-10-16 00:48 - 2014-10-16 00:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-21 20:47 - 2016-02-24 05:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-08-21 20:47 - 2016-02-24 05:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2017-02-02 19:54 - 2017-02-02 19:54 - 00149504 _____ () c:\program files (x86)\sahotplerpoied\rdkhst.dll
2014-04-04 09:09 - 2013-09-12 05:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-02 19:55 - 2017-02-02 19:55 - 00225280 ____H () C:\Program Files (x86)\MDESIGN\MDESIGNCanon.dll
2012-05-29 18:07 - 2012-05-29 18:07 - 01958560 _____ () C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll
2016-09-29 19:13 - 2016-09-29 19:13 - 00679624 _____ () C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-01-30 09:35 - 00002024 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
There are 4 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342273\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345350\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342298\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345382\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342853\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346364\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.2.17.61 - 62.2.24.158
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "Synology Cloud Station Drive.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Boxcryptor.exe"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\StartupFolder: => "Synology Cloud Station Drive.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "Boxcryptor.exe"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342317\...\StartupApproved\Run: => "PureSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\StartupFolder: => "Synology Cloud Station Drive.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "Boxcryptor.exe"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345420\...\StartupApproved\Run: => "PureSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{4FC1D526-EF5A-4967-8B8F-BBA348CF3B98}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{1D91F143-4DBA-4103-BF7C-8F0A0BE214CE}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{3AA47883-2275-4002-93AB-3EB175A00776}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [TCP Query User{77A98965-8254-4441-B3FA-72487E2F3A66}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [{0FEB7A54-AB1C-4113-8581-88A1A1D9DCB0}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{0A43AFC9-B2D6-4905-B033-885849EB19EF}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{7A9ED19D-239E-4B26-A0CA-CF258389F525}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{D59B3327-671A-4933-8525-E1F8AED67A7A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{8EA6FB88-0402-4E29-98F9-153E6A793B7F}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{6C1E5429-92B1-42C1-8810-294F55BD83A4}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{CF54E191-727B-44E7-8728-23DF668614FC}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{A8C03A37-6B8A-45D2-9239-C0813D13363A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{628D3104-C402-4D92-965A-4FCDA6A06B27}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6608F61-5D07-477D-89F5-1CA76A7BA4E2}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8AAB0F8-8D2E-45C8-8664-3674A8BBDEE5}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE5BCB22-7F43-435B-BD76-BBDDF18A45E2}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{382C072E-19EA-46A9-80D3-B3CD6391FAB4}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [TCP Query User{694FB801-CD9C-42F3-9F15-D710543E0EAE}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{E958FC1D-5113-42CE-8858-96E7C482E13C}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [TCP Query User{76C6585F-23DD-49ED-A105-F43F2D4A8270}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [UDP Query User{CEA97193-0A27-4872-86DC-A75D60E9D0C3}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{0AC9B4CE-B421-4F89-AC4F-F19E88CE6981}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{1DBB1F1E-3DAA-4E2C-A835-5995134E66C6}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{7D867815-9417-4D85-80D7-FA16BE154953}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [{CD9F58CA-4C3C-455B-9C79-E1DBB81D4271}] => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B64B6C2F-A98F-4696-A97C-DA0C0E03DA55}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4219914F-17B0-4082-8FDE-9C8059F7FC0D}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{96163E11-ABF0-437A-BE15-3DF1A44E85E6}] => LPort=2869
FirewallRules: [{03BD1AF7-0BF8-4012-853F-2D3E1098C809}] => LPort=1900
FirewallRules: [{D0D1F8C9-1A69-4B45-A82F-D1DAD5E2882F}] => LPort=50248
FirewallRules: [{F5C16F57-13AC-4E4E-AD71-3ED80DB1F69D}] => C:\Users\Strat_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{69137F3E-852F-45E4-B39F-F2D19F70E1D5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4A08B79-F7ED-4FC3-934D-0EC4ACE17959}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D46F595B-D3D0-42A4-9025-ADB6FD0A3FF5}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{362F7CE5-DD2B-46E8-967E-F4DF562E434B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3B20DC80-CA8C-4E0A-A5CB-28239D6D0F79}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{D9DA139F-DB0D-44D3-9B1E-2D06D1028AB9}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{4DD5C3D0-DC83-44FA-913B-378EF54D3E1A}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [UDP Query User{58ADCCEA-75D9-4A26-9941-7D901358A306}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [TCP Query User{F857059D-70CD-4D81-8D60-3DE90559AC03}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{7AD4CCDF-0565-4FDB-99AA-7AA01273F289}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{0B9814D1-FC19-492C-AE86-AB79AED4839F}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0FD323B4-107E-4B03-BD43-07665AC0A506}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{C21D6139-02D4-4948-B04D-B0AF2642F1E3}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [UDP Query User{18335C91-410A-4437-84C7-DD71E2A62563}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{EC70B2A1-0D56-4AF3-8F04-1A2EE8175FE7}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{C8F5D359-5F4D-4627-9557-78573F067B76}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [TCP Query User{AB75A300-9988-450E-A5B1-4202056FCA9F}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [UDP Query User{2CE85C3B-A38E-48D7-9D14-7A7DE61F945C}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [TCP Query User{3B10EA8E-072F-4384-8471-59C49A30FAE5}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [UDP Query User{85F8B39D-3772-4595-88CF-58B436D29126}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [TCP Query User{493AF417-C7DA-4F7E-9BE6-240D41BDE959}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [UDP Query User{DCAFC2C2-BEC9-4FF7-A219-450332461C36}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [TCP Query User{B53F4142-AEDB-4004-93B4-F4B4859CC4D8}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{5DF53F0B-30DE-41EB-BAE3-60EF23D59F53}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{144BC75D-01B8-40F4-B134-38335FC12A0E}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{FAA398A9-7117-4E50-8EBA-4DD6EF3C1DB7}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{9378CA38-2FD3-41CA-B828-2EAE02F1BE50}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{54E92ACA-1BBD-4BF8-8761-0710C591ACCE}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{61BF9771-BABF-4D83-871A-E16EC7D8D67D}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{C1ECCFF2-9EF4-4312-BC27-19512642FBB2}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{0E1FEDE8-60E0-44CE-A227-4BBC7A8ACA67}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{D37FF8CF-7892-42EA-BAC6-A83D707907A4}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F3ABD6E7-23CF-445F-A263-4CAA404187DF}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EE2C15DC-BD81-4238-BA39-105836117D84}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{EEB6B15F-F713-4305-9227-3B292294E8E0}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{59E77C5F-7298-45CB-8AF5-1A26041EDFD9}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{72CD02D7-BF4E-43AE-B215-50436129B642}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{A9A62307-0B6B-4BB0-AE1C-1638A11D1B2B}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [TCP Query User{6A486716-3E48-44FB-B7AD-68CC21B8EADA}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{177443EE-7A65-4474-B6DC-B1AF157BD1B9}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3428BF3C-D727-40DA-A6BF-BC23B059220C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC3D896C-EE69-469D-9008-91C48EE803AC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A8D0D80-FA38-4165-9F77-960658A79D74}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [UDP Query User{645DD761-18C8-4BF6-8878-9BBD9A1DFC9A}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [TCP Query User{D82CB044-B7D8-48BD-8D64-3E979659CA7F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{444CDFF3-F3DB-4E39-A01B-371A73CD5F47}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B5492246-9F29-41F2-89D0-E0CFB779A1DD}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{C2F78D9F-DCD2-4AF0-A619-583134BC30E7}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [{DB02F1F2-6255-4B6A-90B5-8760337107FD}] => D:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{9E6B2974-AAD0-4DFC-816E-5A07477E24FB}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{AE1B1B82-6510-49A5-97C2-D6AB2E264713}] => D:\Program Files\KeyShot5 Floating\bin\keyshot5_floating.exe
FirewallRules: [{C57DD757-BEFA-4075-8137-ED652A3E4C5B}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{999671FD-B130-4014-90A2-5DBF46894415}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{8CC548E3-B545-4727-B24C-B6E0E840EC93}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{F0C5460A-89EA-4E98-B041-813F56FD667A}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{CC7D2887-A136-4369-ACF9-701A98074FE8}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{D264EAD3-CC5B-41DE-B1B0-F93461B80A18}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{17CE46FF-7AC8-44E0-BF02-CD46E6F7F4EC}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{3EDDAB82-E901-40A6-ABF7-9F130A06B8DC}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{E7493A85-12E5-439D-A513-ACC86D4675A2}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [TCP Query User{A6D8B041-213F-4151-98F6-5500A8A6D08D}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [UDP Query User{819CFFB3-B805-4865-9104-6B993B6C6141}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{0D872B4E-17EC-41A9-B1DD-615EF8847BEA}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{AA621320-F1A7-4ED8-900D-3C7A15C15017}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [TCP Query User{8D07783B-DA13-42DC-9B72-4D6C9CA6A4B4}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{85A28987-0094-4B0E-B5C2-780FA027351F}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{F84B1795-70D6-40C9-A91E-FF12A20A1A4F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{EA5F0A2F-C16C-40FD-AB8D-11429ACEA69F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{9FB94BC4-7B30-4FEB-953D-6D463685DB15}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [UDP Query User{EE95D0B7-8E4B-4F20-A735-91B975B0ADCC}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{F6E70320-65CE-4976-A39A-B6AAF5A319CD}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{3A69E616-CBF2-4FB6-B702-CE19BF7516C9}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{837A0BDF-94A2-47BE-8E17-98D4F88E50B6}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{B0746FDD-D0A0-47C0-BE3D-CC8B4C9C115B}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{35905164-CEE2-4D49-961B-7183F74E5982}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{81C96AF5-83A9-433D-82DC-9AFC8BE49318}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{27DE4CEC-30E0-4DFA-B9CF-82B0F08A496A}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{F030DCD2-3F64-45AD-85C8-3E9A6735553C}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{3C3A58F8-E2F4-49FB-94F8-DAD7C7E8E353}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{A593FF79-ACB9-48DB-8709-A94B08EBFDCE}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [TCP Query User{595CD3E5-958C-450A-A696-F5423FC63089}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{E12775D5-9ABC-49D2-A648-BBF3D2AC663B}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{38DCFB8D-1AC8-4A96-8465-07DDDFCE5BFD}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{92916C34-CBE1-46E4-A0C1-BA3D9095CC38}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{555CA95E-B415-4760-8579-9A25B27C0290}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{EE383DA8-2CB1-44EC-8C00-3CC26A2E6269}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{52AD202E-2C28-43F1-BD59-89A589FCF739}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{9CE4D3D2-C94D-431A-B788-6F2F908F6A32}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [{DBF794C6-F82E-4926-8E53-E8CEE24E25B7}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C17CA1D3-B21D-41BB-A770-ABB9BBD08860}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D092E2F0-A4D6-4258-A8FD-0B77E05CFAB6}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{E3A068FE-81EF-424E-9854-719DD5EEE083}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{34A8704A-1BA5-4E78-AE0B-736CC9A3355C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D87EC244-1E2E-43ED-89FC-8C9DCEC28D30}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45F797C4-66D8-4C5A-B707-4D601535FDAB}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{6E0022AA-86AF-43A4-9721-8201D69881B1}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [TCP Query User{06893087-BA65-4E47-87C6-1A9DEFB5C07D}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{6FC16076-9FF8-4819-AC04-151EE42692F2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{5B2E33F7-6A80-4124-BDD5-486C3F687A1C}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{0DFE5C54-CF2F-4A4F-823A-15EE77A1F7C7}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{74BB7B1E-E2A4-4AAE-A83A-CAC0CFF0F292}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{F6A2F389-D056-4477-9236-99BEDD8AB990}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{C219EEC9-9304-43DA-A02E-47C5550FB0CF}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{90A4EAC3-1B74-4840-9A98-C1AE55BCF5A2}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [{71CB189F-2F53-4995-96AB-EE3A08C7C8C3}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{AAC4EB8F-7A39-4524-8451-E545A0D8BF50}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{B5729983-4D23-48C7-B3B5-C85ECD54D4D8}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{B953E78C-6AFF-4145-9876-9F8268A9FC21}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [{813B74C6-24B6-4FAF-8686-C417EB2109B0}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [{FBB017AE-A882-494C-8953-8A477337BB00}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [TCP Query User{4D29F7EA-B63D-4D82-AA19-5FF380ACACB2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{73F279FA-53CF-48FE-A553-1E0B8FC166B8}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{6DE1E719-63B5-4576-B897-D0F84381DEF8}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [UDP Query User{F9F9238C-3D94-4313-A36B-F12286D6E3FC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [TCP Query User{1EBD238E-E99B-4FA9-A265-A23D236A8E65}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F851EE0D-3A49-4439-8C68-A69C6D9CEEA9}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{C17A6E90-307B-4DC3-9532-A72BA28D7E13}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{B970B650-6B58-46DE-A066-6A50591E1372}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{4885D9A4-32E1-4EE4-A6D6-2CD6A165F75E}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [UDP Query User{917B4B7E-E7CC-4B0E-B1F0-125B3B6D5984}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [TCP Query User{ACEC9B2F-DF32-4388-A0EA-4D2D3C70FFD5}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{582E496F-B3A3-4386-8766-57BE89BD4B1B}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{BB0B7764-C3C8-44E5-8B52-7653B442EF30}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{51D51782-0836-4ED0-8566-6C2F121A9206}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{4A78CA10-FC43-4BD2-ADEB-4A47B746AE3A}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{D2254D85-9005-4F98-93D0-52A8C2ED9525}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{2DEC6473-76A8-41EA-A1A0-C0B7C9CEE5DA}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{A57FFF96-FF6C-433D-A24B-61F6189CDA82}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{FF580F0A-613B-47ED-B66B-C4C2F7A53FC5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{299694CD-1A03-40CF-8D18-227E42292E3D}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{D536004E-885D-48A6-93A0-E9F7523AA42E}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{1D5E4472-2548-4043-AB60-EC42950134F6}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [TCP Query User{F33BA93F-F801-462A-B847-54A7DA65D394}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [UDP Query User{89140C2A-C301-440F-9B0B-55A1430F42F8}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [TCP Query User{4972AA5E-476F-45E9-BD9A-AB6BBADE6B20}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{1FF0173E-13B4-4BB1-906C-129DD6A070F7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{80E67AB3-DB1B-42C5-98F1-C5DC7F732118}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{6EC3A2E6-D98E-4EAA-9279-D3B1DCB1D873}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{5B5441CC-56B0-419E-83AE-3E373E83CED7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{69EC30FA-BE3F-4362-97A1-3000220A2465}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{75BC380F-63F4-4AAF-8F2D-86FC7B46ADB5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{EDCCE7AB-6A5A-4A5D-8785-4339DEE39CE0}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [{0A636003-3528-479F-8A40-20195C0BAD19}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{5738DAF4-AD22-4F63-A7E7-5CA0BB909BBF}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{A62542E4-7F5D-45F8-A2B0-4CA9D2A4BBEC}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0775954-FCAC-4C2F-B276-D9F05337E5F1}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{5515167E-A3F5-48F5-AEA8-1685AE0269D0}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{4C84F3A0-9CC9-4F32-9C47-17FBBD06D737}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{97DE6410-F758-4E29-9CFB-20600C2CD63B}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{71BD6B01-060A-4125-81F1-FF8EF36174CB}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{5CC2725D-23C4-453E-B829-828BF6862000}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F903E9B5-DEF2-4B28-8B5B-77476C142E87}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{3A2C031E-F5BE-49A9-950D-8617A663A885}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{654AC3D1-940C-4C80-BACC-7E0DF0BAB385}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{7EA91798-653B-4713-BA6D-C35C5FC66161}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{00173B88-63BE-410F-999B-D0BDF30559EA}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4D9CF4CC-8906-485F-A554-9FF6616F8243}] => LPort=50493
FirewallRules: [{5BFEFDB5-F338-43E5-B4A3-B7447F59592A}] => LPort=5000
FirewallRules: [TCP Query User{D1104671-7D82-4552-8374-503FEFC7B173}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{F1C4EE4E-7133-4A70-8A5B-EB715DECB5DB}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{F4EBC012-4C9B-4B0A-9055-5536ABCA72A0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{8C3B5AE5-D1B4-4CCE-8ED6-D165DCD70224}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{181AFDF0-B145-494C-B1A8-AD05EB416DC7}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{0964230A-1291-4FC4-943E-30A6BA863DDA}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{C14C2B35-2BBB-4FA6-996E-58A62F434429}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{9CD0AAF4-97AC-40A2-A76D-BEDEA81C38ED}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{C3C87D8E-2C32-439A-8F0F-719898DD5826}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [UDP Query User{DEB563F4-3720-4101-97E9-672EF2052C51}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [TCP Query User{D5720B77-6C66-485F-A890-AE3C1FDD4D5D}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{14236913-4D2D-4B50-891D-70654771B034}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{46FF2D9A-0F3F-4749-8962-71D740E7BD8C}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [UDP Query User{3FDF8896-5053-4299-896A-5ED8651D03CD}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [TCP Query User{1947A3A6-BDAD-4763-A046-0C9E6D5B6771}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [UDP Query User{039B220B-08A5-4922-9AFE-9B053FE53476}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{F70DB554-098B-4EF5-B2F3-9C347B478D6D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{46263FF4-0425-425D-92E7-327CA4A7825D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{B0695D51-3E61-4BB7-A8FF-63FC28B5E5AC}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{20096A1E-9D0E-4E3C-AC1B-3188FC7530DE}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{106A88F1-F0A2-4C7F-95F5-76440A08A109}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{694EF472-82E0-4B7D-9EEB-06E46A391E8C}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{4F0AB3CD-890E-4BDA-9033-DE79A3086B02}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{04D43F88-030A-4275-90D9-B882D7B65DCB}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [TCP Query User{20FA449C-E079-41C2-8DA1-F447D545414C}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{EF374B26-590B-40F1-B24A-FEA487E921D9}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{32CDE5DF-70E7-4F3C-A8B5-A29D48CA988A}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{F4D862D1-D1A1-4A3F-AF09-2078C5CBB85D}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{69775E32-E8E9-4362-97C3-F7A9CBDA8525}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [UDP Query User{4A620198-4132-4148-B93E-F8D86B2B9D25}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{4A67E9AE-AACC-4961-9B75-1F3439B9543F}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{3B976257-3BFA-4EBE-8BB2-A298998E620C}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [TCP Query User{64A35C27-ECCA-4350-9E9D-6F48F563B16F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{C194F2B0-14E4-4202-B1EB-A17AAFBE472F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{27694D1D-CE53-4337-A629-6438BC9B595F}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{5DD6108B-F61F-444A-A634-0D589383E649}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [TCP Query User{CF9F0323-F072-41EE-A4CD-4E84DE85A040}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{5282506B-AE01-498B-A92B-1D12F4494477}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{E4899B7C-A00E-42E1-B2B7-BE38D598F81D}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{1C74F810-9F65-45A2-9DAB-7F97D157C1FE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{81F94168-96C9-45EB-8652-BE3BD3F2B9F4}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [UDP Query User{F6A69B8B-99EF-4BD9-8D85-E04716828D68}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [TCP Query User{CE76F80C-48AA-49BE-9A9F-BB919E849C38}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [UDP Query User{4594E7F3-EEFB-4329-B389-B9EBABB92B6A}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{C92CDDCF-7D42-4A37-923A-04D4F6EA03FA}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{28D42510-D9E4-486E-935F-8ADD84027A22}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [TCP Query User{8D518D0C-9081-43D1-A35E-4A3D61ECAA26}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [UDP Query User{E6DDC5CA-990D-4429-87FC-429787D074BC}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [TCP Query User{A9308F64-3D8A-49D5-9780-9D5272C10846}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [UDP Query User{1EF6429A-E3A4-463B-8D24-664237591AE5}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [TCP Query User{CA864C90-D777-424C-9067-AE34B478CA81}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [UDP Query User{B56F3383-3890-4B7D-9A9A-B7CF30770440}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{1E2D9886-F380-4CC3-9D56-EBCE047B98C5}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{85A45DD1-885B-448A-9847-9EED796FC0AE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [TCP Query User{D6EAD59A-051B-4164-8D14-92B0FB3FA209}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [UDP Query User{AFD99344-E596-4C15-8D09-43C01C6F5147}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{A963F426-DD88-4783-9D87-EC3196206352}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{14EA7183-AEC1-429B-A934-88FE71957385}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{4FF6F839-621D-4491-BC40-481DF3A19C3B}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{5D8BEBD9-40C4-4F16-BA6F-4CEB81EBADD2}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{53BA2B6B-7B76-4BF6-9F28-51D8247E91C7}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{51E257FE-69C3-4533-A2BF-87FDF4071BDF}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{DF1FBDD4-D8FB-4F17-906B-C47C5D624AD0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{18143208-C801-4688-B8BB-FF6F7378727F}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{F7663B8E-CFAF-4CF7-8A7D-D03E77013CFD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22B27A22-A3EB-40B6-AA3A-8789F8C685EF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1245765-4B2B-4084-8997-28FC0ACF475C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{50C231A1-9929-46DE-AADD-807BDF05C814}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{87934A71-4B39-4944-A8E3-90F676C4A92E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D63EBAAC-B876-422E-81B5-5BB553605661}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91E0B6DC-23B6-4396-B1DD-D9B19EB86A4E}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5F2186F5-EE4E-43F9-9B85-2D397956E30C}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6491CDB2-3611-4C02-9CDE-737D98D6D464}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E634B76F-4585-4DBE-A792-E9B02D8AAB34}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF7A02F5-D851-46C1-A7AA-EE92C087AE9E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{772C1C15-151E-486D-B246-E93ADFA57B7E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F76B77B6-20E9-4A11-812F-96EEE09AD674}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CF1F6B31-7E25-4BD7-9684-F6E7DE3264AD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16B2691B-1D96-4DD6-A464-CF435E3BBBF0}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{739CA301-3C83-4909-A25E-5D095F10AF80}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{EE18F89F-A23A-4E32-97A7-6130C9EE58F9}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{177C89B0-4EA5-426D-AF16-50FF2F619991}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{9FD36F7A-96E2-4353-B5E3-FDF73C79E680}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [{9F6029FF-4CC7-4BAD-8731-0F7014432B76}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{336C1EC1-46B7-4511-ADF1-6F9189281BEE}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67F283D0-13BF-42AA-8B84-DED70E4BB1B6}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C80AD0C9-2D15-42FE-BEBE-CFCA134132C2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FA80B06-0608-4989-AEE8-F34289CACB2D}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{0F8CF37E-9E3B-4498-AACC-881A689E8D02}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4DB7C15D-5483-4EE7-9942-F2D610C4C259}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{B52D4938-2A70-4EBD-BDCC-829EF072AE13}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{5B6C4EA5-9266-4C63-8B68-10FA23492FB6}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{54F453BB-4C87-4F62-BE60-7B0729365AB1}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{351C1CC4-64DE-4D5F-ABAC-7BF7C2347AEC}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{044A6B93-D306-4825-B95B-D743067ECAAB}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{15A66BEC-7E64-45E5-864E-AF6822B0CF11}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{DC60EA33-BBA8-483B-80DF-DEAA10E33C64}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{8B2E1EA0-4E33-4474-BB00-3CA6BDA791CA}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{A1E5E47B-4195-461D-8CAE-DA868D6F43B2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F051BF0-FC11-487A-927A-8F2437AF7B54}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{723D36AD-083D-4C5A-A22E-B002AE15BCBF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4D7AA00-3790-4020-B77B-7F57931A417C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9135C4D-51E5-484D-B4BC-0C61F0335FE1}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{95FC9F15-2B45-477A-87F9-B826F7BA3099}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{AA10F175-C941-43F5-A3A2-A72009C3C90E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79851F8F-EE44-4131-89BE-3DADD6AE3036}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{D715EC5C-D0BF-4C58-BE58-729955EC782B}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{B828D04C-D74B-4C96-AABB-54C982E4B185}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [TCP Query User{531F659E-39C5-4577-8966-836B4C42D79B}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [UDP Query User{7CD72028-EA1D-4721-A985-E3CD2FEE964D}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [{26F2EFD9-72A1-42E7-9866-344CEC330888}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C9F4D70-C2F8-4DD5-8A5D-938F4040A0CD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11E81A1B-0517-4146-83F2-7552DFFBC9FD}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
24-01-2017 20:20:20 Installed DirectX
30-01-2017 15:52:55 Removed Python 2.7.13 (64-bit)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/08/2017 04:43:25 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 2
Error: (02/08/2017 04:43:25 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 2
Error: (02/08/2017 04:39:12 PM) (Source: MsiInstaller) (EventID: 11310) (User: STRATOS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Strat_000\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (02/08/2017 04:38:51 PM) (Source: MsiInstaller) (EventID: 11310) (User: STRATOS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Strat_000\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (02/08/2017 04:38:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Strat_000\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/08/2017 04:38:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: app_updater.exe, version: 1.0.37.722, time stamp: 0x5791ae0b
Faulting module name: wbrhelper.dll, version: 1.1.85.722, time stamp: 0x5791adf3
Exception code: 0xc0000005
Fault offset: 0x00091b70
Faulting process id: 0xb4c
Faulting application start time: 0x01d27d87ae160b64
Faulting application path: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
Faulting module path: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\wbrhelper.dll
Report Id: 098a9e79-c3b1-476e-8d91-512977ffb7a5
Faulting package full name:
Faulting package-relative application ID:
Error: (02/02/2017 08:26:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: MBAMCore.dll, version: 3.0.0.524, time stamp: 0x587d20b3
Exception code: 0xc0000005
Fault offset: 0x00000000000560b5
Faulting process id: 0x2f94
Faulting application start time: 0x01d27d89bb8c5ba7
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MBAMCore.dll
Report Id: 77d97039-445d-49d2-8279-764b557fdfa8
Faulting package full name:
Faulting package-relative application ID:
Error: (02/02/2017 08:13:44 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1
Error: (02/02/2017 08:13:44 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1
Error: (02/02/2017 08:09:13 PM) (Source: MsiInstaller) (EventID: 11310) (User: STRATOS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Strat_000\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
System errors:
=============
Error: (02/08/2017 04:38:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Digital Wave Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/08/2017 04:38:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/02/2017 09:53:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/02/2017 08:55:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
Error: (02/02/2017 08:26:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/02/2017 08:08:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/02/2017 08:08:04 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip1click service has reported an invalid current state 0.
Error: (02/02/2017 08:08:04 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip1click service has reported an invalid current state 0.
Error: (02/02/2017 08:08:04 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The OtherSearch service depends on the following service: Lace514. This service might not be installed.
Error: (02/02/2017 08:07:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-01-18 15:02:37.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-18 15:02:37.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-08 12:31:47.580
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702HQ CPU @ 2.20GHz
Percentage of memory in use: 24%
Total physical RAM: 16287.06 MB
Available physical RAM: 12372.98 MB
Total Virtual: 18719.06 MB
Available Virtual: 14777.04 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:226.66 GB) (Free:18.38 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.64 GB) (Free:183.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 993AD5C7)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 36A8EBAC)
Partition: GPT.
==================== End of Addition.txt
|
|
08.02.2017, 17:20
| #4 |
| /// TB-Ausbilder   | Win 10, Trotux eingefangen ein Helfer wird sich bei dir melden. In der Zwischenzeit werden die Logdateien ausgewertet. |
|
08.02.2017, 21:22
| #5 |
| /// TB-Senior   | Win 10, Trotux eingefangenIch habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ Gruß Tician |
|
09.02.2017, 17:21
| #6 |
| /// TB-Senior | Win 10, Trotux eingefangen Hallo und Bevor wir beginnen beachte bitte Folgendes:
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommstCode:
ATTFilter chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Legen wir mal los: Schritt 1: Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Schritt 2:
Schritt 3: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4:
Schritt 5:
__________________ --> Win 10, Trotux eingefangen |
|
09.02.2017, 18:52
| #7 |
| | Win 10, Trotux eingefangen Hallo Tician. Danke, dass du dich um mich kümmerst Hat eine Weile gedauert aber hab jetzt alle Schritte abgearbeitet. Hoffe ich hab alles korrekt ausgeführt. Logdatei vom AdwCleaner: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 09/02/2017 um 17:57:32
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-09.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Strat_000 - STRATOS
# Gestartet von : C:\Users\Strat_000\Desktop\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
[-] Dienst gelöscht: WinSAPSvc
[-] Dienst gelöscht: Archer
[-] Dienst gelöscht: iThemes5
[-] Dienst gelöscht: WinSnare
[-] Dienst gelöscht: Ckemghrajock
[-] Dienst gelöscht: GubZL
[-] Dienst gelöscht: OtherSearch
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Program Files (x86)\WinSnare(4.1.0)
[-] Ordner gelöscht: C:\Users\Strat_000\AppData\Local\Roresebekage
[-] Ordner gelöscht: C:\Users\Strat_000\AppData\Roaming\WinSnare
[-] Ordner gelöscht: C:\Users\Strat_000\AppData\Roaming\Taptherzijaty
[-] Ordner gelöscht: C:\ProgramData\WinSAPSvc
[#] Ordner mit Neustart gelöscht: C:\ProgramData\winsapsvc
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\WinSAPSvc
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\winsapsvc
[-] Ordner gelöscht: C:\Program Files (x86)\WinArcher
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\winarcher
[-] Ordner gelöscht: C:\Program Files (x86)\Terbaent Center
[-] Ordner gelöscht: C:\Program Files (x86)\Sahotplerpoied
[-] Ordner gelöscht: C:\Program Files (x86)\Gub
[#] Ordner mit Neustart gelöscht: C:\Users\Strat_000\AppData\Roaming\WinSnare
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Program Files (x86)\Common Files\SERVICES\ITHEMES.DLL
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: Terbaent Center
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WinSnare
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhtrsq
[-] Schlüssel gelöscht: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342201\Software\jhtrsq
[-] Schlüssel gelöscht: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202345252\Software\jhtrsq
[-] Schlüssel gelöscht: HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\WinSnare
[-] Schlüssel gelöscht: HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202342800\Software\WajIEnhance
[-] Schlüssel gelöscht: HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\Software\Myfree Codec
[-] Schlüssel gelöscht: HKU\S-1-5-21-968931954-2191872932-1542864395-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02022017202346308\Software\WajIEnhance
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhtrsq
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WinSnare
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ScreenShot
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WinArcher
[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhtrsq
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\WinSnare
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhtrsq
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\InterSect Alliance
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]
[-] Wert gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\Themes [DependOnService]
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: TCP/IP Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Strat_000\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
:: Hosts-Datei wiederhergestellt
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7000 Bytes] - [02/02/2017 20:06:41]
C:\AdwCleaner\AdwCleaner[C2].txt - [4387 Bytes] - [09/02/2017 17:57:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [7021 Bytes] - [02/02/2017 20:05:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [4140 Bytes] - [09/02/2017 17:55:32]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4606 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Pro x64
Ran by Strat_000 (Administrator) on 09.02.2017 at 18:02:58.55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\Users\Strat_000\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Strat_000\AppData\Roaming\pdfforge (Folder)
Successfully deleted: C:\WINDOWS\SysWOW64\REN3DD3.tmp (File)
Successfully deleted: C:\WINDOWS\SysWOW64\REND7A0.tmp (File)
Deleted the following from C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\prefs.js
user_pref(browser.startup.homepage, www.startpage.com);
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.02.2017 at 18:04:39.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.02.2017 Suchlaufzeit: 18:19 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2017.02.09.06 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Strat_000 Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 456645 Abgelaufene Zeit: 16 Min., 22 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 1 Adware.Elex, C:\Program Files (x86)\MDESIGN\MDESIGNCanon.dll, Löschen bei Neustart, [77733c642b7def47e31c8965f40c0df3], Registrierungsschlüssel: 6 Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MDESIGNCanon, In Quarantäne, [77733c642b7def47e31c8965f40c0df3], PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{55CA8361-4353-450A-95B9-9ECC893231FE}, Löschen bei Neustart, [509a910fe5c3bc7a8209a3be30d022de], PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Tirationaneberse, Löschen bei Neustart, [a842c3dda40477bf153cd8673ac625db], PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ADF3AF545DA818DD3BF2DCD267C40B7A, In Quarantäne, [7b6ff5ab129645f115242994f80b6898], Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\81BD26IQ, In Quarantäne, [24c6c7d9476162d47fed99ed649c5ea2], PUP.Optional.Wajam, HKU\S-1-5-21-968931954-2191872932-1542864395-501\SOFTWARE\WajIEnhance, In Quarantäne, [cc1ee7b98226d066f5faceb7d52e32ce], Registrierungswerte: 3 PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{55CA8361-4353-450A-95B9-9ECC893231FE}|Path, \Tirationaneberse, Löschen bei Neustart, [509a910fe5c3bc7a8209a3be30d022de] PUP.Optional.Social2Search.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\adf3af545da818dd3bf2dcd267c40b7a|DisplayName, Social2Search, In Quarantäne, [7b6ff5ab129645f115242994f80b6898] Adware.Sasquor.SPL, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\PRINT\PROVIDERS\81bd26iq|Name, C:\Program Files (x86)\Terbaent Center\local64spl.dll, In Quarantäne, [24c6c7d9476162d47fed99ed649c5ea2] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 7 Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\SSL, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\0ab74ec3785d457d6ad17737132923a6, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.SparPilot, C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\jetpack\sparpilot__campaign0@sparpilot.com, In Quarantäne, [57938b15891fc1758f7609590cf40cf4], PUP.Optional.SparPilot, C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\jetpack\sparpilot__campaign0@sparpilot.com\simple-storage, In Quarantäne, [57938b15891fc1758f7609590cf40cf4], Dateien: 40 Adware.Elex, C:\Program Files (x86)\MDESIGN\MDESIGNCanon.dll, Löschen bei Neustart, [77733c642b7def47e31c8965f40c0df3], Adware.Elex, C:\$Recycle.Bin\S-1-5-21-968931954-2191872932-1542864395-1001\$RRT623O.exe, In Quarantäne, [71791b85b8f039fd27f4be0c619f4cb4], PUP.Optional.VBates, C:\Users\Strat_000\AppData\Local\Temp\7470CAA1-7E00-4F2A-8A32-8FAA28C1FC7D\lyi_my.exe, In Quarantäne, [cb1ff3ad3e6abd79b794e635db27837d], PUP.Optional.StartPage, C:\Windows\System32\Tasks\Tirationaneberse, In Quarantäne, [ca207c24dbcdad89a43ad070619f11ef], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\SSL\OtherSearch Inc CA 2.cer, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\SSL\cert.db, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\SSL\xtls.db, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\data.dt, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\kl.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\kl.ecf, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\s.xml, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\slite.exe, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\uninstall.exe, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\updengine.exe, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\certutil.exe, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\mozcrt19.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\nspr4.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\nss3.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\plc4.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\plds4.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\smime3.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], Adware.OtherSearch.Generic, C:\Program Files (x86)\vHQ9mIqDCy\nss\softokn3.dll, In Quarantäne, [3ab07927456348ee5d3228bbf010a15f], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\0ab74ec3785d457d6ad17737132923a6\6164b2c3bafd8455af1abfaaf22670df.ico, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\0ab74ec3785d457d6ad17737132923a6\8d61c56161b5591f92ca1ac9ea164597.ico, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\0ab74ec3785d457d6ad17737132923a6\bc1f65c8a4db08c51415b5dde910e555.ico, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\4282c9dc84a2ff3e191791493b424925.exe, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\8922723286da049565226f2b1703aaf9.exe, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\985ce68a3bd4faf34928a63da520e81d.exe, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\bc1f65c8a4db08c51415b5dde910e555.ico, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.Wajam.Gen, C:\Program Files\adf3af545da818dd3bf2dcd267c40b7a\fdb8ab0fdaf2d2d47a5ce51898d4c85c, In Quarantäne, [ac3ed7c9dfc93df991769e1ad3303cc4], PUP.Optional.SparPilot, C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\jetpack\sparpilot__campaign0@sparpilot.com\simple-storage\store.json, In Quarantäne, [57938b15891fc1758f7609590cf40cf4], PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\81bd26iq.xml, In Quarantäne, [43a7128e951323133ed067baa460fa06], PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=78c02b1356d030e119603b1g8z1b6q4e7q0gcqbw4q&from=isr&uid=ST500LM000-1EJ162_W372VR2RXXXXW372VR2R&type=hp");), Ersetzt,[1ad0f2ae5d4bb97da92bd960946cd729] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (timer", 1485886302); user_pref("app.update.lastUpdateTi), Ersetzt,[e00aa3fd288045f11db71128956bbb45] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (s file. * * If you make changes to this file while the application is running, * the changes will be overwritten when the application exits. * * To make a manual cha), Ersetzt,[a545544cb5f37abc2ca80d2c639dcb35] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (ion is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("PreisHeld.Access), Ersetzt,[71794c544d5b280e5a7adc5de9170000] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (to preferences, you can visit the URL about:config */ user_pref("PreisHeld.AccessId", "ccd92215a8c9d7d9b1caa8b4afe43969"); user_pref("PreisHeld.Activated", true); user_pref("PreisHeld.lastUpda), Ersetzt,[48a2b8e8e6c22a0c7a5a99a0c53b7c84] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: ( changes will be overwritten when the application exi), Ersetzt,[5694adf3c8e0a294be16f247cf317d83] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\prefs.js, Gut: (), Schlecht: (-update-timer", 1485886302); user_pref("app.update.lastUpdateTime.background-update-timer", 1485885702); user_pref("app.update.lastUpdateTime.blocklist-background-upda), Ersetzt,[8763faa65b4d62d4597b9c9dbc44e818] PUP.Optional.Trotux, C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default\searchplugins\81bd26iq.xml, In Quarantäne, [6585e3bd17918fa7e19a87831ee253ad], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2017 Ran by Strat_000 (administrator) on STRATOS (09-02-2017 18:44:29) Running from C:\Users\Strat_000\Desktop Loaded Profiles: Strat_000 & Guest (Available Profiles: Strat_000 & Guest & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dassault Systemes) C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (Autodesk, Inc.) D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (3Dconnexion) D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe (MakerBot) D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\runonce.exe (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe (Malwarebytes) C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-23] (Dell Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] () HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-14] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-18] (Logitech Inc.) HKLM\...\Run: [3DxWare Service] => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2160512 2015-12-10] (3Dconnexion, INC) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Policies\Explorer: [] HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-968931954-2191872932-1542864395-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) ShellExecuteHooks: No Name - {1215881A-DE48-11E6-9639-64006A5CFC23} - C:\Users\Strat_000\AppData\Roaming\Taptherzijaty\Cliqichpuger.dll -> No File ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-12-21] ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) Startup: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-31] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320 2012-05-31] (National Instruments Corporation) Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368 2012-05-31] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162 Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-968931954-2191872932-1542864395-501\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB HKU\S-1-5-21-968931954-2191872932-1542864395-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-05] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> hxxp://www.startpage.com/ FireFox: ======== FF ProfilePath: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default [2017-02-09] FF NewTab: Mozilla\Firefox\Profiles\bcrhru5j.default -> about:newtab FF Keyword.URL: Mozilla\Firefox\Profiles\bcrhru5j.default -> user_pref("keyword.URL", true); FF Extension: (Codebender.cc Plugin) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\codebender@codebender.cc [2016-04-14] FF Extension: (Speed Manager Plus) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{936216dc-1346-4a00-9d4d-ee8a61977a6d}.xpi [2016-05-18] [not signed] FF Extension: (Speed Addon) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{afebcc45-0538-4b91-9ab9-4390df4928c2}.xpi [2015-12-19] [not signed] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\ecosia.xml [2016-04-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-images.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-maps.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\qwantcom.xml [2015-04-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\start-page.xml [2016-11-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage---deutsch.xml [2017-01-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage-https---deutsch.xml [2017-02-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\wikispaces-arduino-info.xml [2016-02-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\youtube.xml [2015-11-21] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-03] [not signed] FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found FF Plugin: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll [2014-05-23] () FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-24] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll [2013-07-10] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-24] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2012-10-04] (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 BBDemon; C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe [53520 2014-12-12] (Dassault Systemes) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.) R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation) S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.) R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation) R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.) R2 MakerBot Conveyor Service; D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe [85504 2016-01-01] (MakerBot) [File not signed] R2 MBAMScheduler; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Mgl3DCtlrRPCService; D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2015-12-10] (3Dconnexion) [File not signed] R2 mitsijm2014; D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation) R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation) R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-11-14] (NVIDIA Corporation) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-09-29] (Microsoft Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [39184 2015-11-07] (3Dconnexion SAM) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation) R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation) R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation) R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-02] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-02] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation) R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2015-11-07] (3Dconnextion Inc.) R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2015-11-07] (3Dconnextion Inc.) S3 LAN7500; C:\WINDOWS\system32\DRIVERS\lan7500-x64-n630f.sys [105960 2015-07-22] (SMSC) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [140672 2016-03-10] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-09] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [4112656 2015-09-23] (Intel Corporation) S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation) S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation) S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation) S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation) R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R3 VSTWinDriver6; C:\WINDOWS\system32\drivers\VSTwindrvr6.sys [252928 2015-08-27] (Jungo) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-09 18:44 - 2017-02-09 18:44 - 00038932 _____ C:\Users\Strat_000\Desktop\FRST.txt 2017-02-09 18:41 - 2017-02-09 18:41 - 00010727 _____ C:\Users\Strat_000\Desktop\mbam.txt 2017-02-09 18:11 - 2017-02-09 18:11 - 00000914 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-02-09 18:09 - 2017-02-09 18:10 - 22851472 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mbam-setup-2.2.1.1043.exe 2017-02-09 18:08 - 2017-02-09 18:08 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-02-09 18:07 - 2017-02-09 18:07 - 55566792 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mb3-setup-consumer-3.0.6.1469.exe 2017-02-09 18:04 - 2017-02-09 18:04 - 00001133 _____ C:\Users\Strat_000\Desktop\JRT.txt 2017-02-09 18:02 - 2017-02-09 18:02 - 01663040 _____ (Malwarebytes) C:\Users\Strat_000\Desktop\JRT.exe 2017-02-09 17:57 - 2017-02-09 17:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-02-09 17:50 - 2017-02-09 17:50 - 04015056 _____ C:\Users\Strat_000\Desktop\AdwCleaner_6.043.exe 2017-02-09 17:43 - 2017-02-09 17:43 - 00000875 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\Users\Strat_000\Desktop\Revo Uninstaller 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-02-09 17:41 - 2017-02-09 17:41 - 07097928 _____ (VS Revo Group ) C:\Users\Strat_000\Desktop\revo202setup.exe 2017-02-09 17:39 - 2017-02-09 17:39 - 00000000 ____D C:\Program Files (x86)\81bd26iq 2017-02-08 16:58 - 2017-02-08 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-08 16:45 - 2017-02-08 16:45 - 00237083 _____ C:\Users\Strat_000\Desktop\Addition_alt.txt 2017-02-08 16:44 - 2017-02-09 18:44 - 00000000 ____D C:\FRST 2017-02-08 16:44 - 2017-02-08 16:45 - 00083934 _____ C:\Users\Strat_000\Desktop\FRST_alt.txt 2017-02-08 16:38 - 2017-02-08 16:38 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\09CF649C.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-02 21:00 - 2017-02-08 16:42 - 02421248 _____ (Farbar) C:\Users\Strat_000\Desktop\FRST64.exe 2017-02-02 20:22 - 2017-02-09 18:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-02 20:22 - 2017-02-09 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-02 20:22 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-02-02 20:09 - 2017-02-02 20:09 - 00007000 _____ C:\Users\Strat_000\Desktop\AdwCleaner[C0]_alt.txt 2017-02-02 20:08 - 2017-02-02 20:08 - 00000000 ____D C:\WINDOWS\Panther 2017-02-02 20:04 - 2017-02-09 17:57 - 00000000 ____D C:\AdwCleaner 2017-02-02 19:54 - 2017-02-02 19:55 - 00000000 ____D C:\WINDOWS\system32\SSL 2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avira 2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avg 2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\AVAST Software 2017-01-30 22:50 - 2017-01-30 22:50 - 03296953 _____ C:\WINDOWS\985ce68a3bd4faf34928a63da520e81d.exe 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Python34 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyScripter-x64 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Program Files\PyScripter 2017-01-25 14:06 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2017-01-25 14:05 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Deployment 2017-01-25 14:05 - 2017-01-25 14:05 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Apps\2.0 2017-01-25 12:59 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 12:59 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-24 21:36 - 2017-01-24 21:36 - 00000000 ____D C:\Users\Strat_000\Downloads\temp 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Risen2 2017-01-20 20:12 - 2017-01-20 20:12 - 00000000 ____D C:\ProgramData\Firefly Studios 2017-01-20 20:11 - 2017-01-20 20:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade 2017-01-20 17:15 - 2017-01-20 19:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2017-01-15 14:56 - 2017-01-15 15:40 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\Program Files\Notepad++ 2017-01-11 17:39 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2017-01-11 17:39 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll 2017-01-11 17:39 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-01-11 17:39 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-01-11 17:39 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-01-11 17:39 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-01-11 17:39 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-01-11 17:39 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-01-11 17:39 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-01-11 17:39 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-01-11 17:39 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-01-11 17:39 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-01-11 17:39 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-01-11 17:39 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-01-11 17:39 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-01-11 17:39 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-01-11 17:39 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-01-11 17:39 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-01-11 17:39 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2017-01-11 17:39 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2017-01-11 17:39 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2017-01-11 17:39 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-01-11 17:39 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-01-11 17:39 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-01-11 17:39 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-01-11 17:39 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-01-11 17:39 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-01-11 17:39 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-01-11 17:39 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-01-11 17:39 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-01-11 17:39 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-01-11 17:39 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-01-11 17:39 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-01-11 17:39 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-01-11 17:39 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-01-11 17:39 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2017-01-11 17:39 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-01-11 17:39 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll 2017-01-11 17:39 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-01-11 17:39 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-01-11 17:39 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-01-11 17:39 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-01-11 17:39 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2017-01-11 17:39 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-01-11 17:39 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-01-11 17:39 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-01-11 17:39 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-01-11 17:39 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-01-11 17:39 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-01-11 17:39 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-01-11 17:39 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-01-11 17:39 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-01-11 17:39 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-01-11 17:39 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-01-11 17:39 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-11 17:39 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-11 17:39 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-11 17:39 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-01-11 17:39 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-11 17:39 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-11 17:39 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-11 17:39 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-11 17:39 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-11 17:39 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-11 17:39 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-11 17:39 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-11 17:39 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-11 17:39 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-11 17:39 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-11 17:39 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-11 17:39 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-11 17:39 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-01-11 17:39 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-11 17:39 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-11 17:39 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2017-01-11 17:39 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-11 17:39 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-11 17:39 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-11 17:39 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-11 17:39 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-11 17:39 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-11 17:39 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-11 17:39 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-11 17:39 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-11 17:39 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-01-11 17:39 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-11 17:39 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-01-11 17:39 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-01-11 17:39 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2017-01-11 17:39 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-01-11 17:39 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2017-01-11 17:39 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2017-01-11 17:39 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2017-01-11 17:39 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-01-11 17:39 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-01-11 17:39 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-11 17:39 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-01-11 17:39 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-01-11 17:39 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2017-01-11 17:39 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2017-01-11 17:39 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-01-11 17:39 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2017-01-11 17:39 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2017-01-11 17:39 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-11 17:39 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-11 17:39 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-01-11 17:39 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-11 17:39 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-11 17:39 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-01-11 17:39 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-11 17:39 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2017-01-11 17:39 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2017-01-11 17:39 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll 2017-01-11 17:39 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2017-01-11 17:39 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll 2017-01-11 17:39 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 17:39 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-11 17:39 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-01-11 17:39 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-01-11 17:39 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2017-01-11 17:39 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-11 17:39 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-01-11 17:39 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll 2017-01-11 17:39 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2017-01-11 17:39 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-01-11 17:39 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll 2017-01-11 17:39 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-01-11 17:39 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-11 17:39 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-01-11 17:39 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-11 17:39 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-01-11 17:39 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2017-01-11 17:39 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-01-11 17:39 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-11 17:39 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-11 17:39 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-11 17:39 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-01-11 17:39 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-11 17:39 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2017-01-11 17:39 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-11 17:39 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-01-11 17:39 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-01-11 17:39 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2017-01-11 17:39 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2017-01-11 17:39 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-01-11 17:39 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-01-11 17:39 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-01-11 17:39 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-11 17:39 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-11 17:39 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-01-11 17:39 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-01-11 17:39 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-01-11 17:39 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-01-11 17:39 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-01-11 17:39 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-11 17:39 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2017-01-11 17:39 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-01-11 17:39 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-01-11 17:39 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-01-11 17:39 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-09 18:43 - 2016-09-28 21:00 - 01702426 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-09 18:41 - 2014-04-04 09:15 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-02-09 18:39 - 2016-09-28 20:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-09 18:39 - 2016-03-27 09:41 - 00000000 __SHD C:\Users\Strat_000\IntelGraphicsProfiles 2017-02-09 18:38 - 2016-09-28 21:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-09 18:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-09 18:38 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-02-09 18:38 - 2014-09-23 15:50 - 00000000 ____D C:\Program Files (x86)\MDESIGN 2017-02-09 18:37 - 2016-09-28 20:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-09 18:00 - 2016-10-12 16:10 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Akamai 2017-02-09 17:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-09 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-08 16:58 - 2016-11-08 20:54 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-08 16:41 - 2016-04-30 11:19 - 00002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-08 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-02 21:53 - 2016-09-28 21:00 - 00000000 ____D C:\Users\Strat_000 2017-02-02 19:54 - 2016-12-21 17:02 - 00000000 ____D C:\Program Files (x86)\National Instruments 2017-02-02 19:54 - 2016-09-29 06:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-02-02 19:54 - 2014-08-22 21:03 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2017-01-30 15:50 - 2015-06-28 14:29 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Eclipse 2017-01-30 15:50 - 2015-06-28 14:23 - 00000000 ____D C:\Users\Strat_000\.p2 2017-01-29 09:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-25 13:19 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-24 20:05 - 2015-10-16 09:42 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Ansys 2017-01-24 16:36 - 2015-09-12 07:18 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-01-24 16:17 - 2016-10-05 16:11 - 00000760 _____ C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2017-01-24 16:17 - 2016-10-05 16:11 - 00000463 _____ C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-24 10:06 - 2014-08-28 21:03 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Adobe 2017-01-22 22:03 - 2014-08-21 22:11 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Packages 2017-01-21 17:57 - 2015-11-04 21:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 12:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-21 10:32 - 2014-11-02 11:08 - 00000000 ___RD C:\Users\Strat_000\Dropbox 2017-01-20 17:15 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2017-01-13 16:07 - 2014-08-21 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 16:04 - 2016-09-28 20:56 - 00446272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-01-13 10:19 - 2016-09-28 21:14 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-13 08:38 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-13 08:37 - 2014-08-22 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-01-12 21:24 - 2014-08-22 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-12 21:22 - 2014-08-22 15:46 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-12 21:21 - 2014-08-22 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ==================== Files in the root of some directories ======= 2016-02-16 20:23 - 2016-02-16 20:23 - 0001164 _____ () C:\Users\Strat_000\AppData\Roaming\CoolTerm_Prefs.plist 2016-10-05 16:11 - 2017-01-24 16:17 - 0000463 _____ () C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2014-09-15 09:29 - 2016-10-05 16:27 - 0001390 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV3.ini 2016-10-05 16:11 - 2017-01-24 16:17 - 0000760 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2016-10-03 10:51 - 2016-10-04 16:20 - 0000103 _____ () C:\Users\Strat_000\AppData\Roaming\WB.CFG 2015-09-05 20:13 - 2015-09-06 16:34 - 0000337 _____ () C:\Users\Strat_000\AppData\Local\Perfmon.PerfmonCfg 2016-12-29 18:14 - 2016-12-29 18:14 - 0013951 _____ () C:\Users\Strat_000\AppData\Local\recently-used.xbel 2016-09-28 20:58 - 2016-09-28 20:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-08-21 20:45 - 2014-08-21 20:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc Some files in TEMP: ==================== 2017-01-25 14:09 - 2017-01-25 14:09 - 22300400 _____ () C:\Users\Strat_000\AppData\Local\Temp\carambis_driver_updater_142a09cc71d44bb5813296336cc515d7965cb751.exe 2017-01-20 20:11 - 2006-08-21 22:09 - 0040960 _____ () C:\Users\Strat_000\AppData\Local\Temp\comver.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-09 18:25 ==================== End of FRST.txt ============================ --- --- --- |
|
09.02.2017, 18:54
| #8 |
| | Win 10, Trotux eingefangen Und noch die Addition.txt in zwei Posts, wegen zu vielen Zeichen: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2017
Ran by Strat_000 (09-02-2017 18:45:02)
Running from C:\Users\Strat_000\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-28 20:15:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-968931954-2191872932-1542864395-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-968931954-2191872932-1542864395-503 - Limited - Disabled)
Guest (S-1-5-21-968931954-2191872932-1542864395-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-968931954-2191872932-1542864395-1003 - Limited - Enabled)
Strat_000 (S-1-5-21-968931954-2191872932-1542864395-1001 - Administrator - Enabled) => C:\Users\Strat_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D XML Player (HKLM\...\{383D9F1B-A4F6-4C6C-A925-05A2636A0176}) (Version: 16.7.14143 - Dassault Systemes)
3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.3.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.3.0.12346 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2016 (Version: 2.1.1 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST8 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS 2005 - 2016 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.2.1 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (x32 Version: 1.0.2.12216 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2016 (Version: 6.1.2 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2016 (Version: 5.1.1 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v11.0 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.4 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.3 - 3Dconnexion) Hidden
3Dconnexion Viewer and Assembly Demo (x32 Version: 0.9.0.0 - 3Dconnexion) Hidden
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.7 - Arduino LLC)
AutoCAD Electrical 2014 - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
AutoCAD Electrical 2014 Language Pack - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
Autodesk 123D Catch (HKLM-x32\...\{413A0A2B-D154-4457-833F-3299DB3183FF}) (Version: 1.0.654 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD Electrical 2014 - Deutsch (German) (HKLM\...\AutoCAD Electrical 2014 - Deutsch (German)) (Version: 11.0.57.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2449 - Autodesk, Inc.)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Professional 2014 - Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.1.22200.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.1.22200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - Deutsch (German) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 SP1 (HKLM\...\Autodesk Inventor Professional 2014 SP1) (Version: 18.1.22200.0000 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Product Design Suite 2014 (HKLM\...\Autodesk Product Design Suite 2014) (Version: 3.0.100.017 - Autodesk)
Autodesk Product Design Suite 2014 (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk Product Design Suite 2014 Language Pack (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
Berkeley Madonna (HKLM-x32\...\{27AB9BD6-4A3E-4BBD-8381-CD445E474936}) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Cura 15.04 (HKLM-x32\...\Cura_15.04) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dassault Systemes Software Version 5-6 Release 2015 (B25) (HKLM\...\Dassault Systemes B25_0) (Version: - )
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
D-Fend Reloaded 1.4.4 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
EVE Online (HKLM\...\Steam App 8500) (Version: - CCP)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
FARO LS 1.1.504.10 (64bit) (HKLM-x32\...\{08828409-24D2-4FD6-9EC4-DF2D8CCC183B}) (Version: 5.4.10.43135 - FARO Scanner Production)
FileZilla Client 3.14.0 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.98.721 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.24.627 - Digital Wave Ltd)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.7.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6e3d3c5f-ea0c-4457-850d-9dd60b6ab95a}) (Version: 16.8.0 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JCreator Pro 5.00 (HKLM-x32\...\JCreator Pro_is1) (Version: - Xinox Software)
KeyShot 5 Floating 64 bit (HKLM-x32\...\KeyShot 5 Floating_64) (Version: 5.0 64 bit Floating - Luxion ApS)
KISSsoft 03-2015 (HKLM-x32\...\{C0293A42-6D5D-4F71-9042-74007EBAFA55}) (Version: 15.03.000 - KISSsoft AG)
K-Lite Codec Pack 12.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.5 - KLCP)
Kontur-Scanner (HKLM-x32\...\{04270C05-149B-46F3-BDB3-22AF8A8B54C2}) (Version: 1.0.5 - Keller)
Logger Pro 3.10.1 (HKLM-x32\...\{B91FFD97-1C41-4877-7B97-9D62814E50AD}) (Version: 5.182.666 - Vernier Software & Technology)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
MakerBot_Bundle_BETA_3.9.1.1346_x64 (HKLM-x32\...\MakerBot) (Version: 3.9.1.1346 - MakerBot)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
Math-Kernel-Bibliotheken (64 Bit) (Version: 1.0.23.0 - National Instruments) Hidden
Math-Kernel-Bibliotheken (x32 Version: 1.0.23.0 - National Instruments) Hidden
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
MDESIGN 2014 (HKLM-x32\...\MDESIGN explorer 15) (Version: 15 - TEDATA)
Mendeley Desktop 1.14 (HKLM-x32\...\Mendeley Desktop) (Version: 1.14 - Mendeley Ltd.)
Mesh Enabler (HKLM-x32\...\{539C1162-6FC6-4011-B59A-FC20916F575E}) (Version: 1.0.5 - Autodesk)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 11.0.544 - Autodesk, Inc.)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.6.0.6200 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
Myo Connect (HKLM-x32\...\Thalmic Labs Myo Connect) (Version: 1.0.1 - Thalmic Labs)
MySQL Connector C++ 1.1.4 (HKLM\...\{1F5C1E97-AE40-4EE7-9959-3D8038B6EAC8}) (Version: 1.1.4 - Oracle and/or its affiliates)
MySQL Connector/C 6.1 (HKLM\...\{4E2AAB30-1E42-4ACA-B1A9-3AE8629D0C89}) (Version: 6.1.5 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.5 (HKLM-x32\...\{BCF64211-43D1-4152-A152-7E30D0D7570D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Examples and Samples 5.5 (HKLM-x32\...\{33A3D172-0E98-4D16-80DD-9CB3D4AC814D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{2D5C73E8-EA6C-4A0A-8B27-FF48B04977E5}) (Version: 1.3.7.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Utilities (HKLM-x32\...\{0B18AA75-6A44-4950-A0A2-A486C2D839A0}) (Version: 1.4.4 - Oracle Corporation)
National Instruments - Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NI Authentication 12.0.0 (64-bit) (Version: 12.0.367.0 - National Instruments) Hidden
NI Authentication 12.0.0 (x32 Version: 12.0.367.0 - National Instruments) Hidden
NI Certificates Deployment Support (x32 Version: 1.03.49152 - National Instruments) Hidden
NI Curl 12.0.0 (64-bit) (Version: 12.0.412.0 - National Instruments) Hidden
NI Curl 12.0.0 (x32 Version: 12.0.412.0 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.10.393 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 12.0.0 (x32 Version: 12.0.46.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 12.0.0 (Version: 12.0.46.0 - National Instruments) Hidden
NI LabVIEW 2012 Deployment Framework (x32 Version: 12.0.369.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 f3 (x32 Version: 12.0.435.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 (x32 Version: 12.0.204.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Webserver 2012 (x32 Version: 12.0.406.0 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI Logos 5.4 (64 Bit) (Version: 5.4.303.0 - National Instruments) Hidden
NI Logos 5.4 (x32 Version: 5.4.303.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.4.295.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.4.295.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.10.393 - National Instruments) Hidden
NI mDNS Responder 2.1 for Windows 64-bit (Version: 2.10.49152 - National Instruments) Hidden
NI mDNS Responder 2.1.0 (x32 Version: 2.10.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 Support (x32 Version: 12.0.125.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 12.0.218.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 12.0.358.0 - National Instruments) Hidden
NI System Web Server 12.0 (x32 Version: 12.0.414.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (64-bit) (Version: 12.0.407.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (x32 Version: 12.0.407.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (64 Bit) (Version: 2.4.55.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (x32 Version: 2.4.55.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 12.0.401.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 12.0.401.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.10.393 - National Instruments) Hidden
NI Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2012. (x32 Version: 12.0.363.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI Web Application Server 12.0 (64 Bit) (Version: 12.0.422.0 - National Instruments) Hidden
NI Web Application Server 12.0 (x32 Version: 12.0.422.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 (x32 Version: 2.7.180.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0 - National Instruments) Hidden
NI-ActiveX-Container (64-bit) (Version: 12.0.14.0 - National Instruments) Hidden
NI-ActiveX-Container (x32 Version: 12.0.14.0 - National Instruments) Hidden
NI-DIM 1.13.0f0 (x32 Version: 1.130.49152 - National Instruments) Hidden
NI-DIM 1.13.0f0 for 64 Bit Windows (Version: 1.130.49152 - National Instruments) Hidden
NI-Fehlerprotokolle 2012 (x32 Version: 12.0.172.0 - National Instruments) Hidden
NI-ORB 1.10.0f0 (x32 Version: 1.100.49152 - National Instruments) Hidden
NI-ORB 1.10.0f0 for 64 Bit Windows (Version: 1.100.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 (x32 Version: 10.91.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 for 64 Bit Windows (Version: 10.91.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 (x32 Version: 4.30.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 for 64 Bit Windows (Version: 4.30.49152 - National Instruments) Hidden
NI-VISA Runtime 5.2.0 (x32 Version: 5.20.49152 - National Instruments) Hidden
NI-VISA x64 support 5.2.0 (Version: 5.20.49152 - National Instruments) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3 - Notepad++ Team)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC)
PureSync (x32 Version: 4.4.2 - Jumping Bytes) Hidden
PureSync 4.4.2 (HKLM-x32\...\PureSync) (Version: 4.4.2 - Jumping Bytes)
PyScripter 2.6.0 (HKLM\...\PyScripter_is1) (Version: 2.6.0 - PyScripter)
Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version: - Piranha Bytes)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SMSC LAN7500 Device Driver (HKLM\...\{DE2877F8-0FD0-471D-9A5C-79B8FD6EEE61}) (Version: 13.08.08.0 - SMSC)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0046 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version: - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version: - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version: - FireFly Studios)
Stronghold Legends (HKLM\...\Steam App 40980) (Version: - FireFly Studios)
SWITCHdrive (HKLM-x32\...\SWITCHdrive) (Version: 1.8.1.328 - SWITCH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
TI-Nspire™ CX CAS Student Software (HKLM-x32\...\{E994956D-8CA7-4091-BFF5-0C749470BA2E}) (Version: 4.0.0.235 - Texas Instruments Inc.)
Unterstützung für NI SSL (64 Bit) (Version: 12.0.408.0 - National Instruments) Hidden
Unterstützung für NI SSL (x32 Version: 12.0.408.0 - National Instruments) Hidden
Update for Skype for Business 2015 (KB3141468) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PRJPROR_{0BA3C700-ABED-4994-BB60-2FD66DFAF674}) (Version: - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VISA Shared Components 64-Bit (HKLM-x32\...\VISASharedComponents) (Version: - )
VISA Shared Components 64-Bit (Version: 1.4.0 - IVI Foundation Inc.) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
WhatsApp (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Driver Package - MakerBot Industries (WinUsb) USBDevice (09/11/2015 100.2.0.0) (HKLM\...\D015024C58122C3796867839B7E92961E6A4C307) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\04E27032638FDAAC836AACDBF2A93300A4E13BD1) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\0ED5517650E58DD9FB879217FC7CF165DEC4583B) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\67352CAC0149049BD2BE7B68AB77464472C339CD) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\9F57D28C2B5AEBAF582F84C4BE4F2AB1798631C9) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami)
yEd Graph Editor 3.13 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.13 - yWorks GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)
Z88Aurora V3 (HKLM\...\{3AFDAB60-DBBD-449F-974E-6EF6430440E3}) (Version: 2.0 - Lehrstuhl fuer Konstruktionlehre und CAD, Universitaet Bayreuth)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\Autodesk\webdeploy\production\b8535b136583feacdb288f6ed972e6555b191b85\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01AC3BCD-91B5-442A-838C-06A4AECEDB68} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {10FF88E4-4F5C-4210-9CF1-FCF6FE125565} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-09] (Realtek Semiconductor)
Task: {276A56A3-61FE-48EF-A91B-6A45BF7A44F3} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {27A5FBFB-A20A-44D3-BEE1-CE8D54127415} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {29ED19C1-4DB1-4E68-9D61-D58D1F051D58} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {34442C84-E788-4C75-810E-2C62198AF600} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CDB011F-78FE-464C-ACF0-73C56EDE66D0} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2015-12-10] (3Dconnexion, INC)
Task: {5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6A0B907B-24B9-40C9-BD32-913B05D1D72B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6ACCE957-2398-43C6-AE25-584C75C63E4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {6DD54919-F068-4A0A-8871-0CA3EA898CB5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {6E8B881F-E3C2-4164-8878-2876EA2DE1D9} - System32\Tasks\{88AC59FD-2726-4F6F-A67C-F19C07F7D797} => pcalua.exe -a C:\Users\Strat_000\Downloads\Arduino\CDM_v2.12.00_WHQL_Certified.exe -d C:\Users\Strat_000\Downloads\Arduino
Task: {71F5F33F-9F6D-4917-A791-46476F8F8196} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-06] (Synaptics Incorporated)
Task: {73EC7F04-D64B-4B09-9880-782D0B9E8A63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {774D4959-E21E-48AC-9B68-6F4664BB7CE3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {81E0FC16-5D40-4E14-A306-744E9744283D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {855DD682-45F8-422C-97BC-413992ED2AF5} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-01] ()
Task: {88A50F63-9FBE-4DC8-9311-3932E2C4C74E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8C1F448D-150B-42ED-B35D-1179B9A5C2B3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {944BDA3A-5EFE-477C-9B12-1DFFF82E983D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {A146860A-EB9D-4058-9225-8B1F04E65473} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A49DA27C-BFD6-4512-B975-40563AFC6375} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.6\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {A61FA6F1-8E22-4429-B94D-BCD11AF58D68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7827E95-2F5C-4356-83EA-2BB2B5F78E86} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AA028DCF-8E68-4658-8FBE-995D7AB78540} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ACCFAFE1-0665-4ED4-81E6-0D3585C8AE6C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B4808A2E-A8D2-4050-B621-AB299C0F4D4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BFF9D5AA-8F2F-4682-81C3-6F259CB8BFA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE06EE05-1671-4C23-BCD8-F0380A83F633} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wurm Online\Wurm Online.lnk -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.wurmonline.com/client/wurmclient.jnlp "C:\Users\Strat_000\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\5fef8269-714a391b"
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-28 20:59 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-22 17:17 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-22 23:12 - 2016-02-22 23:12 - 00138240 _____ () D:\Program Files\Makerbot\MakerWare\jsoncpp.dll
2015-12-07 20:18 - 2015-12-07 20:18 - 00111616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ctypes.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00047616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_socket.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 01210368 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ssl.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00474624 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_hashlib.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00010752 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\select.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00689664 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\unicodedata.pyd
2015-08-19 22:48 - 2015-08-19 22:48 - 02596352 _____ () D:\Program Files\Makerbot\MakerWare\vtkCommon.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 03111424 _____ () D:\Program Files\Makerbot\MakerWare\vtkFiltering.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 05822464 _____ () D:\Program Files\Makerbot\MakerWare\vtkGraphics.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 04569600 _____ () D:\Program Files\Makerbot\MakerWare\vtkIO.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02572288 _____ () D:\Program Files\Makerbot\MakerWare\opencv_core2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 01200640 _____ () D:\Program Files\Makerbot\MakerWare\opencv_calib3d2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02236928 _____ () D:\Program Files\Makerbot\MakerWare\opencv_imgproc2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02413056 _____ () D:\Program Files\Makerbot\MakerWare\opencv_highgui2410.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00050688 _____ () D:\Program Files\Makerbot\MakerWare\boost_date_time-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00116224 _____ () D:\Program Files\Makerbot\MakerWare\boost_filesystem-vc120-mt-1_56.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00019456 _____ () D:\Program Files\Makerbot\MakerWare\boost_system-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00100864 _____ () D:\Program Files\Makerbot\MakerWare\boost_thread-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00243200 _____ () D:\Program Files\Makerbot\MakerWare\vtksys.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00116736 _____ () D:\Program Files\Makerbot\MakerWare\vtkDICOMParser.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00159232 _____ () D:\Program Files\Makerbot\MakerWare\vtkverdict.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00783360 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00110592 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF_cxx.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00080896 _____ () D:\Program Files\Makerbot\MakerWare\LSDyna.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00611328 _____ () D:\Program Files\Makerbot\MakerWare\vtkmetaio.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00127488 _____ () D:\Program Files\Makerbot\MakerWare\vtkpng.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00065024 _____ () D:\Program Files\Makerbot\MakerWare\vtkzlib.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00141312 _____ () D:\Program Files\Makerbot\MakerWare\vtkjpeg.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00314880 _____ () D:\Program Files\Makerbot\MakerWare\vtktiff.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00128000 _____ () D:\Program Files\Makerbot\MakerWare\vtkexpat.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00656896 _____ () D:\Program Files\Makerbot\MakerWare\opencv_flann2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00869888 _____ () D:\Program Files\Makerbot\MakerWare\opencv_features2d2410.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00028672 _____ () D:\Program Files\Makerbot\MakerWare\boost_chrono-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 02085888 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00097280 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5_hl.dll
2016-02-23 00:11 - 2016-02-23 00:11 - 00107520 _____ () D:\Program Files\Makerbot\MakerWare\tinything.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla\FileZilla FTP Client\fzshellext_64.dll
2015-05-14 16:36 - 2015-05-14 16:36 - 00059904 _____ () C:\Program Files (x86)\SWITCHdrive\shellext\OCUtil_x64.dll
2016-09-29 19:13 - 2016-09-29 19:13 - 00959168 _____ () C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-06 19:10 - 2016-07-06 19:10 - 01249792 _____ () C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-29 06:53 - 2016-09-29 06:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:39 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:39 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:39 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-10-16 00:48 - 2014-10-16 00:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-21 20:47 - 2016-02-24 05:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-08-21 20:47 - 2016-02-24 05:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-06-29 18:14 - 2016-07-22 07:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2012-05-29 18:07 - 2012-05-29 18:07 - 01958560 _____ () C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll
2014-04-04 09:09 - 2013-09-12 05:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-02-09 17:57 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-968931954-2191872932-1542864395-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
DNS Servers: 62.2.17.61 - 62.2.24.158
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "Synology Cloud Station Drive.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Boxcryptor.exe"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "PureSync"
|
|
09.02.2017, 18:55
| #9 |
| | Win 10, Trotux eingefangen Hier der zweite Teil der Addition.txt: Code:
ATTFilter ==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{4FC1D526-EF5A-4967-8B8F-BBA348CF3B98}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{1D91F143-4DBA-4103-BF7C-8F0A0BE214CE}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{3AA47883-2275-4002-93AB-3EB175A00776}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [TCP Query User{77A98965-8254-4441-B3FA-72487E2F3A66}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [{0FEB7A54-AB1C-4113-8581-88A1A1D9DCB0}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{0A43AFC9-B2D6-4905-B033-885849EB19EF}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{7A9ED19D-239E-4B26-A0CA-CF258389F525}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{D59B3327-671A-4933-8525-E1F8AED67A7A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{8EA6FB88-0402-4E29-98F9-153E6A793B7F}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{6C1E5429-92B1-42C1-8810-294F55BD83A4}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{CF54E191-727B-44E7-8728-23DF668614FC}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{A8C03A37-6B8A-45D2-9239-C0813D13363A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{628D3104-C402-4D92-965A-4FCDA6A06B27}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6608F61-5D07-477D-89F5-1CA76A7BA4E2}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8AAB0F8-8D2E-45C8-8664-3674A8BBDEE5}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE5BCB22-7F43-435B-BD76-BBDDF18A45E2}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{382C072E-19EA-46A9-80D3-B3CD6391FAB4}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [TCP Query User{694FB801-CD9C-42F3-9F15-D710543E0EAE}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{E958FC1D-5113-42CE-8858-96E7C482E13C}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [TCP Query User{76C6585F-23DD-49ED-A105-F43F2D4A8270}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [UDP Query User{CEA97193-0A27-4872-86DC-A75D60E9D0C3}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{0AC9B4CE-B421-4F89-AC4F-F19E88CE6981}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{1DBB1F1E-3DAA-4E2C-A835-5995134E66C6}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{7D867815-9417-4D85-80D7-FA16BE154953}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [{CD9F58CA-4C3C-455B-9C79-E1DBB81D4271}] => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B64B6C2F-A98F-4696-A97C-DA0C0E03DA55}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4219914F-17B0-4082-8FDE-9C8059F7FC0D}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{96163E11-ABF0-437A-BE15-3DF1A44E85E6}] => LPort=2869
FirewallRules: [{03BD1AF7-0BF8-4012-853F-2D3E1098C809}] => LPort=1900
FirewallRules: [{D0D1F8C9-1A69-4B45-A82F-D1DAD5E2882F}] => LPort=50248
FirewallRules: [{F5C16F57-13AC-4E4E-AD71-3ED80DB1F69D}] => C:\Users\Strat_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{69137F3E-852F-45E4-B39F-F2D19F70E1D5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4A08B79-F7ED-4FC3-934D-0EC4ACE17959}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D46F595B-D3D0-42A4-9025-ADB6FD0A3FF5}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{362F7CE5-DD2B-46E8-967E-F4DF562E434B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3B20DC80-CA8C-4E0A-A5CB-28239D6D0F79}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{D9DA139F-DB0D-44D3-9B1E-2D06D1028AB9}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{4DD5C3D0-DC83-44FA-913B-378EF54D3E1A}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [UDP Query User{58ADCCEA-75D9-4A26-9941-7D901358A306}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [TCP Query User{F857059D-70CD-4D81-8D60-3DE90559AC03}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{7AD4CCDF-0565-4FDB-99AA-7AA01273F289}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{0B9814D1-FC19-492C-AE86-AB79AED4839F}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0FD323B4-107E-4B03-BD43-07665AC0A506}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{C21D6139-02D4-4948-B04D-B0AF2642F1E3}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [UDP Query User{18335C91-410A-4437-84C7-DD71E2A62563}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{EC70B2A1-0D56-4AF3-8F04-1A2EE8175FE7}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{C8F5D359-5F4D-4627-9557-78573F067B76}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [TCP Query User{AB75A300-9988-450E-A5B1-4202056FCA9F}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [UDP Query User{2CE85C3B-A38E-48D7-9D14-7A7DE61F945C}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [TCP Query User{3B10EA8E-072F-4384-8471-59C49A30FAE5}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [UDP Query User{85F8B39D-3772-4595-88CF-58B436D29126}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [TCP Query User{493AF417-C7DA-4F7E-9BE6-240D41BDE959}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [UDP Query User{DCAFC2C2-BEC9-4FF7-A219-450332461C36}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [TCP Query User{B53F4142-AEDB-4004-93B4-F4B4859CC4D8}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{5DF53F0B-30DE-41EB-BAE3-60EF23D59F53}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{144BC75D-01B8-40F4-B134-38335FC12A0E}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{FAA398A9-7117-4E50-8EBA-4DD6EF3C1DB7}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{9378CA38-2FD3-41CA-B828-2EAE02F1BE50}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{54E92ACA-1BBD-4BF8-8761-0710C591ACCE}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{61BF9771-BABF-4D83-871A-E16EC7D8D67D}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{C1ECCFF2-9EF4-4312-BC27-19512642FBB2}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{0E1FEDE8-60E0-44CE-A227-4BBC7A8ACA67}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{D37FF8CF-7892-42EA-BAC6-A83D707907A4}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F3ABD6E7-23CF-445F-A263-4CAA404187DF}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EE2C15DC-BD81-4238-BA39-105836117D84}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{EEB6B15F-F713-4305-9227-3B292294E8E0}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{59E77C5F-7298-45CB-8AF5-1A26041EDFD9}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{72CD02D7-BF4E-43AE-B215-50436129B642}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{A9A62307-0B6B-4BB0-AE1C-1638A11D1B2B}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [TCP Query User{6A486716-3E48-44FB-B7AD-68CC21B8EADA}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{177443EE-7A65-4474-B6DC-B1AF157BD1B9}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3428BF3C-D727-40DA-A6BF-BC23B059220C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC3D896C-EE69-469D-9008-91C48EE803AC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A8D0D80-FA38-4165-9F77-960658A79D74}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [UDP Query User{645DD761-18C8-4BF6-8878-9BBD9A1DFC9A}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [TCP Query User{D82CB044-B7D8-48BD-8D64-3E979659CA7F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{444CDFF3-F3DB-4E39-A01B-371A73CD5F47}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B5492246-9F29-41F2-89D0-E0CFB779A1DD}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{C2F78D9F-DCD2-4AF0-A619-583134BC30E7}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [{DB02F1F2-6255-4B6A-90B5-8760337107FD}] => D:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{9E6B2974-AAD0-4DFC-816E-5A07477E24FB}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{AE1B1B82-6510-49A5-97C2-D6AB2E264713}] => D:\Program Files\KeyShot5 Floating\bin\keyshot5_floating.exe
FirewallRules: [{C57DD757-BEFA-4075-8137-ED652A3E4C5B}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{999671FD-B130-4014-90A2-5DBF46894415}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{8CC548E3-B545-4727-B24C-B6E0E840EC93}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{F0C5460A-89EA-4E98-B041-813F56FD667A}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{CC7D2887-A136-4369-ACF9-701A98074FE8}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{D264EAD3-CC5B-41DE-B1B0-F93461B80A18}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{17CE46FF-7AC8-44E0-BF02-CD46E6F7F4EC}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{3EDDAB82-E901-40A6-ABF7-9F130A06B8DC}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{E7493A85-12E5-439D-A513-ACC86D4675A2}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [TCP Query User{A6D8B041-213F-4151-98F6-5500A8A6D08D}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [UDP Query User{819CFFB3-B805-4865-9104-6B993B6C6141}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{0D872B4E-17EC-41A9-B1DD-615EF8847BEA}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{AA621320-F1A7-4ED8-900D-3C7A15C15017}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [TCP Query User{8D07783B-DA13-42DC-9B72-4D6C9CA6A4B4}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{85A28987-0094-4B0E-B5C2-780FA027351F}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{F84B1795-70D6-40C9-A91E-FF12A20A1A4F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{EA5F0A2F-C16C-40FD-AB8D-11429ACEA69F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{9FB94BC4-7B30-4FEB-953D-6D463685DB15}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [UDP Query User{EE95D0B7-8E4B-4F20-A735-91B975B0ADCC}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{F6E70320-65CE-4976-A39A-B6AAF5A319CD}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{3A69E616-CBF2-4FB6-B702-CE19BF7516C9}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{837A0BDF-94A2-47BE-8E17-98D4F88E50B6}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{B0746FDD-D0A0-47C0-BE3D-CC8B4C9C115B}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{35905164-CEE2-4D49-961B-7183F74E5982}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{81C96AF5-83A9-433D-82DC-9AFC8BE49318}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{27DE4CEC-30E0-4DFA-B9CF-82B0F08A496A}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{F030DCD2-3F64-45AD-85C8-3E9A6735553C}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{3C3A58F8-E2F4-49FB-94F8-DAD7C7E8E353}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{A593FF79-ACB9-48DB-8709-A94B08EBFDCE}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [TCP Query User{595CD3E5-958C-450A-A696-F5423FC63089}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{E12775D5-9ABC-49D2-A648-BBF3D2AC663B}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{38DCFB8D-1AC8-4A96-8465-07DDDFCE5BFD}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{92916C34-CBE1-46E4-A0C1-BA3D9095CC38}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{555CA95E-B415-4760-8579-9A25B27C0290}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{EE383DA8-2CB1-44EC-8C00-3CC26A2E6269}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{52AD202E-2C28-43F1-BD59-89A589FCF739}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{9CE4D3D2-C94D-431A-B788-6F2F908F6A32}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [{DBF794C6-F82E-4926-8E53-E8CEE24E25B7}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C17CA1D3-B21D-41BB-A770-ABB9BBD08860}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D092E2F0-A4D6-4258-A8FD-0B77E05CFAB6}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{E3A068FE-81EF-424E-9854-719DD5EEE083}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{34A8704A-1BA5-4E78-AE0B-736CC9A3355C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D87EC244-1E2E-43ED-89FC-8C9DCEC28D30}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45F797C4-66D8-4C5A-B707-4D601535FDAB}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{6E0022AA-86AF-43A4-9721-8201D69881B1}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [TCP Query User{06893087-BA65-4E47-87C6-1A9DEFB5C07D}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{6FC16076-9FF8-4819-AC04-151EE42692F2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{5B2E33F7-6A80-4124-BDD5-486C3F687A1C}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{0DFE5C54-CF2F-4A4F-823A-15EE77A1F7C7}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{74BB7B1E-E2A4-4AAE-A83A-CAC0CFF0F292}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{F6A2F389-D056-4477-9236-99BEDD8AB990}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{C219EEC9-9304-43DA-A02E-47C5550FB0CF}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{90A4EAC3-1B74-4840-9A98-C1AE55BCF5A2}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [{71CB189F-2F53-4995-96AB-EE3A08C7C8C3}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{AAC4EB8F-7A39-4524-8451-E545A0D8BF50}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{B5729983-4D23-48C7-B3B5-C85ECD54D4D8}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{B953E78C-6AFF-4145-9876-9F8268A9FC21}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [{813B74C6-24B6-4FAF-8686-C417EB2109B0}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [{FBB017AE-A882-494C-8953-8A477337BB00}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [TCP Query User{4D29F7EA-B63D-4D82-AA19-5FF380ACACB2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{73F279FA-53CF-48FE-A553-1E0B8FC166B8}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{6DE1E719-63B5-4576-B897-D0F84381DEF8}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [UDP Query User{F9F9238C-3D94-4313-A36B-F12286D6E3FC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [TCP Query User{1EBD238E-E99B-4FA9-A265-A23D236A8E65}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F851EE0D-3A49-4439-8C68-A69C6D9CEEA9}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{C17A6E90-307B-4DC3-9532-A72BA28D7E13}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{B970B650-6B58-46DE-A066-6A50591E1372}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{4885D9A4-32E1-4EE4-A6D6-2CD6A165F75E}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [UDP Query User{917B4B7E-E7CC-4B0E-B1F0-125B3B6D5984}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [TCP Query User{ACEC9B2F-DF32-4388-A0EA-4D2D3C70FFD5}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{582E496F-B3A3-4386-8766-57BE89BD4B1B}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{BB0B7764-C3C8-44E5-8B52-7653B442EF30}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{51D51782-0836-4ED0-8566-6C2F121A9206}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{4A78CA10-FC43-4BD2-ADEB-4A47B746AE3A}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{D2254D85-9005-4F98-93D0-52A8C2ED9525}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{2DEC6473-76A8-41EA-A1A0-C0B7C9CEE5DA}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{A57FFF96-FF6C-433D-A24B-61F6189CDA82}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{FF580F0A-613B-47ED-B66B-C4C2F7A53FC5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{299694CD-1A03-40CF-8D18-227E42292E3D}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{D536004E-885D-48A6-93A0-E9F7523AA42E}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{1D5E4472-2548-4043-AB60-EC42950134F6}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [TCP Query User{F33BA93F-F801-462A-B847-54A7DA65D394}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [UDP Query User{89140C2A-C301-440F-9B0B-55A1430F42F8}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [TCP Query User{4972AA5E-476F-45E9-BD9A-AB6BBADE6B20}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{1FF0173E-13B4-4BB1-906C-129DD6A070F7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{80E67AB3-DB1B-42C5-98F1-C5DC7F732118}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{6EC3A2E6-D98E-4EAA-9279-D3B1DCB1D873}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{5B5441CC-56B0-419E-83AE-3E373E83CED7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{69EC30FA-BE3F-4362-97A1-3000220A2465}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{75BC380F-63F4-4AAF-8F2D-86FC7B46ADB5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{EDCCE7AB-6A5A-4A5D-8785-4339DEE39CE0}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [{0A636003-3528-479F-8A40-20195C0BAD19}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{5738DAF4-AD22-4F63-A7E7-5CA0BB909BBF}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{A62542E4-7F5D-45F8-A2B0-4CA9D2A4BBEC}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0775954-FCAC-4C2F-B276-D9F05337E5F1}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{5515167E-A3F5-48F5-AEA8-1685AE0269D0}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{4C84F3A0-9CC9-4F32-9C47-17FBBD06D737}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{97DE6410-F758-4E29-9CFB-20600C2CD63B}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{71BD6B01-060A-4125-81F1-FF8EF36174CB}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{5CC2725D-23C4-453E-B829-828BF6862000}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F903E9B5-DEF2-4B28-8B5B-77476C142E87}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{3A2C031E-F5BE-49A9-950D-8617A663A885}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{654AC3D1-940C-4C80-BACC-7E0DF0BAB385}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{7EA91798-653B-4713-BA6D-C35C5FC66161}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{00173B88-63BE-410F-999B-D0BDF30559EA}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4D9CF4CC-8906-485F-A554-9FF6616F8243}] => LPort=50493
FirewallRules: [{5BFEFDB5-F338-43E5-B4A3-B7447F59592A}] => LPort=5000
FirewallRules: [TCP Query User{D1104671-7D82-4552-8374-503FEFC7B173}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{F1C4EE4E-7133-4A70-8A5B-EB715DECB5DB}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{F4EBC012-4C9B-4B0A-9055-5536ABCA72A0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{8C3B5AE5-D1B4-4CCE-8ED6-D165DCD70224}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{181AFDF0-B145-494C-B1A8-AD05EB416DC7}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{0964230A-1291-4FC4-943E-30A6BA863DDA}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{C14C2B35-2BBB-4FA6-996E-58A62F434429}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{9CD0AAF4-97AC-40A2-A76D-BEDEA81C38ED}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{C3C87D8E-2C32-439A-8F0F-719898DD5826}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [UDP Query User{DEB563F4-3720-4101-97E9-672EF2052C51}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [TCP Query User{D5720B77-6C66-485F-A890-AE3C1FDD4D5D}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{14236913-4D2D-4B50-891D-70654771B034}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{46FF2D9A-0F3F-4749-8962-71D740E7BD8C}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [UDP Query User{3FDF8896-5053-4299-896A-5ED8651D03CD}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [TCP Query User{1947A3A6-BDAD-4763-A046-0C9E6D5B6771}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [UDP Query User{039B220B-08A5-4922-9AFE-9B053FE53476}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{F70DB554-098B-4EF5-B2F3-9C347B478D6D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{46263FF4-0425-425D-92E7-327CA4A7825D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{B0695D51-3E61-4BB7-A8FF-63FC28B5E5AC}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{20096A1E-9D0E-4E3C-AC1B-3188FC7530DE}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{106A88F1-F0A2-4C7F-95F5-76440A08A109}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{694EF472-82E0-4B7D-9EEB-06E46A391E8C}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{4F0AB3CD-890E-4BDA-9033-DE79A3086B02}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{04D43F88-030A-4275-90D9-B882D7B65DCB}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [TCP Query User{20FA449C-E079-41C2-8DA1-F447D545414C}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{EF374B26-590B-40F1-B24A-FEA487E921D9}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{32CDE5DF-70E7-4F3C-A8B5-A29D48CA988A}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{F4D862D1-D1A1-4A3F-AF09-2078C5CBB85D}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{69775E32-E8E9-4362-97C3-F7A9CBDA8525}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [UDP Query User{4A620198-4132-4148-B93E-F8D86B2B9D25}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{4A67E9AE-AACC-4961-9B75-1F3439B9543F}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{3B976257-3BFA-4EBE-8BB2-A298998E620C}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [TCP Query User{64A35C27-ECCA-4350-9E9D-6F48F563B16F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{C194F2B0-14E4-4202-B1EB-A17AAFBE472F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{27694D1D-CE53-4337-A629-6438BC9B595F}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{5DD6108B-F61F-444A-A634-0D589383E649}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [TCP Query User{CF9F0323-F072-41EE-A4CD-4E84DE85A040}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{5282506B-AE01-498B-A92B-1D12F4494477}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{E4899B7C-A00E-42E1-B2B7-BE38D598F81D}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{1C74F810-9F65-45A2-9DAB-7F97D157C1FE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{81F94168-96C9-45EB-8652-BE3BD3F2B9F4}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [UDP Query User{F6A69B8B-99EF-4BD9-8D85-E04716828D68}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [TCP Query User{CE76F80C-48AA-49BE-9A9F-BB919E849C38}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [UDP Query User{4594E7F3-EEFB-4329-B389-B9EBABB92B6A}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{C92CDDCF-7D42-4A37-923A-04D4F6EA03FA}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{28D42510-D9E4-486E-935F-8ADD84027A22}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [TCP Query User{8D518D0C-9081-43D1-A35E-4A3D61ECAA26}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [UDP Query User{E6DDC5CA-990D-4429-87FC-429787D074BC}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [TCP Query User{A9308F64-3D8A-49D5-9780-9D5272C10846}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [UDP Query User{1EF6429A-E3A4-463B-8D24-664237591AE5}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [TCP Query User{CA864C90-D777-424C-9067-AE34B478CA81}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [UDP Query User{B56F3383-3890-4B7D-9A9A-B7CF30770440}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{1E2D9886-F380-4CC3-9D56-EBCE047B98C5}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{85A45DD1-885B-448A-9847-9EED796FC0AE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [TCP Query User{D6EAD59A-051B-4164-8D14-92B0FB3FA209}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [UDP Query User{AFD99344-E596-4C15-8D09-43C01C6F5147}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{A963F426-DD88-4783-9D87-EC3196206352}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{14EA7183-AEC1-429B-A934-88FE71957385}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{4FF6F839-621D-4491-BC40-481DF3A19C3B}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{5D8BEBD9-40C4-4F16-BA6F-4CEB81EBADD2}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{53BA2B6B-7B76-4BF6-9F28-51D8247E91C7}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{51E257FE-69C3-4533-A2BF-87FDF4071BDF}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{DF1FBDD4-D8FB-4F17-906B-C47C5D624AD0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{18143208-C801-4688-B8BB-FF6F7378727F}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{F7663B8E-CFAF-4CF7-8A7D-D03E77013CFD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22B27A22-A3EB-40B6-AA3A-8789F8C685EF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1245765-4B2B-4084-8997-28FC0ACF475C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{50C231A1-9929-46DE-AADD-807BDF05C814}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{87934A71-4B39-4944-A8E3-90F676C4A92E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D63EBAAC-B876-422E-81B5-5BB553605661}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91E0B6DC-23B6-4396-B1DD-D9B19EB86A4E}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5F2186F5-EE4E-43F9-9B85-2D397956E30C}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6491CDB2-3611-4C02-9CDE-737D98D6D464}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E634B76F-4585-4DBE-A792-E9B02D8AAB34}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF7A02F5-D851-46C1-A7AA-EE92C087AE9E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{772C1C15-151E-486D-B246-E93ADFA57B7E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F76B77B6-20E9-4A11-812F-96EEE09AD674}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CF1F6B31-7E25-4BD7-9684-F6E7DE3264AD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16B2691B-1D96-4DD6-A464-CF435E3BBBF0}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{739CA301-3C83-4909-A25E-5D095F10AF80}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{EE18F89F-A23A-4E32-97A7-6130C9EE58F9}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{177C89B0-4EA5-426D-AF16-50FF2F619991}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{9FD36F7A-96E2-4353-B5E3-FDF73C79E680}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [{9F6029FF-4CC7-4BAD-8731-0F7014432B76}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{336C1EC1-46B7-4511-ADF1-6F9189281BEE}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67F283D0-13BF-42AA-8B84-DED70E4BB1B6}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C80AD0C9-2D15-42FE-BEBE-CFCA134132C2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FA80B06-0608-4989-AEE8-F34289CACB2D}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{0F8CF37E-9E3B-4498-AACC-881A689E8D02}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4DB7C15D-5483-4EE7-9942-F2D610C4C259}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{B52D4938-2A70-4EBD-BDCC-829EF072AE13}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{5B6C4EA5-9266-4C63-8B68-10FA23492FB6}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{54F453BB-4C87-4F62-BE60-7B0729365AB1}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{351C1CC4-64DE-4D5F-ABAC-7BF7C2347AEC}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{044A6B93-D306-4825-B95B-D743067ECAAB}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{15A66BEC-7E64-45E5-864E-AF6822B0CF11}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{DC60EA33-BBA8-483B-80DF-DEAA10E33C64}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{A1E5E47B-4195-461D-8CAE-DA868D6F43B2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F051BF0-FC11-487A-927A-8F2437AF7B54}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{723D36AD-083D-4C5A-A22E-B002AE15BCBF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4D7AA00-3790-4020-B77B-7F57931A417C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9135C4D-51E5-484D-B4BC-0C61F0335FE1}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{95FC9F15-2B45-477A-87F9-B826F7BA3099}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{AA10F175-C941-43F5-A3A2-A72009C3C90E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79851F8F-EE44-4131-89BE-3DADD6AE3036}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{D715EC5C-D0BF-4C58-BE58-729955EC782B}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{B828D04C-D74B-4C96-AABB-54C982E4B185}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [TCP Query User{531F659E-39C5-4577-8966-836B4C42D79B}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [UDP Query User{7CD72028-EA1D-4721-A985-E3CD2FEE964D}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [{26F2EFD9-72A1-42E7-9866-344CEC330888}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C9F4D70-C2F8-4DD5-8A5D-938F4040A0CD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11E81A1B-0517-4146-83F2-7552DFFBC9FD}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4BBCB332-05EF-4C18-AF9D-16D4F81F58C1}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: STMicroelectronics 3-Axis Digital Accelerometer
Description: STMicroelectronics 3-Axis Digital Accelerometer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: STMicroelectronics
Service: ST_Accel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/09/2017 06:44:44 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1
Error: (02/09/2017 06:44:44 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 1
Error: (02/09/2017 06:39:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Strat_000\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/09/2017 06:39:05 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :8080 .
Error: (02/09/2017 06:39:05 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: Can't open a socket on , port 8080 .
Error: (02/09/2017 06:38:57 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (02/09/2017 06:38:57 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (02/09/2017 06:38:57 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (02/09/2017 06:38:57 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (02/09/2017 06:38:57 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (02/09/2017 06:43:52 PM) (Source: DCOM) (EventID: 10010) (User: STRATOS)
Description: The server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} did not register with DCOM within the required timeout.
Error: (02/09/2017 06:41:51 PM) (Source: DCOM) (EventID: 10010) (User: STRATOS)
Description: The server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} did not register with DCOM within the required timeout.
Error: (02/09/2017 06:39:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/09/2017 06:38:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/09/2017 06:33:21 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (02/09/2017 06:27:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.
Error: (02/09/2017 06:16:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/09/2017 06:11:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/09/2017 06:01:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/09/2017 05:58:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-01-18 15:02:37.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-18 15:02:37.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-08 12:31:47.580
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702HQ CPU @ 2.20GHz
Percentage of memory in use: 20%
Total physical RAM: 16287.06 MB
Available physical RAM: 12925.49 MB
Total Virtual: 18719.06 MB
Available Virtual: 15429.57 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:226.66 GB) (Free:20.77 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.64 GB) (Free:183.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 993AD5C7)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 36A8EBAC)
Partition: GPT.
==================== End of Addition.txt ============================
|
|
10.02.2017, 22:34
| #10 | |
| /// TB-Senior | Win 10, Trotux eingefangen Hi! gut gemacht wir sind schon einiges los geworden, aber noch nicht fertig. Schritt 1: Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Code:
ATTFilter C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{afebcc45-0538-4b91-9ab9-4390df4928c2}.xpi
Schritt 2: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Policies\Explorer: []
ShellExecuteHooks: No Name - {1215881A-DE48-11E6-9639-64006A5CFC23} - C:\Users\Strat_000\AppData\Roaming\Taptherzijaty\Cliqichpuger.dll -> No File
Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
2017-02-02 19:54 - 2017-02-02 19:55 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avira
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avg
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\AVAST Software
Task: {27A5FBFB-A20A-44D3-BEE1-CE8D54127415} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {73EC7F04-D64B-4B09-9880-782D0B9E8A63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {774D4959-E21E-48AC-9B68-6F4664BB7CE3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88A50F63-9FBE-4DC8-9311-3932E2C4C74E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8C1F448D-150B-42ED-B35D-1179B9A5C2B3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A146860A-EB9D-4058-9225-8B1F04E65473} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A61FA6F1-8E22-4429-B94D-BCD11AF58D68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7827E95-2F5C-4356-83EA-2BB2B5F78E86} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE06EE05-1671-4C23-BCD8-F0380A83F633} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
2017-02-09 17:39 - 2017-02-09 17:39 - 00000000 ____D C:\Program Files (x86)\81bd26iq
C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default
C:\WINDOWS\985ce68a3bd4faf34928a63da520e81d.exe
Edge HomeButtonPage: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> hxxp://www.startpage.com/
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
CMD: type "C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\profiles.ini"
cmd: type C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 3:
__________________ Gruß Tician |
|
11.02.2017, 18:46
| #11 |
| | Win 10, Trotux eingefangen Hi Das tönt sehr gut Hier der Scan der ersten Datei: https://www.virustotal.com/de/file/d907a2c69cb121ab9bf679de089b8f00404efbd08899167c8e3f5eafb09158b5/analysis/ Hier der Scan der zweiten Datei https://www.virustotal.com/de/file/fd0682d83b5074fa64ebb9ebc63cea6cc02b596c30856d62c29e9f0b5013aac9/analysis/ Hier der Inhalt der Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 11-02-2017 01
Ran by Strat_000 (11-02-2017 18:31:24) Run:1
Running from C:\Users\Strat_000\Desktop
Loaded Profiles: Strat_000 & Guest (Available Profiles: Strat_000 & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Policies\Explorer: []
ShellExecuteHooks: No Name - {1215881A-DE48-11E6-9639-64006A5CFC23} - C:\Users\Strat_000\AppData\Roaming\Taptherzijaty\Cliqichpuger.dll -> No File
Tcpip\Parameters: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 62.2.17.61 62.2.24.158 62.2.17.60 62.2.24.162
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
2017-02-02 19:54 - 2017-02-02 19:55 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avira
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\Avg
2017-02-02 19:54 - 2017-02-02 19:54 - 00000000 ____D C:\ProgramData\AVAST Software
Task: {27A5FBFB-A20A-44D3-BEE1-CE8D54127415} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {73EC7F04-D64B-4B09-9880-782D0B9E8A63} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {774D4959-E21E-48AC-9B68-6F4664BB7CE3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88A50F63-9FBE-4DC8-9311-3932E2C4C74E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8C1F448D-150B-42ED-B35D-1179B9A5C2B3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {A146860A-EB9D-4058-9225-8B1F04E65473} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A61FA6F1-8E22-4429-B94D-BCD11AF58D68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A7827E95-2F5C-4356-83EA-2BB2B5F78E86} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE06EE05-1671-4C23-BCD8-F0380A83F633} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
2017-02-09 17:39 - 2017-02-09 17:39 - 00000000 ____D C:\Program Files (x86)\81bd26iq
C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default
C:\WINDOWS\985ce68a3bd4faf34928a63da520e81d.exe
Edge HomeButtonPage: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> hxxp://www.startpage.com/
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
CMD: type "C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\profiles.ini"
cmd: type C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
EmptyTemp:
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{1215881A-DE48-11E6-9639-64006A5CFC23} => value removed successfully
HKCR\CLSID\{1215881A-DE48-11E6-9639-64006A5CFC23} => key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}\\DhcpNameServer => value removed successfully
ibtsiva => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
ibtsiva => service removed successfully
C:\WINDOWS\system32\SSL => moved successfully
C:\ProgramData\Avira => moved successfully
C:\ProgramData\Avg => moved successfully
C:\ProgramData\AVAST Software => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{27A5FBFB-A20A-44D3-BEE1-CE8D54127415} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27A5FBFB-A20A-44D3-BEE1-CE8D54127415} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DB2A946-F2B6-42BB-B57E-312A7F9D8CD3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73EC7F04-D64B-4B09-9880-782D0B9E8A63} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73EC7F04-D64B-4B09-9880-782D0B9E8A63} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{774D4959-E21E-48AC-9B68-6F4664BB7CE3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{774D4959-E21E-48AC-9B68-6F4664BB7CE3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77CFB6F7-9BA2-42AD-9FDF-FC662732BC5E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88A50F63-9FBE-4DC8-9311-3932E2C4C74E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88A50F63-9FBE-4DC8-9311-3932E2C4C74E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C1F448D-150B-42ED-B35D-1179B9A5C2B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C1F448D-150B-42ED-B35D-1179B9A5C2B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A146860A-EB9D-4058-9225-8B1F04E65473} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A146860A-EB9D-4058-9225-8B1F04E65473} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A61FA6F1-8E22-4429-B94D-BCD11AF58D68} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A61FA6F1-8E22-4429-B94D-BCD11AF58D68} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7827E95-2F5C-4356-83EA-2BB2B5F78E86} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7827E95-2F5C-4356-83EA-2BB2B5F78E86} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C28EDD4F-A586-4919-9DE9-99CB22CDC1D7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE06EE05-1671-4C23-BCD8-F0380A83F633} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE06EE05-1671-4C23-BCD8-F0380A83F633} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBDD3982-7903-44E0-BFA1-5B8D8B8F5B52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
C:\Program Files (x86)\81bd26iq => moved successfully
C:\Users\Strat_000\AppData\Roaming\Profiles\Ckiferph.default => moved successfully
C:\WINDOWS\985ce68a3bd4faf34928a63da520e81d.exe => moved successfully
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\Users\Strat_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => Shortcut argument removed successfully.
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\AutoCADScriptFile => key removed successfully
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Classes\.scr => key removed successfully
========= type "C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========
[General]
StartWithLastProfile=1
[Profile0]
Name=default
IsRelative=1
Path=Profiles/bcrhru5j.default
========= End of CMD: =========
========= type C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat =========
@echo off
if exist igfxEM.exe start igfxEM.exe
if exist igfxHK.exe start igfxHK.exe
if exist igfxTray.exe start igfxTray.exe
del /Q {A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
========= End of CMD: =========
========= dir "%ProgramFiles%" =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\Program Files
09.02.2017 18:38 <DIR> .
09.02.2017 18:38 <DIR> ..
02.10.2016 20:12 <DIR> ANSYS Inc
20.10.2016 18:49 <DIR> Autodesk
17.04.2016 12:35 <DIR> Bonjour
17.10.2015 13:04 <DIR> Canon
02.10.2016 08:44 <DIR> Common Files
21.04.2016 14:13 <DIR> Dassault Systemes
04.04.2014 09:07 <DIR> Dell
28.09.2016 21:02 <DIR> DIFX
22.08.2014 18:24 <DIR> GIMP 2
28.09.2016 21:02 <DIR> Intel
13.01.2017 16:04 <DIR> Internet Explorer
24.12.2016 10:51 <DIR> iPod
24.12.2016 10:51 <DIR> iTunes
21.12.2016 17:03 <DIR> IVI Foundation
08.10.2015 15:38 <DIR> Java
08.04.2016 16:41 <DIR> Logitech
28.03.2016 09:49 <DIR> Logitech Gaming Software
02.02.2017 20:22 <DIR> Malwarebytes
23.05.2015 22:13 <DIR> Maple 18
02.10.2016 18:20 <DIR> MATLAB
12.10.2016 19:00 <DIR> Microsoft Office
13.01.2017 08:37 <DIR> Microsoft Office 15
04.01.2015 11:15 <DIR> Microsoft Sync Framework
29.09.2016 06:49 <DIR> MSBuild
13.10.2015 17:35 <DIR> MySQL
21.12.2016 17:03 <DIR> National Instruments
15.01.2017 14:56 <DIR> Notepad++
28.09.2016 21:02 <DIR> NVIDIA Corporation
02.10.2016 08:44 <DIR> PTC
30.01.2017 15:54 <DIR> PyScripter
28.09.2016 20:58 <DIR> Realtek
29.09.2016 06:49 <DIR> Reference Assemblies
28.09.2016 20:57 <DIR> STMicroelectronics
28.09.2016 20:56 <DIR> Synaptics
27.03.2016 09:47 <DIR> Waves
29.09.2016 06:54 <DIR> Windows Defender
02.10.2016 16:33 <DIR> Windows Defender Advanced Threat Protection
12.10.2016 19:21 <DIR> Windows Mail
30.10.2016 19:04 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
16.07.2016 12:47 <DIR> Windows NT
12.10.2016 19:21 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
0 File(s) 0 bytes
46 Dir(s) 22ÿ564ÿ139ÿ008 bytes free
========= End of CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\Program Files (x86)
11.02.2017 18:31 <DIR> .
11.02.2017 18:31 <DIR> ..
08.04.2016 16:41 <DIR> 3Dconnexion
04.11.2015 21:42 <DIR> Adobe
04.04.2014 09:12 <DIR> AGEIA Technologies
17.04.2016 12:35 <DIR> Apple Software Update
18.02.2016 13:04 <DIR> Arduino
12.10.2016 19:00 <DIR> Autodesk
11.07.2015 17:01 <DIR> BibLaTeX
15.03.2016 19:40 <DIR> BlueJ
17.04.2016 12:35 <DIR> Bonjour
17.10.2015 13:04 <DIR> Canon
05.10.2016 16:26 <DIR> Cisco
24.01.2017 20:21 <DIR> Common Files
02.02.2017 19:54 <DIR> ControlCenter4
17.09.2014 11:42 <DIR> Dassault Systemes
09.02.2017 18:46 <DIR> Dell Backup and Recovery
04.04.2014 09:14 <DIR> Dell Digital Delivery
08.02.2017 16:58 <DIR> Dropbox
20.10.2016 18:49 <DIR> DWG TrueView 2014
02.10.2016 18:24 <DIR> Elaborate Bytes
29.06.2016 18:14 <DIR> FreeCodecPack
20.01.2017 20:11 <DIR> GameSpy Arcade
30.04.2016 11:19 <DIR> Google
27.03.2016 09:25 <DIR> Intel
13.01.2017 16:04 <DIR> Internet Explorer
21.12.2016 17:03 <DIR> IVI Foundation
08.07.2015 20:26 <DIR> JabRef
05.11.2016 16:59 <DIR> Java
30.06.2016 09:17 <DIR> Jumping Bytes
08.12.2016 20:51 <DIR> K-Lite Codec Pack
21.12.2016 17:04 <DIR> Keller
08.04.2016 16:41 <DIR> Logitech
15.09.2014 20:43 <DIR> Macey & Oster
03.03.2016 12:51 <DIR> MarkAny
09.02.2017 18:38 <DIR> MDESIGN
03.09.2015 09:30 <DIR> Mendeley Desktop
20.02.2016 10:29 <DIR> Microsoft Analysis Services
20.02.2016 10:30 <DIR> Microsoft Office
22.08.2014 15:15 <DIR> Microsoft SkyDrive
04.04.2014 09:14 <DIR> Microsoft SQL Server Compact Edition
21.08.2014 20:46 <DIR> Microsoft WSE
28.09.2016 21:03 <DIR> Microsoft.NET
06.09.2015 16:01 <DIR> MiKTeX 2.9
26.10.2014 14:40 <DIR> Mozilla Filezilla
21.12.2016 17:03 <DIR> Mozilla Firefox
08.01.2017 10:02 <DIR> Mozilla Maintenance Service
08.01.2017 10:02 <DIR> Mozilla Thunderbird
29.09.2016 06:49 <DIR> MSBuild
13.10.2015 17:35 <DIR> MySQL
02.02.2017 19:54 <DIR> National Instruments
04.04.2014 09:12 <DIR> NVIDIA Corporation
16.09.2014 21:43 <DIR> PDF Architect 2
16.09.2014 21:43 <DIR> PDFCreator
02.10.2016 08:44 <DIR> PokerStars
23.09.2015 18:58 <DIR> QuickTime
04.04.2014 09:09 <DIR> Realtek
02.02.2017 19:54 <DIR> Reference Assemblies
20.02.2016 10:51 <DIR> Samsung
04.04.2014 09:09 <DIR> ST Microelectronics
09.06.2015 17:50 <DIR> SWITCHdrive
04.03.2016 09:29 <DIR> Synology
08.07.2015 20:52 <DIR> Texmaker
22.08.2014 21:11 <DIR> Webocton - Scriptly
29.09.2016 06:54 <DIR> Windows Defender
04.04.2014 09:14 <DIR> Windows Live
28.09.2016 21:03 <DIR> Windows Mail
30.10.2016 19:04 <DIR> Windows Media Player
16.07.2016 12:47 <DIR> Windows Multimedia Platform
16.07.2016 12:47 <DIR> Windows NT
12.10.2016 19:21 <DIR> Windows Photo Viewer
16.07.2016 12:47 <DIR> Windows Portable Devices
16.07.2016 12:47 <DIR> WindowsPowerShell
23.10.2015 10:07 <DIR> Xinox Software
05.10.2014 12:35 <DIR> yWorks
0 File(s) 0 bytes
75 Dir(s) 22ÿ564ÿ139ÿ008 bytes free
========= End of CMD: =========
========= dir "%ProgramData%" =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\ProgramData
02.11.2014 19:47 <DIR> 34BE82C4-E596-4e99-A191-52C6199EBF69
08.04.2016 16:41 <DIR> 3Dconnexion
17.11.2015 17:15 <DIR> Adobe
14.09.2014 20:45 <DIR> Apple
14.09.2014 20:45 <DIR> Apple Computer
31.10.2016 17:59 <DIR> Autodesk
06.12.2016 15:49 <DIR> Blizzard Entertainment
24.01.2017 16:36 <DIR> boost_interprocess
22.08.2014 21:03 <DIR> Brother
17.10.2015 13:03 <DIR> Canon IJ Network Tool
05.10.2016 16:26 <DIR> Cisco
16.07.2016 12:47 <DIR> Comms
06.07.2015 16:40 <DIR> ControlCenter4
02.10.2016 18:23 <DIR> DAEMON Tools Lite
27.09.2015 14:16 <DIR> DassaultSystemes
04.04.2014 09:14 <DIR> Dell
04.07.2015 09:44 <DIR> Dropbox
17.04.2016 12:36 <DIR> E1864A66-75E3-486a-BD95-D1B7D99A84A7
07.09.2015 19:58 <DIR> FARO
20.01.2017 20:12 <DIR> Firefly Studios
21.08.2014 20:53 <DIR> FLEXnet
04.04.2014 09:13 <DIR> Intel
04.04.2014 09:13 <DIR> Intel.sav
21.12.2016 17:03 <DIR> IVI Foundation
23.10.2015 10:11 <DIR> JCreator
30.05.2016 17:45 <DIR> Jumping Bytes
03.09.2015 09:26 <DIR> Logishrd
29.12.2014 20:51 <DIR> Logitech
28.03.2016 09:29 <DIR> Logs
02.02.2017 20:22 <DIR> Malwarebytes
02.10.2016 18:15 <DIR> MathWorks
23.09.2014 16:09 <DIR> MDESIGN
12.01.2017 21:22 <DIR> Microsoft Help
29.09.2016 19:13 <DIR> Microsoft OneDrive
22.08.2014 15:15 <DIR> Microsoft SkyDrive
21.08.2014 20:45 153 Microsoft.SqlServer.Compact.351.32.bc
06.09.2015 15:34 <DIR> MiKTeX
22.08.2014 18:40 <DIR> Mozilla
13.10.2015 17:32 <DIR> MySQL
29.12.2016 12:45 <DIR> National Instruments
28.09.2016 20:59 <DIR> NVIDIA
28.09.2016 21:03 <DIR> NVIDIA Corporation
05.11.2016 16:59 <DIR> Oracle
08.01.2017 09:53 <DIR> Package Cache
22.08.2014 21:03 <DIR> PCFaxTx
16.09.2014 21:42 <DIR> PDF Architect 2
21.10.2016 16:16 <DIR> PreEmptive Solutions
02.10.2016 08:44 <DIR> PTC
13.01.2017 08:38 <DIR> regid.1991-06.com.microsoft
04.04.2014 09:13 <DIR> Roaming
09.01.2016 12:08 <DIR> SafeNet Sentinel
20.02.2016 10:51 <DIR> Samsung
08.04.2016 16:42 <DIR> SketchUp
15.03.2016 19:41 <DIR> Skype
21.08.2014 22:19 <DIR> softthinks
16.07.2016 12:47 <DIR> SoftwareDistribution
28.03.2016 09:29 <DIR> TEMP
09.01.2016 12:07 <DIR> TI-Nspire CX CAS
02.04.2015 12:54 <DIR> TuneUp Software
29.09.2016 19:10 <DIR> USOPrivate
29.09.2016 19:10 <DIR> USOShared
23.09.2015 18:58 <DIR> Vernier
1 File(s) 153 bytes
61 Dir(s) 22ÿ564ÿ134ÿ912 bytes free
========= End of CMD: =========
========= dir "%Appdata%" =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\Users\Strat_000\AppData\Roaming
09.02.2017 18:03 <DIR> .
09.02.2017 18:03 <DIR> ..
09.04.2016 13:27 <DIR> 3Dconnexion
17.11.2015 17:15 <DIR> Adobe
24.01.2017 20:05 <DIR> Ansys
29.05.2016 17:43 <DIR> Apple Computer
01.11.2016 19:32 <DIR> Arduino15
18.12.2016 16:13 <DIR> Autodesk
30.04.2015 15:33 <DIR> Autodesk Navisworks Manage 2014
30.04.2015 15:33 <DIR> Autodesk Navisworks Simulate 2014
29.05.2016 17:39 <DIR> BackupTrans
21.09.2014 12:59 <DIR> Brother
19.09.2014 22:22 <DIR> cadenas
21.10.2015 17:28 <DIR> Canon
22.06.2016 16:30 <DIR> cef3-cache
16.02.2016 20:23 1ÿ164 CoolTerm_Prefs.plist
02.10.2016 18:25 <DIR> DAEMON Tools Lite
06.10.2014 20:45 <DIR> DassaultSystemes
02.04.2015 13:07 <DIR> dlg
08.11.2016 20:53 <DIR> Dropbox
06.01.2017 18:42 <DIR> DVDVideoSoft
20.02.2016 10:15 <DIR> e-academy Inc
25.03.2016 14:36 <DIR> EFX
06.07.2015 20:01 <DIR> Embrio
08.10.2015 16:55 <DIR> FileZilla
10.01.2015 14:00 <DIR> FiraxisLive
06.07.2015 20:19 <DIR> Fritzing
01.09.2015 18:07 <DIR> GoPro
13.01.2015 11:08 <DIR> GRASS6
20.11.2016 10:56 <DIR> gtk-2.0
18.09.2014 12:12 <DIR> hpss
15.03.2015 19:42 <DIR> Identities
21.08.2014 22:11 <DIR> Intel
21.08.2014 22:13 <DIR> Intel Corporation
23.10.2015 10:11 <DIR> JCreator
30.06.2016 09:17 <DIR> Jumping Bytes
03.03.2016 15:15 <DIR> KISSsoft AG
30.05.2015 08:33 <DIR> Logishrd
29.12.2014 20:51 <DIR> Logitech
21.08.2014 22:16 <DIR> Macromedia
07.05.2016 16:56 <DIR> MakerBot
17.09.2014 11:09 <DIR> Maple
17.09.2014 11:26 <DIR> MathWorks
06.09.2015 15:38 <DIR> MiKTeX
24.01.2017 16:17 463 MobileTool-Global.ini
05.10.2016 16:27 1ÿ390 MobileToolAnyConnectV3.ini
24.01.2017 16:17 760 MobileToolAnyConnectV4.ini
17.02.2015 16:56 <DIR> Mount&Blade Warband
19.10.2015 21:05 <DIR> Mount&Blade With Fire and Sword
21.08.2014 22:24 <DIR> Mozilla
15.01.2017 15:40 <DIR> Notepad++
23.03.2016 19:51 <DIR> NVIDIA
13.10.2015 17:35 <DIR> Oracle
22.06.2016 16:30 <DIR> Party
16.09.2014 21:44 <DIR> PDF Architect 2
11.02.2017 18:31 <DIR> Profiles
25.03.2016 14:37 <DIR> PTC
17.11.2015 17:22 <DIR> PTC Download
08.01.2017 12:46 <DIR> PyScripter
12.10.2016 19:28 <DIR> Python
20.02.2016 10:51 <DIR> Samsung
16.05.2015 12:38 <DIR> Skype
02.10.2016 20:10 <DIR> SpaceClaim
16.07.2015 17:09 <DIR> Subversion
08.10.2015 15:38 <DIR> Sun
15.09.2014 21:14 <DIR> TeamViewer
15.01.2016 10:25 <DIR> Texas Instruments
22.08.2014 18:40 <DIR> Thunderbird
09.01.2016 12:10 <DIR> TI-Nspire CX
06.10.2016 16:49 <DIR> TS3Client
02.04.2015 12:54 <DIR> TuneUp Software
04.10.2016 16:20 103 WB.CFG
22.08.2014 21:11 <DIR> Webocton - Scriptly
06.01.2017 20:28 <DIR> WhatsApp
08.07.2015 21:29 <DIR> xm1
29.12.2016 10:42 <DIR> Yousician Launcher
05.10.2014 12:35 <DIR> yWorks
04.10.2016 16:22 <DIR> {FC44CAFF-D916-A789-B220-805B6EF27D65}
5 File(s) 3ÿ880 bytes
73 Dir(s) 22ÿ564ÿ130ÿ816 bytes free
========= End of CMD: =========
========= dir "%LocalAppdata%" =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\Users\Strat_000\AppData\Local
11.02.2017 18:18 <DIR> .
11.02.2017 18:18 <DIR> ..
08.04.2016 16:43 <DIR> 3Dconnexion
18.09.2014 12:12 <DIR> 3dmouse
27.03.2016 09:43 <DIR> ActiveSync
24.01.2017 10:06 <DIR> Adobe
10.02.2017 17:58 <DIR> Akamai
02.10.2016 20:10 <DIR> Ansys
14.09.2014 20:45 <DIR> Apple
14.09.2014 20:46 <DIR> Apple Computer
25.01.2017 14:05 <DIR> Apps
01.11.2016 19:08 <DIR> Arduino15
20.10.2016 18:49 <DIR> Autodesk
31.10.2016 18:01 <DIR> Autodesk,_Inc
07.09.2015 20:04 <DIR> backburner
30.04.2015 15:34 <DIR> cache
04.12.2016 21:47 <DIR> CCP
24.07.2015 08:27 <DIR> CEF
13.12.2016 11:15 <DIR> chromium
15.09.2014 09:19 <DIR> Cisco
02.10.2016 08:45 <DIR> CloudStation
27.03.2016 09:41 <DIR> Comms
01.10.2016 06:33 <DIR> ConnectedDevicesPlatform
08.04.2015 19:49 <DIR> DassaultSystemes
25.01.2017 14:06 <DIR> Deployment
12.09.2015 07:11 <DIR> Diagnostics
02.10.2016 20:24 <DIR> Disc_Soft_Ltd
02.10.2016 16:31 <DIR> Downloaded Installations
08.11.2016 21:52 <DIR> Dropbox
30.01.2017 15:50 <DIR> Eclipse
20.07.2016 16:39 <DIR> ElevatedDiagnostics
22.08.2014 18:28 <DIR> fontconfig
13.10.2016 16:28 <DIR> Fusion 360 CAM
22.08.2014 18:28 <DIR> gegl-0.2
30.04.2016 11:19 <DIR> Google
01.09.2015 17:36 <DIR> GoPro
29.12.2016 18:09 <DIR> gtk-2.0
06.06.2015 11:23 <DIR> GWX
22.08.2014 15:08 <DIR> Intel_Corporation
03.09.2015 09:26 <DIR> Logishrd
05.05.2016 08:21 <DIR> Logitech
13.04.2015 21:07 <DIR> Luxion
21.08.2014 20:04 <DIR> Macromedia
17.09.2014 11:27 <DIR> MathWorks
03.09.2015 09:30 <DIR> Mendeley Ltd
06.11.2016 10:41 <DIR> Microsoft
28.10.2014 21:56 <DIR> Microsoft Help
14.04.2016 19:09 <DIR> MicrosoftEdge
06.09.2015 15:38 <DIR> MiKTeX
21.08.2014 22:24 <DIR> Mozilla
15.11.2014 14:27 <DIR> My Games
21.12.2016 18:58 <DIR> National Instruments
09.02.2017 19:08 <DIR> Packages
29.09.2016 19:28 <DIR> PackageStaging
05.04.2015 14:39 <DIR> PARTdataManager
28.03.2016 10:20 <DIR> PeerDistRepub
06.09.2015 16:34 337 Perfmon.PerfmonCfg
02.10.2016 08:44 <DIR> PokerStars.EU
21.10.2016 16:16 <DIR> PreEmptive Solutions
08.01.2017 11:49 <DIR> Programs
25.03.2016 14:37 <DIR> PTC
27.03.2016 09:42 <DIR> Publishers
29.12.2016 18:14 13ÿ951 recently-used.xbel
24.01.2017 20:21 <DIR> Risen2
06.12.2014 12:29 <DIR> Samsung
03.05.2015 10:57 <DIR> Skype
21.08.2014 22:18 <DIR> softthinks
27.03.2016 10:17 <DIR> speech
29.12.2016 19:10 <DIR> SquirrelTemp
13.12.2016 11:15 <DIR> Steam
05.06.2015 19:01 <DIR> Sun
24.06.2015 18:17 <DIR> SWITCHdrive
02.04.2015 14:12 <DIR> SWTORPerf
11.02.2017 18:20 <DIR> Temp
12.11.2015 14:52 <DIR> Thalmic Labs
22.08.2014 18:40 <DIR> Thunderbird
27.03.2016 09:41 <DIR> TileDataLayer
02.04.2015 12:54 <DIR> TuneUp Software
15.03.2016 20:43 <DIR> VirtualStore
29.12.2016 19:11 <DIR> WhatsApp
11.03.2015 21:46 <DIR> Windows Live
2 File(s) 14ÿ288 bytes
79 Dir(s) 22ÿ564ÿ126ÿ720 bytes free
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40120867 B
Java, Flash, Steam htmlcache => 578479412 B
Windows/system/drivers => 10018570 B
Edge => 168858005 B
Chrome => 237865 B
Firefox => 250508579 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6562 B
NetworkService => 171238 B
Strat_000 => 102113698 B
Guest => 25580 B
DefaultAppPool => 0 B
RecycleBin => 21485517342 B
EmptyTemp: => 21.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:36:26 ====
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-02-2017 01 Ran by Strat_000 (administrator) on STRATOS (11-02-2017 18:40:55) Running from C:\Users\Strat_000\Desktop Loaded Profiles: Strat_000 (Available Profiles: Strat_000 & Guest & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Dassault Systemes) C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe (3Dconnexion) D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe (MakerBot) D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe (Autodesk, Inc.) D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\System32\PickerHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\PickerHost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-23] (Dell Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] () HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-14] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-18] (Logitech Inc.) HKLM\...\Run: [3DxWare Service] => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2160512 2015-12-10] (3Dconnexion, INC) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-12-21] ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) Startup: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-31] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320 2012-05-31] (National Instruments Corporation) Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368 2012-05-31] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 192.168.0.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-05] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default [2017-02-11] FF NewTab: Mozilla\Firefox\Profiles\bcrhru5j.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\bcrhru5j.default -> Amazon.de FF Keyword.URL: Mozilla\Firefox\Profiles\bcrhru5j.default -> user_pref("keyword.URL", true); FF Extension: (Codebender.cc Plugin) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\codebender@codebender.cc [2016-04-14] FF Extension: (Speed Manager Plus) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{936216dc-1346-4a00-9d4d-ee8a61977a6d}.xpi [2016-05-18] [not signed] FF Extension: (Speed Addon) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{afebcc45-0538-4b91-9ab9-4390df4928c2}.xpi [2015-12-19] [not signed] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\ecosia.xml [2016-04-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-images.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-maps.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\qwantcom.xml [2015-04-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\start-page.xml [2016-11-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage---deutsch.xml [2017-01-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage-https---deutsch.xml [2017-02-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\wikispaces-arduino-info.xml [2016-02-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\youtube.xml [2015-11-21] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-03] [not signed] FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found FF Plugin: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll [2014-05-23] () FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-24] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll [2013-07-10] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-24] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2012-10-04] (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 BBDemon; C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe [53520 2014-12-12] (Dassault Systemes) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.) R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation) S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.) R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation) R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.) R2 MakerBot Conveyor Service; D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe [85504 2016-01-01] (MakerBot) [File not signed] R2 MBAMScheduler; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Mgl3DCtlrRPCService; D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2015-12-10] (3Dconnexion) [File not signed] R2 mitsijm2014; D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation) R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation) R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-11-14] (NVIDIA Corporation) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-09-29] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [39184 2015-11-07] (3Dconnexion SAM) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation) R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation) R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation) R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-02] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-02] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation) R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2015-11-07] (3Dconnextion Inc.) R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2015-11-07] (3Dconnextion Inc.) S3 LAN7500; C:\WINDOWS\system32\DRIVERS\lan7500-x64-n630f.sys [105960 2015-07-22] (SMSC) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [140672 2016-03-10] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-11] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [4112656 2015-09-23] (Intel Corporation) S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation) S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation) S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation) S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation) R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R3 VSTWinDriver6; C:\WINDOWS\system32\drivers\VSTwindrvr6.sys [252928 2015-08-27] (Jungo) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-11 18:40 - 2017-02-11 18:41 - 00037943 _____ C:\Users\Strat_000\Desktop\FRST.txt 2017-02-11 18:40 - 2017-02-11 18:40 - 00000109 _____ C:\Users\Strat_000\Desktop\2.txt 2017-02-11 18:40 - 2017-02-11 18:40 - 00000109 _____ C:\Users\Strat_000\Desktop\1.txt 2017-02-11 18:31 - 2017-02-11 18:36 - 00031413 _____ C:\Users\Strat_000\Desktop\Fixlog.txt 2017-02-11 18:30 - 2017-02-11 18:30 - 00000000 ____D C:\Users\Strat_000\Desktop\FRST-OlderVersion 2017-02-09 18:45 - 2017-02-09 18:45 - 00147196 _____ C:\Users\Strat_000\Desktop\Addition.txt 2017-02-09 18:44 - 2017-02-09 18:45 - 00075490 _____ C:\Users\Strat_000\Desktop\FRST_alt (2).txt 2017-02-09 18:41 - 2017-02-09 18:41 - 00010727 _____ C:\Users\Strat_000\Desktop\mbam.txt 2017-02-09 18:11 - 2017-02-09 18:11 - 00000914 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-02-09 18:09 - 2017-02-09 18:10 - 22851472 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mbam-setup-2.2.1.1043.exe 2017-02-09 18:08 - 2017-02-09 18:08 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-02-09 18:07 - 2017-02-09 18:07 - 55566792 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mb3-setup-consumer-3.0.6.1469.exe 2017-02-09 18:04 - 2017-02-09 18:04 - 00001133 _____ C:\Users\Strat_000\Desktop\JRT.txt 2017-02-09 18:02 - 2017-02-09 18:02 - 01663040 _____ (Malwarebytes) C:\Users\Strat_000\Desktop\JRT.exe 2017-02-09 17:57 - 2017-02-09 17:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-02-09 17:50 - 2017-02-09 17:50 - 04015056 _____ C:\Users\Strat_000\Desktop\AdwCleaner_6.043.exe 2017-02-09 17:43 - 2017-02-09 17:43 - 00000875 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\Users\Strat_000\Desktop\Revo Uninstaller 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-02-09 17:41 - 2017-02-09 17:41 - 07097928 _____ (VS Revo Group ) C:\Users\Strat_000\Desktop\revo202setup.exe 2017-02-08 16:58 - 2017-02-08 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-08 16:45 - 2017-02-08 16:45 - 00237083 _____ C:\Users\Strat_000\Desktop\Addition_alt.txt 2017-02-08 16:44 - 2017-02-11 18:40 - 00000000 ____D C:\FRST 2017-02-08 16:44 - 2017-02-08 16:45 - 00083934 _____ C:\Users\Strat_000\Desktop\FRST_alt.txt 2017-02-08 16:38 - 2017-02-08 16:38 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\09CF649C.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-02 21:00 - 2017-02-11 18:30 - 02421248 _____ (Farbar) C:\Users\Strat_000\Desktop\FRST64.exe 2017-02-02 20:22 - 2017-02-11 18:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-02 20:22 - 2017-02-09 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-02 20:22 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-02-02 20:09 - 2017-02-02 20:09 - 00007000 _____ C:\Users\Strat_000\Desktop\AdwCleaner[C0]_alt.txt 2017-02-02 20:08 - 2017-02-02 20:08 - 00000000 ____D C:\WINDOWS\Panther 2017-02-02 20:04 - 2017-02-09 17:57 - 00000000 ____D C:\AdwCleaner 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Python34 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyScripter-x64 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Program Files\PyScripter 2017-01-25 14:06 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2017-01-25 14:05 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Deployment 2017-01-25 14:05 - 2017-01-25 14:05 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Apps\2.0 2017-01-25 12:59 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 12:59 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-24 21:36 - 2017-01-24 21:36 - 00000000 ____D C:\Users\Strat_000\Downloads\temp 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Risen2 2017-01-20 20:12 - 2017-01-20 20:12 - 00000000 ____D C:\ProgramData\Firefly Studios 2017-01-20 20:11 - 2017-01-20 20:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade 2017-01-20 17:15 - 2017-01-20 19:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2017-01-15 14:56 - 2017-01-15 15:40 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\Program Files\Notepad++ ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-11 18:39 - 2014-04-04 09:15 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-02-11 18:38 - 2016-10-12 16:10 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Akamai 2017-02-11 18:37 - 2016-09-28 20:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-11 18:37 - 2016-03-27 09:41 - 00000000 __SHD C:\Users\Strat_000\IntelGraphicsProfiles 2017-02-11 18:36 - 2016-09-28 21:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-11 18:36 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-02-11 18:32 - 2015-08-06 08:55 - 00000000 ____D C:\Users\Strat_000\AppData\LocalLow\Temp 2017-02-11 18:31 - 2016-04-30 11:19 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-11 18:15 - 2016-09-28 20:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-11 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-10 17:30 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-09 19:08 - 2014-08-21 22:11 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Packages 2017-02-09 18:43 - 2016-09-28 21:00 - 01702426 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-09 18:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-09 18:38 - 2014-09-23 15:50 - 00000000 ____D C:\Program Files (x86)\MDESIGN 2017-02-08 16:58 - 2016-11-08 20:54 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-08 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-02 21:53 - 2016-09-28 21:00 - 00000000 ____D C:\Users\Strat_000 2017-02-02 19:54 - 2016-12-21 17:02 - 00000000 ____D C:\Program Files (x86)\National Instruments 2017-02-02 19:54 - 2016-09-29 06:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-02-02 19:54 - 2014-08-22 21:03 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2017-01-30 15:50 - 2015-06-28 14:29 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Eclipse 2017-01-30 15:50 - 2015-06-28 14:23 - 00000000 ____D C:\Users\Strat_000\.p2 2017-01-29 09:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-25 13:19 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-24 20:05 - 2015-10-16 09:42 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Ansys 2017-01-24 16:36 - 2015-09-12 07:18 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-01-24 16:17 - 2016-10-05 16:11 - 00000760 _____ C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2017-01-24 16:17 - 2016-10-05 16:11 - 00000463 _____ C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-24 10:06 - 2014-08-28 21:03 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Adobe 2017-01-21 17:57 - 2015-11-04 21:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 12:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-21 10:32 - 2014-11-02 11:08 - 00000000 ___RD C:\Users\Strat_000\Dropbox 2017-01-20 17:15 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2017-01-13 16:07 - 2014-08-21 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 16:04 - 2016-09-28 20:56 - 00446272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-01-13 10:19 - 2016-09-28 21:14 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-13 08:38 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-13 08:37 - 2014-08-22 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-01-12 21:24 - 2014-08-22 15:46 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-01-12 21:22 - 2014-08-22 15:46 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-01-12 21:21 - 2014-08-22 15:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 ==================== Files in the root of some directories ======= 2016-02-16 20:23 - 2016-02-16 20:23 - 0001164 _____ () C:\Users\Strat_000\AppData\Roaming\CoolTerm_Prefs.plist 2016-10-05 16:11 - 2017-01-24 16:17 - 0000463 _____ () C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2014-09-15 09:29 - 2016-10-05 16:27 - 0001390 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV3.ini 2016-10-05 16:11 - 2017-01-24 16:17 - 0000760 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2016-10-03 10:51 - 2016-10-04 16:20 - 0000103 _____ () C:\Users\Strat_000\AppData\Roaming\WB.CFG 2015-09-05 20:13 - 2015-09-06 16:34 - 0000337 _____ () C:\Users\Strat_000\AppData\Local\Perfmon.PerfmonCfg 2016-12-29 18:14 - 2016-12-29 18:14 - 0013951 _____ () C:\Users\Strat_000\AppData\Local\recently-used.xbel 2016-09-28 20:58 - 2016-09-28 20:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-08-21 20:45 - 2014-08-21 20:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-09 18:25 ==================== End of FRST.txt ============================ --- --- --- |
|
11.02.2017, 18:49
| #12 |
| | Win 10, Trotux eingefangen Und noch die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-02-2017 01
Ran by Strat_000 (11-02-2017 18:41:28)
Running from C:\Users\Strat_000\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-28 20:15:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-968931954-2191872932-1542864395-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-968931954-2191872932-1542864395-503 - Limited - Disabled)
Guest (S-1-5-21-968931954-2191872932-1542864395-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-968931954-2191872932-1542864395-1003 - Limited - Enabled)
Strat_000 (S-1-5-21-968931954-2191872932-1542864395-1001 - Administrator - Enabled) => C:\Users\Strat_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D XML Player (HKLM\...\{383D9F1B-A4F6-4C6C-A925-05A2636A0176}) (Version: 16.7.14143 - Dassault Systemes)
3Dconnexion 3DxWare 10 (64-bit) (HKLM-x32\...\{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}) (Version: 10.3.0 - 3Dconnexion)
3Dconnexion 3DxWinCore (Version: 17.3.0.12346 - 3Dconnexion) Hidden
3Dconnexion Add-In for AutoCAD (Version: 5.1.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for Inventor 11 - 2016 (Version: 2.1.1 - 3Dconnexion) Hidden
3Dconnexion Add-In for Solid Edge V18 - ST8 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-In for SOLIDWORKS 2005 - 2016 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Add-On for XSI v5.0 - 2015 (Version: 3.0.3 - 3Dconnexion) Hidden
3Dconnexion Collage (x32 Version: 1.3.0 - 3Dconnexion) Hidden
3Dconnexion Extension for SketchUp (Version: 4.2.1 - 3Dconnexion) Hidden
3Dconnexion LCD Applets for SpacePilot Pro (Version: 1.3.3 - 3Dconnexion) Hidden
3Dconnexion Navigation Library Server (x32 Version: 1.0.2.12216 - 3Dconnexion) Hidden
3Dconnexion Plug-In for 3ds Max 2008 - 2016 (Version: 6.1.2 - 3Dconnexion) Hidden
3Dconnexion Plug-in for Acrobat 3D (x32 Version: 1.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Maya v8.5 - 2016 (Version: 5.1.1 - 3Dconnexion) Hidden
3Dconnexion Plug-In for NX v4.0 - v11.0 (Version: 3.3.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Photoshop CS3 - CS6 and CC (Version: 2.4.0 - 3Dconnexion) Hidden
3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 3.0 (Version: 2.2.4 - 3Dconnexion) Hidden
3Dconnexion Trainer (x32 Version: 3.2.3 - 3Dconnexion) Hidden
3Dconnexion Viewer and Assembly Demo (x32 Version: 0.9.0.0 - 3Dconnexion) Hidden
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.6.7 - Arduino LLC)
AutoCAD Electrical 2014 - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
AutoCAD Electrical 2014 Language Pack - Deutsch (German) (Version: 11.0.57.0 - Autodesk) Hidden
Autodesk 123D Catch (HKLM-x32\...\{413A0A2B-D154-4457-833F-3299DB3183FF}) (Version: 1.0.654 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD Electrical 2014 - Deutsch (German) (HKLM\...\AutoCAD Electrical 2014 - Deutsch (German)) (Version: 11.0.57.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Configurator 360 addin (HKLM-x32\...\{E3EE083F-6856-44AB-BC82-445E2FFB8C1A}) (Version: 21.0.11700 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.2449 - Autodesk, Inc.)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Content Center Libraries 2017 (Desktop Content) (HKLM\...\{B46DECD1-2164-4EF1-0000-22D71E81877C}) (Version: 21.0.14200.0000 - Autodesk)
Autodesk Inventor Professional 2014 - Deutsch (German) (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.1.22200.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.1.22200.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - Deutsch (German) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 SP1 (HKLM\...\Autodesk Inventor Professional 2014 SP1) (Version: 18.1.22200.0000 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Product Design Suite 2014 (HKLM\...\Autodesk Product Design Suite 2014) (Version: 3.0.100.017 - Autodesk)
Autodesk Product Design Suite 2014 (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk Product Design Suite 2014 Language Pack (Version: 3.0.100.017 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap 360 (HKLM\...\Autodesk ReCap 360) (Version: 3.0.0.52 - Autodesk)
Autodesk ReCap 360 (Version: 3.0.0.52 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Workflows 2014 (HKLM\...\{11672AB2-3D48-4D38-9123-719E5FF93333}) (Version: 4.0.19.0 - Autodesk, Inc.)
Berkeley Madonna (HKLM-x32\...\{27AB9BD6-4A3E-4BBD-8381-CD445E474936}) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Cura 15.04 (HKLM-x32\...\Cura_15.04) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)
Dassault Systemes Software VC10 Prerequisites x86-x64 (HKLM\...\{7C534131-6431-4ECB-9069-525CB5F75CC8}) (Version: 10.1.1 - Dassault Systemes)
Dassault Systemes Software VC11 Prerequisites x86-x64 (HKLM\...\{C857169D-3F1A-4530-99A0-CAE966CE267E}) (Version: 11.0.1 - Dassault Systemes)
Dassault Systemes Software VC9 Prerequisites x86-x64 (HKLM\...\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}) (Version: 9.1.2 - Dassault Systemes)
Dassault Systemes Software Version 5-6 Release 2015 (B25) (HKLM\...\Dassault Systemes B25_0) (Version: - )
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\58d94f3ce2c27db0) (Version: 7.11.0.6 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.0 - Synaptics Incorporated)
D-Fend Reloaded 1.4.4 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
Dota 2 (HKLM\...\Steam App 570) (Version: - Valve)
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
EVE Online (HKLM\...\Steam App 8500) (Version: - CCP)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
FARO LS 1.1.504.10 (64bit) (HKLM-x32\...\{08828409-24D2-4FD6-9EC4-DF2D8CCC183B}) (Version: 5.4.10.43135 - FARO Scanner Production)
FileZilla Client 3.14.0 (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.98.721 - Digital Wave Ltd)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.24.627 - Digital Wave Ltd)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.7.1000 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6e3d3c5f-ea0c-4457-850d-9dd60b6ab95a}) (Version: 16.8.0 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JCreator Pro 5.00 (HKLM-x32\...\JCreator Pro_is1) (Version: - Xinox Software)
KeyShot 5 Floating 64 bit (HKLM-x32\...\KeyShot 5 Floating_64) (Version: 5.0 64 bit Floating - Luxion ApS)
KISSsoft 03-2015 (HKLM-x32\...\{C0293A42-6D5D-4F71-9042-74007EBAFA55}) (Version: 15.03.000 - KISSsoft AG)
K-Lite Codec Pack 12.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.5 - KLCP)
Kontur-Scanner (HKLM-x32\...\{04270C05-149B-46F3-BDB3-22AF8A8B54C2}) (Version: 1.0.5 - Keller)
Logger Pro 3.10.1 (HKLM-x32\...\{B91FFD97-1C41-4877-7B97-9D62814E50AD}) (Version: 5.182.666 - Vernier Software & Technology)
Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
MakerBot_Bundle_BETA_3.9.1.1346_x64 (HKLM-x32\...\MakerBot) (Version: 3.9.1.1346 - MakerBot)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
Math-Kernel-Bibliotheken (64 Bit) (Version: 1.0.23.0 - National Instruments) Hidden
Math-Kernel-Bibliotheken (x32 Version: 1.0.23.0 - National Instruments) Hidden
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Maxx Audio Installer (x64) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
MDESIGN 2014 (HKLM-x32\...\MDESIGN explorer 15) (Version: 15 - TEDATA)
Mendeley Desktop 1.14 (HKLM-x32\...\Mendeley Desktop) (Version: 1.14 - Mendeley Ltd.)
Mesh Enabler (HKLM-x32\...\{539C1162-6FC6-4011-B59A-FC20916F575E}) (Version: 1.0.5 - Autodesk)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 11.0.544 - Autodesk, Inc.)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4893.1002 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mockup 360 Addin 2015 (HKLM-x32\...\{E4D4242C-FC14-4B4F-B1D9-6760D8C241D5}) (Version: 1.1.0 - Autodesk)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.6.0.6200 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
Myo Connect (HKLM-x32\...\Thalmic Labs Myo Connect) (Version: 1.0.1 - Thalmic Labs)
MySQL Connector C++ 1.1.4 (HKLM\...\{1F5C1E97-AE40-4EE7-9959-3D8038B6EAC8}) (Version: 1.1.4 - Oracle and/or its affiliates)
MySQL Connector/C 6.1 (HKLM\...\{4E2AAB30-1E42-4ACA-B1A9-3AE8629D0C89}) (Version: 6.1.5 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.5 (HKLM-x32\...\{BCF64211-43D1-4152-A152-7E30D0D7570D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Examples and Samples 5.5 (HKLM-x32\...\{33A3D172-0E98-4D16-80DD-9CB3D4AC814D}) (Version: 5.5.40 - Oracle Corporation)
MySQL Installer (HKLM-x32\...\{2D5C73E8-EA6C-4A0A-8B27-FF48B04977E5}) (Version: 1.3.7.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Utilities (HKLM-x32\...\{0B18AA75-6A44-4950-A0A2-A486C2D839A0}) (Version: 1.4.4 - Oracle Corporation)
National Instruments - Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NI Authentication 12.0.0 (64-bit) (Version: 12.0.367.0 - National Instruments) Hidden
NI Authentication 12.0.0 (x32 Version: 12.0.367.0 - National Instruments) Hidden
NI Certificates Deployment Support (x32 Version: 1.03.49152 - National Instruments) Hidden
NI Curl 12.0.0 (64-bit) (Version: 12.0.412.0 - National Instruments) Hidden
NI Curl 12.0.0 (x32 Version: 12.0.412.0 - National Instruments) Hidden
NI EulaDepot (x32 Version: 3.10.393 - National Instruments) Hidden
NI GMP Windows 32-bit Installer 12.0.0 (x32 Version: 12.0.46.0 - National Instruments) Hidden
NI GMP Windows 64-bit Installer 12.0.0 (Version: 12.0.46.0 - National Instruments) Hidden
NI LabVIEW 2012 Deployment Framework (x32 Version: 12.0.369.0 - National Instruments) Hidden
NI LabVIEW 2012 Real-Time NBFifo (x32 Version: 12.0.219.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2012 f3 (x32 Version: 12.0.435.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2012 (x32 Version: 12.0.204.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Webserver 2012 (x32 Version: 12.0.406.0 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated) (x32 Version: 10.0.1434 - National Instruments) Hidden
NI Logos 5.4 (64 Bit) (Version: 5.4.303.0 - National Instruments) Hidden
NI Logos 5.4 (x32 Version: 5.4.303.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.4.295.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.4.295.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 3.10.393 - National Instruments) Hidden
NI mDNS Responder 2.1 for Windows 64-bit (Version: 2.10.49152 - National Instruments) Hidden
NI mDNS Responder 2.1.0 (x32 Version: 2.10.49152 - National Instruments) Hidden
NI SSL LabVIEW RTE 2012 Support (x32 Version: 12.0.125.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 12.0.218.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 12.0.358.0 - National Instruments) Hidden
NI System Web Server 12.0 (x32 Version: 12.0.414.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (64-bit) (Version: 12.0.407.0 - National Instruments) Hidden
NI System Web Server Base 12.0.0 (x32 Version: 12.0.407.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (64 Bit) (Version: 2.4.55.0 - National Instruments) Hidden
NI TDM Streaming 2.4 (x32 Version: 2.4.55.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 12.0.401.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 12.0.401.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 3.10.393 - National Instruments) Hidden
NI Unterstützung für nicht englische Versionen der Runtime-Engine von LabVIEW 2012. (x32 Version: 12.0.363.0 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.401 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.401 - National Instruments) Hidden
NI Web Application Server 12.0 (64 Bit) (Version: 12.0.422.0 - National Instruments) Hidden
NI Web Application Server 12.0 (x32 Version: 12.0.422.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 (x32 Version: 2.7.180.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0 - National Instruments) Hidden
NI-ActiveX-Container (64-bit) (Version: 12.0.14.0 - National Instruments) Hidden
NI-ActiveX-Container (x32 Version: 12.0.14.0 - National Instruments) Hidden
NI-DIM 1.13.0f0 (x32 Version: 1.130.49152 - National Instruments) Hidden
NI-DIM 1.13.0f0 for 64 Bit Windows (Version: 1.130.49152 - National Instruments) Hidden
NI-Fehlerprotokolle 2012 (x32 Version: 12.0.172.0 - National Instruments) Hidden
NI-ORB 1.10.0f0 (x32 Version: 1.100.49152 - National Instruments) Hidden
NI-ORB 1.10.0f0 for 64 Bit Windows (Version: 1.100.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 (x32 Version: 10.91.49152 - National Instruments) Hidden
NI-PAL 2.8.1f0 for 64 Bit Windows (Version: 10.91.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 (x32 Version: 4.30.49152 - National Instruments) Hidden
NI-RPC 4.3.0f0 for 64 Bit Windows (Version: 4.30.49152 - National Instruments) Hidden
NI-VISA Runtime 5.2.0 (x32 Version: 5.20.49152 - National Instruments) Hidden
NI-VISA x64 support 5.2.0 (Version: 5.20.49152 - National Instruments) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3 - Notepad++ Team)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4893.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PTC Mathcad Prime 3.1 (HKLM\...\{3A4F83E8-C604-4970-8A1F-8963B3507630}) (Version: 3.1.0 - PTC)
PureSync (x32 Version: 4.4.2 - Jumping Bytes) Hidden
PureSync 4.4.2 (HKLM-x32\...\PureSync) (Version: 4.4.2 - Jumping Bytes)
PyScripter 2.6.0 (HKLM\...\PyScripter_is1) (Version: 2.6.0 - PyScripter)
Python 3.4.4 (64-bit) (HKLM\...\{56ebf7cf-f2b2-30ed-9de5-307fc2ce3449}) (Version: 3.4.4150 - Python Software Foundation)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Risen 2 - Dark Waters (HKLM\...\Steam App 40390) (Version: - Piranha Bytes)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
SMSC LAN7500 Device Driver (HKLM\...\{DE2877F8-0FD0-471D-9A5C-79B8FD6EEE61}) (Version: 13.08.08.0 - SMSC)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0046 - ST Microelectronics)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold 2 (HKLM\...\Steam App 40960) (Version: - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM\...\Steam App 40970) (Version: - FireFly Studios)
Stronghold HD (HKLM\...\Steam App 40950) (Version: - FireFly Studios)
Stronghold Legends (HKLM\...\Steam App 40980) (Version: - FireFly Studios)
SWITCHdrive (HKLM-x32\...\SWITCHdrive) (Version: 1.8.1.328 - SWITCH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
TI-Nspire™ CX CAS Student Software (HKLM-x32\...\{E994956D-8CA7-4091-BFF5-0C749470BA2E}) (Version: 4.0.0.235 - Texas Instruments Inc.)
Unterstützung für NI SSL (64 Bit) (Version: 12.0.408.0 - National Instruments) Hidden
Unterstützung für NI SSL (x32 Version: 12.0.408.0 - National Instruments) Hidden
Update for Skype for Business 2015 (KB3141468) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PRJPROR_{0BA3C700-ABED-4994-BB60-2FD66DFAF674}) (Version: - Microsoft)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VISA Shared Components 64-Bit (HKLM-x32\...\VISASharedComponents) (Version: - )
VISA Shared Components 64-Bit (Version: 1.4.0 - IVI Foundation Inc.) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: 0.0.0.0 - Blizzard Entertainment)
Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
WhatsApp (HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\WhatsApp) (Version: 0.2.2732 - WhatsApp)
Windows Driver Package - MakerBot Industries (WinUsb) USBDevice (09/11/2015 100.2.0.0) (HKLM\...\D015024C58122C3796867839B7E92961E6A4C307) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\04E27032638FDAAC836AACDBF2A93300A4E13BD1) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\0ED5517650E58DD9FB879217FC7CF165DEC4583B) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\67352CAC0149049BD2BE7B68AB77464472C339CD) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - MakerBot Industries, LLC (usbser) Ports (09/11/2015 100.2.0.0) (HKLM\...\9F57D28C2B5AEBAF582F84C4BE4F2AB1798631C9) (Version: 09/11/2015 100.2.0.0 - MakerBot Industries, LLC)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami)
yEd Graph Editor 3.13 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.13 - yWorks GmbH)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)
Z88Aurora V3 (HKLM\...\{3AFDAB60-DBBD-449F-974E-6EF6430440E3}) (Version: 2.0 - Lehrstuhl fuer Konstruktionlehre und CAD, Universitaet Bayreuth)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{32CDFF57-8CBA-4960-89B1-EC3FA58FB17A}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\ServiceModule.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> D:\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\SolidObject.Dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\BodyReceiver.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> D:\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\Autodesk\webdeploy\production\b8535b136583feacdb288f6ed972e6555b191b85\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Autodesk\AutoCAD 2014\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2D4F4E5-EEA1-46FF-A83B-A270C92DAE4B}\InprocServer32 -> D:\Program Files\Autodesk\Inventor 2017\Bin\DTInterop.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> D:\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> D:\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-968931954-2191872932-1542864395-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01AC3BCD-91B5-442A-838C-06A4AECEDB68} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {10FF88E4-4F5C-4210-9CF1-FCF6FE125565} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-03-09] (Realtek Semiconductor)
Task: {276A56A3-61FE-48EF-A91B-6A45BF7A44F3} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {29ED19C1-4DB1-4E68-9D61-D58D1F051D58} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {34442C84-E788-4C75-810E-2C62198AF600} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3CDB011F-78FE-464C-ACF0-73C56EDE66D0} - System32\Tasks\3DconnexionCreateProcess_3DxService.exe => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2015-12-10] (3Dconnexion, INC)
Task: {6A0B907B-24B9-40C9-BD32-913B05D1D72B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6ACCE957-2398-43C6-AE25-584C75C63E4B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {6DD54919-F068-4A0A-8871-0CA3EA898CB5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {6E8B881F-E3C2-4164-8878-2876EA2DE1D9} - System32\Tasks\{88AC59FD-2726-4F6F-A67C-F19C07F7D797} => pcalua.exe -a C:\Users\Strat_000\Downloads\Arduino\CDM_v2.12.00_WHQL_Certified.exe -d C:\Users\Strat_000\Downloads\Arduino
Task: {71F5F33F-9F6D-4917-A791-46476F8F8196} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-06] (Synaptics Incorporated)
Task: {81E0FC16-5D40-4E14-A306-744E9744283D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {855DD682-45F8-422C-97BC-413992ED2AF5} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-01] ()
Task: {944BDA3A-5EFE-477C-9B12-1DFFF82E983D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {A49DA27C-BFD6-4512-B975-40563AFC6375} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.6\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {AA028DCF-8E68-4658-8FBE-995D7AB78540} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ACCFAFE1-0665-4ED4-81E6-0D3585C8AE6C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {B4808A2E-A8D2-4050-B621-AB299C0F4D4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BFF9D5AA-8F2F-4682-81C3-6F259CB8BFA8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wurm Online\Wurm Online.lnk -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.wurmonline.com/client/wurmclient.jnlp "C:\Users\Strat_000\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\5fef8269-714a391b"
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-28 20:59 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-22 17:17 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-22 23:12 - 2016-02-22 23:12 - 00138240 _____ () D:\Program Files\Makerbot\MakerWare\jsoncpp.dll
2015-12-07 20:18 - 2015-12-07 20:18 - 00111616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ctypes.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00047616 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_socket.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 01210368 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_ssl.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00474624 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\_hashlib.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00010752 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\select.pyd
2015-12-07 20:18 - 2015-12-07 20:18 - 00689664 _____ () D:\Program Files\Makerbot\MakerWare\py27_dlls\unicodedata.pyd
2015-08-19 22:48 - 2015-08-19 22:48 - 02596352 _____ () D:\Program Files\Makerbot\MakerWare\vtkCommon.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 03111424 _____ () D:\Program Files\Makerbot\MakerWare\vtkFiltering.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 04569600 _____ () D:\Program Files\Makerbot\MakerWare\vtkIO.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 05822464 _____ () D:\Program Files\Makerbot\MakerWare\vtkGraphics.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02572288 _____ () D:\Program Files\Makerbot\MakerWare\opencv_core2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 01200640 _____ () D:\Program Files\Makerbot\MakerWare\opencv_calib3d2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02236928 _____ () D:\Program Files\Makerbot\MakerWare\opencv_imgproc2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 02413056 _____ () D:\Program Files\Makerbot\MakerWare\opencv_highgui2410.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00050688 _____ () D:\Program Files\Makerbot\MakerWare\boost_date_time-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00116224 _____ () D:\Program Files\Makerbot\MakerWare\boost_filesystem-vc120-mt-1_56.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00019456 _____ () D:\Program Files\Makerbot\MakerWare\boost_system-vc120-mt-1_56.dll
2014-08-06 14:30 - 2014-08-06 14:30 - 00100864 _____ () D:\Program Files\Makerbot\MakerWare\boost_thread-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00243200 _____ () D:\Program Files\Makerbot\MakerWare\vtksys.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00116736 _____ () D:\Program Files\Makerbot\MakerWare\vtkDICOMParser.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00159232 _____ () D:\Program Files\Makerbot\MakerWare\vtkverdict.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00783360 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00110592 _____ () D:\Program Files\Makerbot\MakerWare\vtkNetCDF_cxx.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00080896 _____ () D:\Program Files\Makerbot\MakerWare\LSDyna.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00127488 _____ () D:\Program Files\Makerbot\MakerWare\vtkpng.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00611328 _____ () D:\Program Files\Makerbot\MakerWare\vtkmetaio.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00065024 _____ () D:\Program Files\Makerbot\MakerWare\vtkzlib.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00141312 _____ () D:\Program Files\Makerbot\MakerWare\vtkjpeg.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00314880 _____ () D:\Program Files\Makerbot\MakerWare\vtktiff.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00128000 _____ () D:\Program Files\Makerbot\MakerWare\vtkexpat.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00656896 _____ () D:\Program Files\Makerbot\MakerWare\opencv_flann2410.dll
2015-08-19 22:46 - 2015-08-19 22:46 - 00869888 _____ () D:\Program Files\Makerbot\MakerWare\opencv_features2d2410.dll
2014-08-06 14:29 - 2014-08-06 14:29 - 00028672 _____ () D:\Program Files\Makerbot\MakerWare\boost_chrono-vc120-mt-1_56.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 02085888 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5.dll
2015-08-19 22:48 - 2015-08-19 22:48 - 00097280 _____ () D:\Program Files\Makerbot\MakerWare\vtkhdf5_hl.dll
2016-02-23 00:11 - 2016-02-23 00:11 - 00107520 _____ () D:\Program Files\Makerbot\MakerWare\tinything.dll
2016-12-14 23:17 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-09-16 13:12 - 2015-09-16 13:12 - 00043480 _____ () D:\Program Files\FileZilla\FileZilla FTP Client\fzshellext_64.dll
2015-05-14 16:36 - 2015-05-14 16:36 - 00059904 _____ () C:\Program Files (x86)\SWITCHdrive\shellext\OCUtil_x64.dll
2016-07-06 19:10 - 2016-07-06 19:10 - 01249792 _____ () C:\Users\Strat_000\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll
2016-09-29 19:13 - 2016-09-29 19:13 - 00959168 _____ () C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-27 14:50 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-29 06:53 - 2016-09-29 06:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:39 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:39 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:39 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:39 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-10-16 00:48 - 2014-10-16 00:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-08-21 20:47 - 2016-02-24 05:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2014-08-21 20:47 - 2016-02-24 05:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2016-06-29 18:14 - 2016-07-22 07:26 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-29 18:14 - 2016-07-22 07:24 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2012-05-29 18:07 - 2012-05-29 18:07 - 01958560 _____ () C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\niwsrp.dll
2014-04-04 09:09 - 2013-09-12 05:37 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-02-09 17:57 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
============================
|
|
11.02.2017, 18:49
| #13 |
| | Win 10, Trotux eingefangen Und der zweite Teil: Code:
ATTFilter ==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run: => "3DxWare Service"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\StartupFolder: => "Synology Cloud Station Drive.lnk"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Boxcryptor.exe"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\StartupApproved\Run: => "PureSync"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [UDP Query User{4FC1D526-EF5A-4967-8B8F-BBA348CF3B98}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{1D91F143-4DBA-4103-BF7C-8F0A0BE214CE}C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{3AA47883-2275-4002-93AB-3EB175A00776}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [TCP Query User{77A98965-8254-4441-B3FA-72487E2F3A66}C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansmeshingserver.exe
FirewallRules: [{0FEB7A54-AB1C-4113-8581-88A1A1D9DCB0}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{0A43AFC9-B2D6-4905-B033-885849EB19EF}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{7A9ED19D-239E-4B26-A0CA-CF258389F525}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{D59B3327-671A-4933-8525-E1F8AED67A7A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{8EA6FB88-0402-4E29-98F9-153E6A793B7F}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{6C1E5429-92B1-42C1-8810-294F55BD83A4}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{CF54E191-727B-44E7-8728-23DF668614FC}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{A8C03A37-6B8A-45D2-9239-C0813D13363A}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{628D3104-C402-4D92-965A-4FCDA6A06B27}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6608F61-5D07-477D-89F5-1CA76A7BA4E2}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8AAB0F8-8D2E-45C8-8664-3674A8BBDEE5}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE5BCB22-7F43-435B-BD76-BBDDF18A45E2}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{382C072E-19EA-46A9-80D3-B3CD6391FAB4}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [TCP Query User{694FB801-CD9C-42F3-9F15-D710543E0EAE}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-connect.exe
FirewallRules: [UDP Query User{E958FC1D-5113-42CE-8858-96E7C482E13C}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [TCP Query User{76C6585F-23DD-49ED-A105-F43F2D4A8270}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\catiatopro.exe
FirewallRules: [UDP Query User{CEA97193-0A27-4872-86DC-A75D60E9D0C3}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{0AC9B4CE-B421-4F89-AC4F-F19E88CE6981}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{1DBB1F1E-3DAA-4E2C-A835-5995134E66C6}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{7D867815-9417-4D85-80D7-FA16BE154953}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [{CD9F58CA-4C3C-455B-9C79-E1DBB81D4271}] => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B64B6C2F-A98F-4696-A97C-DA0C0E03DA55}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{4219914F-17B0-4082-8FDE-9C8059F7FC0D}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{96163E11-ABF0-437A-BE15-3DF1A44E85E6}] => LPort=2869
FirewallRules: [{03BD1AF7-0BF8-4012-853F-2D3E1098C809}] => LPort=1900
FirewallRules: [{D0D1F8C9-1A69-4B45-A82F-D1DAD5E2882F}] => LPort=50248
FirewallRules: [{F5C16F57-13AC-4E4E-AD71-3ED80DB1F69D}] => C:\Users\Strat_000\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{69137F3E-852F-45E4-B39F-F2D19F70E1D5}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4A08B79-F7ED-4FC3-934D-0EC4ACE17959}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D46F595B-D3D0-42A4-9025-ADB6FD0A3FF5}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{362F7CE5-DD2B-46E8-967E-F4DF562E434B}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3B20DC80-CA8C-4E0A-A5CB-28239D6D0F79}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{D9DA139F-DB0D-44D3-9B1E-2D06D1028AB9}] => D:\SteamLibrary\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [TCP Query User{4DD5C3D0-DC83-44FA-913B-378EF54D3E1A}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [UDP Query User{58ADCCEA-75D9-4A26-9941-7D901358A306}C:\program files\maple 18\jre\bin\maple.exe] => C:\program files\maple 18\jre\bin\maple.exe
FirewallRules: [TCP Query User{F857059D-70CD-4D81-8D60-3DE90559AC03}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [UDP Query User{7AD4CCDF-0565-4FDB-99AA-7AA01273F289}C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{0B9814D1-FC19-492C-AE86-AB79AED4839F}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{0FD323B4-107E-4B03-BD43-07665AC0A506}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [TCP Query User{C21D6139-02D4-4948-B04D-B0AF2642F1E3}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [UDP Query User{18335C91-410A-4437-84C7-DD71E2A62563}\\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{EC70B2A1-0D56-4AF3-8F04-1A2EE8175FE7}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [{C8F5D359-5F4D-4627-9557-78573F067B76}] => \\srv-lab-t-432\cadenas\software\bin\x86\32\cnslocal.exe
FirewallRules: [TCP Query User{AB75A300-9988-450E-A5B1-4202056FCA9F}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [UDP Query User{2CE85C3B-A38E-48D7-9D14-7A7DE61F945C}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\cat3dxmlplayergo.exe
FirewallRules: [TCP Query User{3B10EA8E-072F-4384-8471-59C49A30FAE5}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [UDP Query User{85F8B39D-3772-4595-88CF-58B436D29126}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\dsysysirmanager.exe
FirewallRules: [TCP Query User{493AF417-C7DA-4F7E-9BE6-240D41BDE959}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [UDP Query User{DCAFC2C2-BEC9-4FF7-A219-450332461C36}C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe] => C:\program files\dassault systemes\3d xml player\win_b64\code\bin\3dxmlplayer.exe
FirewallRules: [TCP Query User{B53F4142-AEDB-4004-93B4-F4B4859CC4D8}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{5DF53F0B-30DE-41EB-BAE3-60EF23D59F53}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{144BC75D-01B8-40F4-B134-38335FC12A0E}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{FAA398A9-7117-4E50-8EBA-4DD6EF3C1DB7}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{9378CA38-2FD3-41CA-B828-2EAE02F1BE50}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{54E92ACA-1BBD-4BF8-8761-0710C591ACCE}C:\xampp\apache\bin\httpd.exe] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{61BF9771-BABF-4D83-871A-E16EC7D8D67D}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [{C1ECCFF2-9EF4-4312-BC27-19512642FBB2}] => C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{0E1FEDE8-60E0-44CE-A227-4BBC7A8ACA67}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{D37FF8CF-7892-42EA-BAC6-A83D707907A4}C:\xampp\filezillaftp\filezillaserver.exe] => C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{F3ABD6E7-23CF-445F-A263-4CAA404187DF}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{EE2C15DC-BD81-4238-BA39-105836117D84}C:\xampp\mysql\bin\mysqld.exe] => C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{EEB6B15F-F713-4305-9227-3B292294E8E0}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{59E77C5F-7298-45CB-8AF5-1A26041EDFD9}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{72CD02D7-BF4E-43AE-B215-50436129B642}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{A9A62307-0B6B-4BB0-AE1C-1638A11D1B2B}] => D:\SteamLibrary\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [TCP Query User{6A486716-3E48-44FB-B7AD-68CC21B8EADA}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{177443EE-7A65-4474-B6DC-B1AF157BD1B9}C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\strat_000\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{3428BF3C-D727-40DA-A6BF-BC23B059220C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC3D896C-EE69-469D-9008-91C48EE803AC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A8D0D80-FA38-4165-9F77-960658A79D74}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [UDP Query User{645DD761-18C8-4BF6-8878-9BBD9A1DFC9A}D:\program files\eve\bin\exefile.exe] => D:\program files\eve\bin\exefile.exe
FirewallRules: [TCP Query User{D82CB044-B7D8-48BD-8D64-3E979659CA7F}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{444CDFF3-F3DB-4E39-A01B-371A73CD5F47}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B5492246-9F29-41F2-89D0-E0CFB779A1DD}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [UDP Query User{C2F78D9F-DCD2-4AF0-A619-583134BC30E7}C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe] => C:\program files\dassault systemes\b23\win_b64\code\bin\cnext.exe
FirewallRules: [{DB02F1F2-6255-4B6A-90B5-8760337107FD}] => D:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{9E6B2974-AAD0-4DFC-816E-5A07477E24FB}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{AE1B1B82-6510-49A5-97C2-D6AB2E264713}] => D:\Program Files\KeyShot5 Floating\bin\keyshot5_floating.exe
FirewallRules: [{C57DD757-BEFA-4075-8137-ED652A3E4C5B}] => D:\Program Files\KeyShot5 Floating\bin\keyshot_daemon.exe
FirewallRules: [{999671FD-B130-4014-90A2-5DBF46894415}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{8CC548E3-B545-4727-B24C-B6E0E840EC93}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{F0C5460A-89EA-4E98-B041-813F56FD667A}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{CC7D2887-A136-4369-ACF9-701A98074FE8}] => D:\Program Files\Autodesk\3ds Max Design 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{D264EAD3-CC5B-41DE-B1B0-F93461B80A18}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{17CE46FF-7AC8-44E0-BF02-CD46E6F7F4EC}] => D:\SteamLibrary\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{3EDDAB82-E901-40A6-ABF7-9F130A06B8DC}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{E7493A85-12E5-439D-A513-ACC86D4675A2}] => D:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [TCP Query User{A6D8B041-213F-4151-98F6-5500A8A6D08D}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [UDP Query User{819CFFB3-B805-4865-9104-6B993B6C6141}D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{0D872B4E-17EC-41A9-B1DD-615EF8847BEA}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{AA621320-F1A7-4ED8-900D-3C7A15C15017}] => D:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [TCP Query User{8D07783B-DA13-42DC-9B72-4D6C9CA6A4B4}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{85A28987-0094-4B0E-B5C2-780FA027351F}C:\program files (x86)\arduino\java\bin\javaw.exe] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{F84B1795-70D6-40C9-A91E-FF12A20A1A4F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{EA5F0A2F-C16C-40FD-AB8D-11429ACEA69F}] => C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{9FB94BC4-7B30-4FEB-953D-6D463685DB15}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [UDP Query User{EE95D0B7-8E4B-4F20-A735-91B975B0ADCC}D:\program files\eclipse\eclipse\eclipse.exe] => D:\program files\eclipse\eclipse\eclipse.exe
FirewallRules: [TCP Query User{F6E70320-65CE-4976-A39A-B6AAF5A319CD}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{3A69E616-CBF2-4FB6-B702-CE19BF7516C9}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{837A0BDF-94A2-47BE-8E17-98D4F88E50B6}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{B0746FDD-D0A0-47C0-BE3D-CC8B4C9C115B}C:\program files\matlab\r2015a\bin\win64\matlab.exe] => C:\program files\matlab\r2015a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{35905164-CEE2-4D49-961B-7183F74E5982}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{81C96AF5-83A9-433D-82DC-9AFC8BE49318}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{27DE4CEC-30E0-4DFA-B9CF-82B0F08A496A}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{F030DCD2-3F64-45AD-85C8-3E9A6735553C}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe
FirewallRules: [{3C3A58F8-E2F4-49FB-94F8-DAD7C7E8E353}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [{A593FF79-ACB9-48DB-8709-A94B08EBFDCE}] => C:\Program Files\Autodesk\3ds Max Design 2015\NVIDIA\Satellite\raysat_3dsmax2015_64.exe
FirewallRules: [TCP Query User{595CD3E5-958C-450A-A696-F5423FC63089}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [UDP Query User{E12775D5-9ABC-49D2-A648-BBF3D2AC663B}C:\program files\matlab\r2015b\bin\win64\matlab.exe] => C:\program files\matlab\r2015b\bin\win64\matlab.exe
FirewallRules: [{38DCFB8D-1AC8-4A96-8465-07DDDFCE5BFD}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{92916C34-CBE1-46E4-A0C1-BA3D9095CC38}] => C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CNEXT.exe
FirewallRules: [{555CA95E-B415-4760-8579-9A25B27C0290}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [{EE383DA8-2CB1-44EC-8C00-3CC26A2E6269}] => C:\program files\dassault systemes\b25\win_b64\code\bin\orbixd.exe
FirewallRules: [TCP Query User{52AD202E-2C28-43F1-BD59-89A589FCF739}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{9CE4D3D2-C94D-431A-B788-6F2F908F6A32}D:\program files\filezilla\filezilla ftp client\filezilla.exe] => D:\program files\filezilla\filezilla ftp client\filezilla.exe
FirewallRules: [{DBF794C6-F82E-4926-8E53-E8CEE24E25B7}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{C17CA1D3-B21D-41BB-A770-ABB9BBD08860}] => D:\SteamLibrary\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D092E2F0-A4D6-4258-A8FD-0B77E05CFAB6}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{E3A068FE-81EF-424E-9854-719DD5EEE083}] => D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{34A8704A-1BA5-4E78-AE0B-736CC9A3355C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D87EC244-1E2E-43ED-89FC-8C9DCEC28D30}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45F797C4-66D8-4C5A-B707-4D601535FDAB}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{6E0022AA-86AF-43A4-9721-8201D69881B1}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [TCP Query User{06893087-BA65-4E47-87C6-1A9DEFB5C07D}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{6FC16076-9FF8-4819-AC04-151EE42692F2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{5B2E33F7-6A80-4124-BDD5-486C3F687A1C}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{0DFE5C54-CF2F-4A4F-823A-15EE77A1F7C7}D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe] => D:\program files\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{74BB7B1E-E2A4-4AAE-A83A-CAC0CFF0F292}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{F6A2F389-D056-4477-9236-99BEDD8AB990}D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe] => D:\program files\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{C219EEC9-9304-43DA-A02E-47C5550FB0CF}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [UDP Query User{90A4EAC3-1B74-4840-9A98-C1AE55BCF5A2}D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe] => D:\program files\ti education\ti-nspire cx cas student software\ti-nspire cx cas student software.exe
FirewallRules: [{71CB189F-2F53-4995-96AB-EE3A08C7C8C3}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{AAC4EB8F-7A39-4524-8451-E545A0D8BF50}] => C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{B5729983-4D23-48C7-B3B5-C85ECD54D4D8}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{B953E78C-6AFF-4145-9876-9F8268A9FC21}C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => C:\users\strat_000\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [{813B74C6-24B6-4FAF-8686-C417EB2109B0}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [{FBB017AE-A882-494C-8953-8A477337BB00}] => D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe
FirewallRules: [TCP Query User{4D29F7EA-B63D-4D82-AA19-5FF380ACACB2}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [UDP Query User{73F279FA-53CF-48FE-A553-1E0B8FC166B8}D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe] => D:\program files\ti education\ti-nspire cx cas student software\jre\bin\java.exe
FirewallRules: [TCP Query User{6DE1E719-63B5-4576-B897-D0F84381DEF8}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [UDP Query User{F9F9238C-3D94-4313-A36B-F12286D6E3FC}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [TCP Query User{1EBD238E-E99B-4FA9-A265-A23D236A8E65}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F851EE0D-3A49-4439-8C68-A69C6D9CEEA9}C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v162\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{C17A6E90-307B-4DC3-9532-A72BA28D7E13}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{B970B650-6B58-46DE-A066-6A50591E1372}C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v162\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{4885D9A4-32E1-4EE4-A6D6-2CD6A165F75E}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [UDP Query User{917B4B7E-E7CC-4B0E-B1F0-125B3B6D5984}C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe] => C:\program files\ansys inc\v162\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [TCP Query User{ACEC9B2F-DF32-4388-A0EA-4D2D3C70FFD5}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{582E496F-B3A3-4386-8766-57BE89BD4B1B}C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe] => C:\program files\ansys inc\v162\ekm\programs\jre1.7.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{BB0B7764-C3C8-44E5-8B52-7653B442EF30}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{51D51782-0836-4ED0-8566-6C2F121A9206}C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v162\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{4A78CA10-FC43-4BD2-ADEB-4A47B746AE3A}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{D2254D85-9005-4F98-93D0-52A8C2ED9525}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{2DEC6473-76A8-41EA-A1A0-C0B7C9CEE5DA}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{A57FFF96-FF6C-433D-A24B-61F6189CDA82}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{FF580F0A-613B-47ED-B66B-C4C2F7A53FC5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{299694CD-1A03-40CF-8D18-227E42292E3D}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{D536004E-885D-48A6-93A0-E9F7523AA42E}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{1D5E4472-2548-4043-AB60-EC42950134F6}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [TCP Query User{F33BA93F-F801-462A-B847-54A7DA65D394}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [UDP Query User{89140C2A-C301-440F-9B0B-55A1430F42F8}C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe] => C:\program files (x86)\ptc\creo\platform\3.119\creoagent.exe
FirewallRules: [TCP Query User{4972AA5E-476F-45E9-BD9A-AB6BBADE6B20}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [UDP Query User{1FF0173E-13B4-4BB1-906C-129DD6A070F7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\nms\nmsd.exe
FirewallRules: [TCP Query User{80E67AB3-DB1B-42C5-98F1-C5DC7F732118}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [UDP Query User{6EC3A2E6-D98E-4EAA-9279-D3B1DCB1D873}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\xtop.exe
FirewallRules: [TCP Query User{5B5441CC-56B0-419E-83AE-3E373E83CED7}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [UDP Query User{69EC30FA-BE3F-4362-97A1-3000220A2465}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\pro_comm_msg.exe
FirewallRules: [TCP Query User{75BC380F-63F4-4AAF-8F2D-86FC7B46ADB5}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [UDP Query User{EDCCE7AB-6A5A-4A5D-8785-4339DEE39CE0}C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe] => C:\program files\ptc\creo 3.0\m070\common files\x86e_win64\obj\mcp_applet_async.exe
FirewallRules: [{0A636003-3528-479F-8A40-20195C0BAD19}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{5738DAF4-AD22-4F63-A7E7-5CA0BB909BBF}] => D:\Program Files\Steam\Steam.exe
FirewallRules: [{A62542E4-7F5D-45F8-A2B0-4CA9D2A4BBEC}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C0775954-FCAC-4C2F-B276-D9F05337E5F1}] => D:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{5515167E-A3F5-48F5-AEA8-1685AE0269D0}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{4C84F3A0-9CC9-4F32-9C47-17FBBD06D737}] => D:\Program Files\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{97DE6410-F758-4E29-9CFB-20600C2CD63B}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{71BD6B01-060A-4125-81F1-FF8EF36174CB}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{5CC2725D-23C4-453E-B829-828BF6862000}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{F903E9B5-DEF2-4B28-8B5B-77476C142E87}C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe] => C:\program files\ansys inc\v171\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{3A2C031E-F5BE-49A9-950D-8617A663A885}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [UDP Query User{654AC3D1-940C-4C80-BACC-7E0DF0BAB385}C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansyswbu.exe
FirewallRules: [TCP Query User{7EA91798-653B-4713-BA6D-C35C5FC66161}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{00173B88-63BE-410F-999B-D0BDF30559EA}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4D9CF4CC-8906-485F-A554-9FF6616F8243}] => LPort=50493
FirewallRules: [{5BFEFDB5-F338-43E5-B4A3-B7447F59592A}] => LPort=5000
FirewallRules: [TCP Query User{D1104671-7D82-4552-8374-503FEFC7B173}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{F1C4EE4E-7133-4A70-8A5B-EB715DECB5DB}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{F4EBC012-4C9B-4B0A-9055-5536ABCA72A0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [{8C3B5AE5-D1B4-4CCE-8ED6-D165DCD70224}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{181AFDF0-B145-494C-B1A8-AD05EB416DC7}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{0964230A-1291-4FC4-943E-30A6BA863DDA}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{C14C2B35-2BBB-4FA6-996E-58A62F434429}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [{9CD0AAF4-97AC-40A2-A76D-BEDEA81C38ED}] => C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [TCP Query User{C3C87D8E-2C32-439A-8F0F-719898DD5826}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [UDP Query User{DEB563F4-3720-4101-97E9-672EF2052C51}C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe] => C:\matlab\supportpackages\r2016a\arduino-1.6.1\java\bin\java.exe
FirewallRules: [TCP Query User{D5720B77-6C66-485F-A890-AE3C1FDD4D5D}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{14236913-4D2D-4B50-891D-70654771B034}C:\users\strat_000\appdata\local\akamai\netsession_win.exe] => C:\users\strat_000\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{46FF2D9A-0F3F-4749-8962-71D740E7BD8C}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [UDP Query User{3FDF8896-5053-4299-896A-5ED8651D03CD}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [TCP Query User{1947A3A6-BDAD-4763-A046-0C9E6D5B6771}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [UDP Query User{039B220B-08A5-4922-9AFE-9B053FE53476}C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{F70DB554-098B-4EF5-B2F3-9C347B478D6D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{46263FF4-0425-425D-92E7-327CA4A7825D}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\pmi_proxy.exe
FirewallRules: [{B0695D51-3E61-4BB7-A8FF-63FC28B5E5AC}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{20096A1E-9D0E-4E3C-AC1B-3188FC7530DE}] => C:\program files\ansys inc\v171\commonfiles\mpi\intel\5.0.3.048\winx64\bin\mpiexec.exe
FirewallRules: [{106A88F1-F0A2-4C7F-95F5-76440A08A109}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{694EF472-82E0-4B7D-9EEB-06E46A391E8C}] => D:\Program Files\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{4F0AB3CD-890E-4BDA-9033-DE79A3086B02}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{04D43F88-030A-4275-90D9-B882D7B65DCB}] => D:\Program Files\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [TCP Query User{20FA449C-E079-41C2-8DA1-F447D545414C}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{EF374B26-590B-40F1-B24A-FEA487E921D9}D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{32CDE5DF-70E7-4F3C-A8B5-A29D48CA988A}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{F4D862D1-D1A1-4A3F-AF09-2078C5CBB85D}] => D:\program files\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{69775E32-E8E9-4362-97C3-F7A9CBDA8525}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [UDP Query User{4A620198-4132-4148-B93E-F8D86B2B9D25}D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{4A67E9AE-AACC-4961-9B75-1F3439B9543F}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [{3B976257-3BFA-4EBE-8BB2-A298998E620C}] => D:\downloads\downloader_warcraft3_reign_of_chaos_dede.exe
FirewallRules: [TCP Query User{64A35C27-ECCA-4350-9E9D-6F48F563B16F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{C194F2B0-14E4-4202-B1EB-A17AAFBE472F}D:\program files\warcraft iii\war3.exe] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{27694D1D-CE53-4337-A629-6438BC9B595F}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [{5DD6108B-F61F-444A-A634-0D589383E649}] => D:\program files\warcraft iii\war3.exe
FirewallRules: [TCP Query User{CF9F0323-F072-41EE-A4CD-4E84DE85A040}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [UDP Query User{5282506B-AE01-498B-A92B-1D12F4494477}C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{E4899B7C-A00E-42E1-B2B7-BE38D598F81D}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [{1C74F810-9F65-45A2-9DAB-7F97D157C1FE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\readerhostu.exe
FirewallRules: [TCP Query User{81F94168-96C9-45EB-8652-BE3BD3F2B9F4}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [UDP Query User{F6A69B8B-99EF-4BD9-8D85-E04716828D68}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [TCP Query User{CE76F80C-48AA-49BE-9A9F-BB919E849C38}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [UDP Query User{4594E7F3-EEFB-4329-B389-B9EBABB92B6A}C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{C92CDDCF-7D42-4A37-923A-04D4F6EA03FA}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [{28D42510-D9E4-486E-935F-8ADD84027A22}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.taskhost.exe
FirewallRules: [TCP Query User{8D518D0C-9081-43D1-A35E-4A3D61ECAA26}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [UDP Query User{E6DDC5CA-990D-4429-87FC-429787D074BC}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [TCP Query User{A9308F64-3D8A-49D5-9780-9D5272C10846}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [UDP Query User{1EF6429A-E3A4-463B-8D24-664237591AE5}C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [TCP Query User{CA864C90-D777-424C-9067-AE34B478CA81}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [UDP Query User{B56F3383-3890-4B7D-9A9A-B7CF30770440}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{1E2D9886-F380-4CC3-9D56-EBCE047B98C5}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [{85A45DD1-885B-448A-9847-9EED796FC0AE}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.slave.exe
FirewallRules: [TCP Query User{D6EAD59A-051B-4164-8D14-92B0FB3FA209}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [UDP Query User{AFD99344-E596-4C15-8D09-43C01C6F5147}C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{A963F426-DD88-4783-9D87-EC3196206352}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{14EA7183-AEC1-429B-A934-88FE71957385}] => C:\program files\ansys inc\v171\aisol\bin\winx64\ansys.solvers.autodyn.exe
FirewallRules: [{4FF6F839-621D-4491-BC40-481DF3A19C3B}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{5D8BEBD9-40C4-4F16-BA6F-4CEB81EBADD2}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpid.exe
FirewallRules: [{53BA2B6B-7B76-4BF6-9F28-51D8247E91C7}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{51E257FE-69C3-4533-A2BF-87FDF4071BDF}] => C:\program files\ansys inc\v171\commonfiles\mpi\platform\9.1.3.1\winx64\bin\mpirun.exe
FirewallRules: [{DF1FBDD4-D8FB-4F17-906B-C47C5D624AD0}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{18143208-C801-4688-B8BB-FF6F7378727F}] => C:\program files\ansys inc\v171\rsm\bin\ans.rsm.uphost.exe
FirewallRules: [{F7663B8E-CFAF-4CF7-8A7D-D03E77013CFD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{22B27A22-A3EB-40B6-AA3A-8789F8C685EF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1245765-4B2B-4084-8997-28FC0ACF475C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{50C231A1-9929-46DE-AADD-807BDF05C814}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{87934A71-4B39-4944-A8E3-90F676C4A92E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D63EBAAC-B876-422E-81B5-5BB553605661}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{91E0B6DC-23B6-4396-B1DD-D9B19EB86A4E}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5F2186F5-EE4E-43F9-9B85-2D397956E30C}] => D:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6491CDB2-3611-4C02-9CDE-737D98D6D464}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E634B76F-4585-4DBE-A792-E9B02D8AAB34}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BF7A02F5-D851-46C1-A7AA-EE92C087AE9E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{772C1C15-151E-486D-B246-E93ADFA57B7E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F76B77B6-20E9-4A11-812F-96EEE09AD674}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CF1F6B31-7E25-4BD7-9684-F6E7DE3264AD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{16B2691B-1D96-4DD6-A464-CF435E3BBBF0}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{739CA301-3C83-4909-A25E-5D095F10AF80}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{22EC3136-CADE-4416-9D77-F40268D55AD2}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{C229CA86-D1D2-4089-A45B-2E31E803BAF1}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{4F08CF52-B016-4A68-944C-1304C9C0BE35}] => C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
FirewallRules: [{CD4A55A3-AC69-4910-B11D-11764353D2A1}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}] => C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
FirewallRules: [{EE18F89F-A23A-4E32-97A7-6130C9EE58F9}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{177C89B0-4EA5-426D-AF16-50FF2F619991}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{9FD36F7A-96E2-4353-B5E3-FDF73C79E680}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [{9F6029FF-4CC7-4BAD-8731-0F7014432B76}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{336C1EC1-46B7-4511-ADF1-6F9189281BEE}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{67F283D0-13BF-42AA-8B84-DED70E4BB1B6}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{C80AD0C9-2D15-42FE-BEBE-CFCA134132C2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5FA80B06-0608-4989-AEE8-F34289CACB2D}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{0F8CF37E-9E3B-4498-AACC-881A689E8D02}] => D:\Program Files\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4DB7C15D-5483-4EE7-9942-F2D610C4C259}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{B52D4938-2A70-4EBD-BDCC-829EF072AE13}] => D:\Program Files\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe
FirewallRules: [{5B6C4EA5-9266-4C63-8B68-10FA23492FB6}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{54F453BB-4C87-4F62-BE60-7B0729365AB1}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{351C1CC4-64DE-4D5F-ABAC-7BF7C2347AEC}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{044A6B93-D306-4825-B95B-D743067ECAAB}] => D:\Program Files\Steam\steamapps\common\Stronghold 2\Stronghold2.exe
FirewallRules: [{15A66BEC-7E64-45E5-864E-AF6822B0CF11}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{DC60EA33-BBA8-483B-80DF-DEAA10E33C64}] => D:\Program Files\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{A1E5E47B-4195-461D-8CAE-DA868D6F43B2}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9F051BF0-FC11-487A-927A-8F2437AF7B54}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{723D36AD-083D-4C5A-A22E-B002AE15BCBF}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B4D7AA00-3790-4020-B77B-7F57931A417C}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9135C4D-51E5-484D-B4BC-0C61F0335FE1}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{95FC9F15-2B45-477A-87F9-B826F7BA3099}] => D:\Program Files\Steam\steamapps\common\Risen 2\system\Risen2.exe
FirewallRules: [{AA10F175-C941-43F5-A3A2-A72009C3C90E}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{79851F8F-EE44-4131-89BE-3DADD6AE3036}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{D715EC5C-D0BF-4C58-BE58-729955EC782B}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [UDP Query User{B828D04C-D74B-4C96-AABB-54C982E4B185}C:\python27\python.exe] => C:\python27\python.exe
FirewallRules: [TCP Query User{531F659E-39C5-4577-8966-836B4C42D79B}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [UDP Query User{7CD72028-EA1D-4721-A985-E3CD2FEE964D}C:\python34\python.exe] => C:\python34\python.exe
FirewallRules: [{26F2EFD9-72A1-42E7-9866-344CEC330888}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{8C9F4D70-C2F8-4DD5-8A5D-938F4040A0CD}] => D:\Program Files\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{11E81A1B-0517-4146-83F2-7552DFFBC9FD}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4BBCB332-05EF-4C18-AF9D-16D4F81F58C1}] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/11/2017 06:38:03 PM) (Source: MsiInstaller) (EventID: 11310) (User: STRATOS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Strat_000\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (02/11/2017 06:37:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: STRATOS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Strat_000\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (02/11/2017 06:37:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\Strat_000\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 51.0.2683.0,language="*",type="win32",version="51.0.2683.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (02/11/2017 06:37:09 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: Can't listen for HTTP on :8080 .
Error: (02/11/2017 06:37:09 PM) (Source: LabVIEW) (EventID: 3299) (User: )
Description: LabVIEW information: Error: Can't open a socket on , port 8080 .
Error: (02/11/2017 06:37:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (02/11/2017 06:37:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
Error: (02/11/2017 06:37:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
Error: (02/11/2017 06:37:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
Error: (02/11/2017 06:37:01 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
System errors:
=============
Error: (02/11/2017 06:41:33 PM) (Source: DCOM) (EventID: 10010) (User: STRATOS)
Description: The server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} did not register with DCOM within the required timeout.
Error: (02/11/2017 06:39:32 PM) (Source: DCOM) (EventID: 10010) (User: STRATOS)
Description: The server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} did not register with DCOM within the required timeout.
Error: (02/11/2017 06:37:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/11/2017 06:36:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/11/2017 06:31:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (02/11/2017 06:31:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2017 06:31:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2017 06:31:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application Local Management Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2017 06:31:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NI Application Web Server service terminated unexpectedly. It has done this 1 time(s).
Error: (02/11/2017 06:31:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NI mDNS Responder Service service terminated unexpectedly. It has done this 1 time(s).
CodeIntegrity:
===================================
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.621
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-02-02 20:23:01.620
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-01-18 15:02:37.473
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-18 15:02:37.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-15 15:36:28.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-01-08 12:31:47.580
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4702HQ CPU @ 2.20GHz
Percentage of memory in use: 19%
Total physical RAM: 16287.06 MB
Available physical RAM: 13148.45 MB
Total Virtual: 18719.06 MB
Available Virtual: 15677.5 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:226.66 GB) (Free:42.37 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.64 GB) (Free:180.49 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 993AD5C7)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 36A8EBAC)
Partition: GPT.
==================== End of Addition.txt
|
|
12.02.2017, 14:18
| #14 |
| /// TB-Senior | Win 10, Trotux eingefangen Hi! wir überprüfen noch auf Reste: Schritt 1: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: dir C:\Users\Strat_000\AppData\Roaming\{FC44CAFF-D916-A789-B220-805B6EF27D65}
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: ESET Online Scanner
Schritt 3:
Macht der PC noch Probleme?
__________________ Gruß Tician |
|
12.02.2017, 20:27
| #15 |
| | Win 10, Trotux eingefangen Hallo. Hier die Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 12-02-2017
Ran by Strat_000 (12-02-2017 14:40:42) Run:2
Running from C:\Users\Strat_000\Desktop
Loaded Profiles: Strat_000 (Available Profiles: Strat_000 & Guest & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
cmd: dir C:\Users\Strat_000\AppData\Roaming\{FC44CAFF-D916-A789-B220-805B6EF27D65}
*****************
========= dir C:\Users\Strat_000\AppData\Roaming\{FC44CAFF-D916-A789-B220-805B6EF27D65} =========
Volume in drive C is OS
Volume Serial Number is 3683-A2B3
Directory of C:\Users\Strat_000\AppData\Roaming\{FC44CAFF-D916-A789-B220-805B6EF27D65}
04.10.2016 16:22 <DIR> .
04.10.2016 16:22 <DIR> ..
0 File(s) 0 bytes
2 Dir(s) 45ÿ232ÿ451ÿ584 bytes free
========= End of CMD: =========
==== End of Fixlog 14:40:42 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2501527d58da5b4db65a31ada0c547ed
# end=init
# utc_time=2017-02-12 01:42:39
# local_time=2017-02-12 02:42:39 (+0100, W. Europe Standard Time)
# country="Switzerland"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32380
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2501527d58da5b4db65a31ada0c547ed
# end=updated
# utc_time=2017-02-12 01:46:03
# local_time=2017-02-12 02:46:03 (+0100, W. Europe Standard Time)
# country="Switzerland"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2501527d58da5b4db65a31ada0c547ed
# engine=32380
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-02-12 06:53:14
# local_time=2017-02-12 07:53:14 (+0100, W. Europe Standard Time)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 863489 18256210 0 0
# scanned=1910090
# found=22
# cleaned=0
# scan_time=18431
sh=D7EA0AE5159E788E00CCC0AE73C443A17B9B3BCF ft=1 fh=8efe812bf75075a5 vn="Variante von Win32/Adware.ELEX.CH Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\rhhqgxfvgzbafjgagmmxxxdojbxzsemy.back"
sh=2B8384F562EA2CC9B8136217EB37094F0D237D88 ft=1 fh=0e7c1d87e4f80cd2 vn="Variante von Win32/Adware.ELEX.ES Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ccfioxuqfavhlclgwguajcsntjhwqvmm\GubZL.dll"
sh=A88F4D001C9D293888FC5EFF9B87EC68A1FC906D ft=1 fh=c71c0011cdeb7a96 vn="Variante von Win32/Adware.ELEX.EI Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dobwndiqbjtiolsiguwfhqpwjvwlckiv\Archer.dll"
sh=AC5FEDFAD1F51462A0230F9F0EEDA5969AA1E71B ft=1 fh=c22081ce43fdba6e vn="Variante von Win64/Adware.ELEX.N Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\ulyuiudlshhsrvxpcgzfbtfjyzslruou\local64spl.dll"
sh=1A1BD5C0CCBB29B5EA844771968C5F78A1565593 ft=1 fh=cddf40cb17b4e962 vn="Variante von Win32/Adware.ELEX.CP.gen Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zkqkkxbahonkxuudxsmhyvjaqifakxlv\rdkhst.dll"
sh=8EA7B10523F978E5FB0925F46A3615CC08C1E98D ft=1 fh=02370f1350087865 vn="Variante von Win32/InstallCore.AHH eventuell unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\ExtOffer.exe"
sh=632B666420DA5270B41A58BDC43982B4EE38F427 ft=1 fh=a57778b166ee2955 vn="Win32/DownloadGuide.F eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\computerbild\CC_Tiberiumkonflikt_CB-DL-Manager.exe"
sh=D5563E41F74C388DAD8BC10E0ED9B1910AA07000 ft=1 fh=29a7990b25092dae vn="Win32/DownloadGuide.F eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\computerbild\SWTOR_setup_CB-DL-Manager.exe"
sh=D68BAE0EF7A0B0231528AF73F98954420A72D160 ft=1 fh=bbecfb27d17cc951 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\LaTeX\LyX-2.1.2-Bundle-1 - CHIP-Installer.exe"
sh=959B45FFBD6175B9B88B549D15F5736FF0FD5503 ft=1 fh=fb5bc65d9fbc654e vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\LaTeX\Texmaker - CHIP-Installer.exe"
sh=261D7B458C69AA277694D1C2A896895A67C41D34 ft=1 fh=a2aaa2f06157e3a4 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\Mozilla\FileZilla - CHIP-Installer.exe"
sh=E5C55A8378B1C4160C5186B5D8FD8EB532FE2B11 ft=1 fh=2ec967d6127f91d6 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\mySQL\MySQL - CHIP-Installer.exe"
sh=077B35698B3E92A0B33354FAE665C224D43C146C ft=1 fh=c2c81c1de3a5742d vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\Samsung\Samsung Kies - CHIP-Installer.exe"
sh=FA3FA13A62F7DA07B9FB1605E45F59A7BD4980CD ft=1 fh=973c8df294d9ffae vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\Scriptly\Webocton Scriptly - CHIP-Installer.exe"
sh=9982C31040C7CFA25C0E39281D47608CB73CB519 ft=1 fh=0a788a39878076d8 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\SyncToy\Microsoft SyncToy 64 Bit - CHIP-Installer.exe"
sh=F3310B522EBE7346573F29431899879AB195CF2F ft=1 fh=b58a4707f025fe6a vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\Texmaker\Texmaker - CHIP-Installer.exe"
sh=1A41E22E5024A9D32ECC45F6CF1AABE1664E690D ft=1 fh=e2fa913b606fd732 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\TinyCAD\TinyCAD - CHIP-Installer.exe"
sh=35E1EA132588CC520CD9F01B1DD7F1774683BE99 ft=1 fh=644a178be0351f95 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Strat_000\Downloads\VLC\VLC media player 64 Bit - CHIP-Installer.exe"
sh=77F60783CBFF077A441747379659256924C84F3C ft=1 fh=33b6c9521df0f4f8 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-968931954-2191872932-1542864395-1001\$R7MQ6ZG.exe"
sh=5E4B7B74528993A14BABAEB66EAB52C194F6CF5D ft=1 fh=2e78314a90516de4 vn="Variante von Win32/InstallMonstr.QJ eventuell unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-968931954-2191872932-1542864395-1001\$RGJ4GTK.exe"
sh=6CF5BA76B709AED07A5AB7EF68FEF61C6AB8FA49 ft=1 fh=7e6279b3755277c0 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-968931954-2191872932-1542864395-1001\$RLESRDF.exe"
sh=6305D38424DBB94F3CA5EB7A89A94C7F2F3E08CF ft=1 fh=c98136a82575c011 vn="Variante von Win32/InstallCore.AHH eventuell unerwünschte Anwendung" ac=I fn="D:\Downloads\FreeYouTubeDownload_4.1.24.627.exe"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2017 Ran by Strat_000 (administrator) on STRATOS (12-02-2017 20:23:37) Running from C:\Users\Strat_000\Desktop Loaded Profiles: Strat_000 (Available Profiles: Strat_000 & Guest & DefaultAppPool) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Dassault Systemes) C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe (3Dconnexion) D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe (MakerBot) D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe (Autodesk, Inc.) D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe (National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Malwarebytes) C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation) C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\PickerHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1701.10102.0_x64__8wekyb3d8bbwe\Calculator.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.693_none_42ff55c9655f38bf\TiWorker.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-23] (Dell Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] () HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-11-14] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15120504 2016-02-18] (Logitech Inc.) HKLM\...\Run: [3DxWare Service] => D:\Program Files\3Dconnexion\3DxWinCore64\3DxService.exe [2160512 2015-12-10] (3Dconnexion, INC) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-06] (Synaptics Incorporated) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-29] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files\Mathcad PDSi\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1059696 2016-06-17] (Jumping Bytes) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Chromium] => c:\users\strat_000\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Strat_000\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\RunOnce: [Uninstall C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64" HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ OCError] -> {0960F090-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCErrorShared] -> {0960F091-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOK] -> {0960F092-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCOKShared] -> {0960F093-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSync] -> {0960F094-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCSyncShared] -> {0960F095-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarning] -> {0960F096-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ OCWarningShared] -> {0960F097-F328-48A3-B746-276B1E3C3722} => C:\Program Files (x86)\SWITCHdrive\shellext\OCOverlays_x64.dll [2015-05-14] (ownCloud Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2016-07-16] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Strat_000\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-29] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2016-12-21] ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation) Startup: C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-01-31] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24320 2012-05-31] (National Instruments Corporation) Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26368 2012-05-31] (National Instruments Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{967ad987-0ffd-4422-95f2-d84719f0d1ec}: [DhcpNameServer] 192.168.0.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-968931954-2191872932-1542864395-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB SearchScopes: HKU\S-1-5-21-968931954-2191872932-1542864395-1001 -> DefaultScope {CA0DAA8E-8BDE-4309-AD1D-7AC2B53D2658} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-05] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-05] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default [2017-02-11] FF NewTab: Mozilla\Firefox\Profiles\bcrhru5j.default -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\bcrhru5j.default -> Amazon.de FF Keyword.URL: Mozilla\Firefox\Profiles\bcrhru5j.default -> user_pref("keyword.URL", true); FF Extension: (Codebender.cc Plugin) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\codebender@codebender.cc [2016-04-14] FF Extension: (Speed Manager Plus) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{936216dc-1346-4a00-9d4d-ee8a61977a6d}.xpi [2016-05-18] [not signed] FF Extension: (Speed Addon) - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\Extensions\{afebcc45-0538-4b91-9ab9-4390df4928c2}.xpi [2015-12-19] [not signed] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\ecosia.xml [2016-04-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-images.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\google-maps.xml [2014-10-29] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\qwantcom.xml [2015-04-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\start-page.xml [2016-11-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage---deutsch.xml [2017-01-21] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\startpage-https---deutsch.xml [2017-02-08] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\wikispaces-arduino-info.xml [2016-02-19] FF SearchPlugin: C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\searchplugins\youtube.xml [2015-11-21] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-03] [not signed] FF HKU\S-1-5-21-968931954-2191872932-1542864395-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Strat_000\AppData\Roaming\Mozilla\Firefox\Profiles\bcrhru5j.default\extensions\cliqz@cliqz.com => not found FF Plugin: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin\NP3DXMLPlugin.dll [2014-05-23] () FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-24] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @3ds.com/3dxml -> C:\Program Files\Dassault Systemes\3D XML Player\win_b64\code\bin32\NP3DXMLPlugin.dll [2013-07-10] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-24] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-05] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv2012win32.dll [2012-10-04] (National Instruments) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR DefaultProfile: ChromeDefaultData CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 BBDemon; C:\Program Files\Dassault Systemes\B25\win_b64\code\bin\CATSysDemon.exe [53520 2014-12-12] (Dassault Systemes) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-12-13] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-08] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-07-22] (Digital Wave Ltd.) R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation) S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation) R2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2011-05-06] (National Instruments, Inc.) R2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [50328 2012-06-05] (National Instruments Corporation) R2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [60568 2012-06-05] (National Instruments Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-02-18] (Logitech Inc.) R2 MakerBot Conveyor Service; D:\Program Files\Makerbot\MakerWare\conveyor-svc.exe [85504 2016-01-01] (MakerBot) [File not signed] R2 MBAMScheduler; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 Mgl3DCtlrRPCService; D:\Program Files\3Dconnexion\3DxWinCore64\Mgl3DCtlrRPCService.exe [57856 2015-12-10] (3Dconnexion) [File not signed] R2 mitsijm2014; D:\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.) R2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [53960 2012-05-22] (National Instruments Corporation) S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [76488 2012-05-22] (National Instruments Corporation) R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [370328 2012-06-05] (National Instruments Corporation) R2 niLXIDiscovery; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [236768 2012-06-06] (National Instruments Corporation) R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [258776 2012-05-31] (National Instruments Corporation) R2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [53952 2012-05-22] (National Instruments Corporation) R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-11-14] (NVIDIA Corporation) S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-22] (SoftThinks SAS) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-09-29] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 3dxhid; C:\WINDOWS\System32\drivers\3dxhid.sys [39184 2015-11-07] (3Dconnexion SAM) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation) R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation) R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation) R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-10-02] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-02] (Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2017-01-20] () R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation) R3 KMJHidMini; C:\WINDOWS\System32\drivers\3dxkmj.sys [18944 2015-11-07] (3Dconnextion Inc.) R3 KMJShim; C:\WINDOWS\System32\drivers\3dxshim.sys [7168 2015-11-07] (3Dconnextion Inc.) S3 LAN7500; C:\WINDOWS\system32\DRIVERS\lan7500-x64-n630f.sys [105960 2015-07-22] (SMSC) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM) R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [140672 2016-03-10] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-02-11] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-12] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [4112656 2015-09-23] (Intel Corporation) S3 nidimk; C:\WINDOWS\system32\drivers\nidimkl.sys [12968 2012-01-27] (National Instruments Corporation) S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [12952 2011-07-01] (National Instruments Corporation) S3 nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [914624 2012-06-06] (National Instruments Corporation) S3 nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [12520 2012-06-06] (National Instruments Corporation) R0 nipbcfk; C:\WINDOWS\System32\drivers\nipbcfk.sys [16984 2012-01-12] (National Instruments Corporation) S3 NiViPciK; C:\WINDOWS\System32\drivers\NiViPciKl.sys [13008 2012-06-06] (National Instruments Corporation) R2 NiViPxiK; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [13008 2012-06-06] (National Instruments Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmwu.inf_amd64_26aa6356770b2e86\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation) R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-09-06] (Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics) S3 USBTINSP; C:\WINDOWS\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R3 VSTWinDriver6; C:\WINDOWS\system32\drivers\VSTwindrvr6.sys [252928 2015-08-27] (Jungo) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-12 20:23 - 2017-02-12 20:23 - 00038490 _____ C:\Users\Strat_000\Desktop\FRST.txt 2017-02-12 14:42 - 2017-02-12 14:42 - 00000000 ____D C:\Program Files (x86)\ESET 2017-02-12 14:41 - 2017-02-12 14:41 - 02870984 _____ (ESET) C:\Users\Strat_000\Desktop\esetsmartinstaller_deu.exe 2017-02-12 14:40 - 2017-02-12 14:40 - 00000960 _____ C:\Users\Strat_000\Desktop\Fixlog.txt 2017-02-11 18:40 - 2017-02-11 18:40 - 00000109 _____ C:\Users\Strat_000\Desktop\2.txt 2017-02-11 18:31 - 2017-02-11 18:36 - 00031413 _____ C:\Users\Strat_000\Desktop\Fixlog_2.txt 2017-02-11 18:30 - 2017-02-12 14:40 - 00000000 ____D C:\Users\Strat_000\Desktop\FRST-OlderVersion 2017-02-09 18:45 - 2017-02-11 18:42 - 00143418 _____ C:\Users\Strat_000\Desktop\Addition_2.txt 2017-02-09 18:44 - 2017-02-09 18:45 - 00075490 _____ C:\Users\Strat_000\Desktop\FRST_alt (2).txt 2017-02-09 18:41 - 2017-02-09 18:41 - 00010727 _____ C:\Users\Strat_000\Desktop\mbam.txt 2017-02-09 18:11 - 2017-02-09 18:11 - 00000914 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\Users\Strat_000\Desktop\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2017-02-09 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-02-09 18:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2017-02-09 18:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2017-02-09 18:09 - 2017-02-09 18:10 - 22851472 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mbam-setup-2.2.1.1043.exe 2017-02-09 18:08 - 2017-02-09 18:08 - 00001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-02-09 18:07 - 2017-02-09 18:07 - 55566792 _____ (Malwarebytes ) C:\Users\Strat_000\Desktop\mb3-setup-consumer-3.0.6.1469.exe 2017-02-09 18:04 - 2017-02-09 18:04 - 00001133 _____ C:\Users\Strat_000\Desktop\JRT.txt 2017-02-09 18:02 - 2017-02-09 18:02 - 01663040 _____ (Malwarebytes) C:\Users\Strat_000\Desktop\JRT.exe 2017-02-09 17:57 - 2017-02-09 17:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2017-02-09 17:50 - 2017-02-09 17:50 - 04015056 _____ C:\Users\Strat_000\Desktop\AdwCleaner_6.043.exe 2017-02-09 17:43 - 2017-02-09 17:43 - 00000875 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\Users\Strat_000\Desktop\Revo Uninstaller 2017-02-09 17:43 - 2017-02-09 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-02-09 17:41 - 2017-02-09 17:41 - 07097928 _____ (VS Revo Group ) C:\Users\Strat_000\Desktop\revo202setup.exe 2017-02-08 16:58 - 2017-02-08 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-08 16:45 - 2017-02-08 16:45 - 00237083 _____ C:\Users\Strat_000\Desktop\Addition_alt.txt 2017-02-08 16:44 - 2017-02-12 20:23 - 00000000 ____D C:\FRST 2017-02-08 16:44 - 2017-02-08 16:45 - 00083934 _____ C:\Users\Strat_000\Desktop\FRST_alt.txt 2017-02-08 16:38 - 2017-02-08 16:38 - 00251848 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\09CF649C.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2017-02-02 21:00 - 2017-02-12 14:40 - 02421248 _____ (Farbar) C:\Users\Strat_000\Desktop\FRST64.exe 2017-02-02 20:22 - 2017-02-11 18:37 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-02-02 20:22 - 2017-02-09 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-02-02 20:22 - 2017-02-02 20:22 - 00000000 ____D C:\Program Files\Malwarebytes 2017-02-02 20:22 - 2017-01-20 07:47 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-02-02 20:09 - 2017-02-02 20:09 - 00007000 _____ C:\Users\Strat_000\Desktop\AdwCleaner[C0]_alt.txt 2017-02-02 20:08 - 2017-02-02 20:08 - 00000000 ____D C:\WINDOWS\Panther 2017-02-02 20:04 - 2017-02-09 17:57 - 00000000 ____D C:\AdwCleaner 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Python34 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyScripter-x64 2017-01-30 15:54 - 2017-01-30 15:54 - 00000000 ____D C:\Program Files\PyScripter 2017-01-25 14:06 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2017-01-25 14:05 - 2017-01-25 14:06 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Deployment 2017-01-25 14:05 - 2017-01-25 14:05 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Apps\2.0 2017-01-25 12:59 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2017-01-25 12:59 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2017-01-24 21:36 - 2017-01-24 21:36 - 00000000 ____D C:\Users\Strat_000\Downloads\temp 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP 2017-01-24 20:21 - 2017-01-24 20:21 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Risen2 2017-01-20 20:12 - 2017-01-20 20:12 - 00000000 ____D C:\ProgramData\Firefly Studios 2017-01-20 20:11 - 2017-01-20 20:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade 2017-01-20 20:11 - 2017-01-20 20:11 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade 2017-01-20 17:15 - 2017-01-20 19:14 - 00000000 ____D C:\Users\Strat_000\Documents\Stronghold 2017-01-15 14:56 - 2017-01-15 15:40 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2017-01-15 14:56 - 2017-01-15 14:56 - 00000000 ____D C:\Program Files\Notepad++ ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-02-12 20:20 - 2016-09-28 20:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-02-12 18:51 - 2016-10-12 16:10 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Akamai 2017-02-11 18:44 - 2014-04-04 09:15 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-02-11 18:43 - 2016-09-28 21:00 - 01722656 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-02-11 18:37 - 2016-09-28 20:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-02-11 18:37 - 2016-03-27 09:41 - 00000000 __SHD C:\Users\Strat_000\IntelGraphicsProfiles 2017-02-11 18:36 - 2016-09-28 21:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-02-11 18:36 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2017-02-11 18:32 - 2015-08-06 08:55 - 00000000 ____D C:\Users\Strat_000\AppData\LocalLow\Temp 2017-02-11 18:31 - 2016-04-30 11:19 - 00002277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-11 18:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-02-10 17:30 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-02-09 19:08 - 2014-08-21 22:11 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Packages 2017-02-09 18:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF 2017-02-09 18:38 - 2014-09-23 15:50 - 00000000 ____D C:\Program Files (x86)\MDESIGN 2017-02-08 16:58 - 2016-11-08 20:54 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-02-08 16:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-02-02 21:53 - 2016-09-28 21:00 - 00000000 ____D C:\Users\Strat_000 2017-02-02 19:54 - 2016-12-21 17:02 - 00000000 ____D C:\Program Files (x86)\National Instruments 2017-02-02 19:54 - 2016-09-29 06:49 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-02-02 19:54 - 2014-08-22 21:03 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2017-01-30 15:50 - 2015-06-28 14:29 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Eclipse 2017-01-30 15:50 - 2015-06-28 14:23 - 00000000 ____D C:\Users\Strat_000\.p2 2017-01-29 09:32 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-01-25 13:19 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-01-24 20:05 - 2015-10-16 09:42 - 00000000 ____D C:\Users\Strat_000\AppData\Roaming\Ansys 2017-01-24 16:36 - 2015-09-12 07:18 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-01-24 16:17 - 2016-10-05 16:11 - 00000760 _____ C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2017-01-24 16:17 - 2016-10-05 16:11 - 00000463 _____ C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-01-24 10:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-01-24 10:06 - 2014-08-28 21:03 - 00000000 ____D C:\Users\Strat_000\AppData\Local\Adobe 2017-01-21 17:57 - 2015-11-04 21:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-21 12:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache 2017-01-21 10:32 - 2014-11-02 11:08 - 00000000 ___RD C:\Users\Strat_000\Dropbox 2017-01-20 17:15 - 2016-07-16 12:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2017-01-20 17:15 - 2016-07-16 12:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2017-01-13 16:07 - 2014-08-21 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-01-13 16:04 - 2016-09-28 20:56 - 00446272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-01-13 16:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-01-13 10:19 - 2016-09-28 21:14 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-01-13 08:38 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-01-13 08:37 - 2014-08-22 15:13 - 00000000 ____D C:\Program Files\Microsoft Office 15 ==================== Files in the root of some directories ======= 2016-02-16 20:23 - 2016-02-16 20:23 - 0001164 _____ () C:\Users\Strat_000\AppData\Roaming\CoolTerm_Prefs.plist 2016-10-05 16:11 - 2017-01-24 16:17 - 0000463 _____ () C:\Users\Strat_000\AppData\Roaming\MobileTool-Global.ini 2014-09-15 09:29 - 2016-10-05 16:27 - 0001390 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV3.ini 2016-10-05 16:11 - 2017-01-24 16:17 - 0000760 _____ () C:\Users\Strat_000\AppData\Roaming\MobileToolAnyConnectV4.ini 2016-10-03 10:51 - 2016-10-04 16:20 - 0000103 _____ () C:\Users\Strat_000\AppData\Roaming\WB.CFG 2015-09-05 20:13 - 2015-09-06 16:34 - 0000337 _____ () C:\Users\Strat_000\AppData\Local\Perfmon.PerfmonCfg 2016-12-29 18:14 - 2016-12-29 18:14 - 0013951 _____ () C:\Users\Strat_000\AppData\Local\recently-used.xbel 2016-09-28 20:58 - 2016-09-28 20:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-08-21 20:45 - 2014-08-21 20:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-02-09 18:25 ==================== End of FRST.txt ============================ |
|
| Themen zu Win 10, Trotux eingefangen |
| adobe, akamai, bonjour, browser, canon, chromium, defender, error, firefox, google, homepage, iexplore.exe, internet, internet explorer, launch, mozilla, realtek, registry, rundll, scan, security, server, services.exe, software, starten, system, virus, windows |
dann auf 
und dann auf 
. 
