Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2017
Ran by Ell (22-09-2017 20:25:46)
Running from C:\Users\Ell\Desktop
Windows 8.1 (Update) (X64) (2015-08-16 18:49:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1066567997-190004360-2357831206-500 - Administrator - Disabled)
Ell (S-1-5-21-1066567997-190004360-2357831206-1002 - Administrator - Enabled) => C:\Users\Ell
Guest (S-1-5-21-1066567997-190004360-2357831206-501 - Limited - Disabled)
lydia_000 (S-1-5-21-1066567997-190004360-2357831206-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Français (French) (HKLM\...\{5783F2D7-F001-040C-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk SketchBook Pro 7 (HKLM\...\{4448344E-76B2-45B7-826B-0D4110301533}) (Version: 7.21.0000 - Autodesk)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.4.19.3 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.7.27.15 - HP)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HydraVision (HKLM-x32\...\{89CE7F9B-B4DF-8585-638B-6BD807ADE9C7}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Kaspersky Internet Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Malwarebytes Anti-Malware v2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes Anti-Malware)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 fr)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.04 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.4.1 - Chaos Software Ltd)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17343 - Microsoft Corporation)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\fr-FR\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02608101-4B2C-4C3A-AC46-763F22DAE1BE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {070B7C78-446D-48F5-96A2-09911B5F508B} - \6ddde594-a416-47af-9f95-0592ff8a588d-5_user -> No File <==== ATTENTION
Task: {0DCEC632-F6F3-4654-AE6C-C4F4405EF3AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {26A8C566-44DF-4ABD-828E-89DA2A2FC1E2} - \6ddde594-a416-47af-9f95-0592ff8a588d-1-6 -> No File <==== ATTENTION
Task: {3113623E-C511-402E-B184-E471017D3C78} - \6ddde594-a416-47af-9f95-0592ff8a588d-7 -> No File <==== ATTENTION
Task: {408067FA-0ED4-4674-B7ED-CA37D678A4DC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software)
Task: {422A88ED-937C-4AA0-87D4-E2E05EF20010} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {441AB90F-4DF2-4642-8587-64E6E5A1C100} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2017-06-30] (AO Kaspersky Lab)
Task: {51905E34-A8AF-4CD6-BFE9-3EE501E6B774} - System32\Tasks\OrangeDefenderUpdate => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\updAvTask.exe
Task: {589D7632-EE07-4A81-87CF-8E5E6F8D65FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {58F5AD20-D72B-4C42-BEA1-0607C76B934F} - System32\Tasks\HPCeeScheduleForEll => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {6709E2ED-FE74-4D9D-901E-ABA2C8E8BF20} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {6C56D8CF-9516-4F24-BAFF-A45E1B015966} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lydia20011@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {745E12B5-1567-496F-A02D-B1AA58A3AEE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {7EF68824-5556-49EA-A432-96F78477D11D} - \6ddde594-a416-47af-9f95-0592ff8a588d-1-7 -> No File <==== ATTENTION
Task: {803C4409-B05B-4B80-BB63-145F78BFA37E} - \Crossbrowse -> No File <==== ATTENTION
Task: {83E33DDE-7469-4FF3-A557-308E54716CE7} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
Task: {907DDE22-2B97-452F-BFA5-379244620CA4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {97112D6A-D68E-499F-AF56-A84808212C5F} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe [2016-12-13] (Avira Operations GmbH & Co. KG)
Task: {97AD4B90-9C78-43BD-AF7C-1E49941E9095} - \6ddde594-a416-47af-9f95-0592ff8a588d-6 -> No File <==== ATTENTION
Task: {982668DB-6CC9-41A4-99A7-8A9A58C50C92} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A2EEE92A-DF8F-4B35-A081-FAD21BE263F4} - System32\Tasks\{02494B9A-40E1-4B06-BBCC-22C8B19C6CCE} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ell\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=2sq3
Task: {A2F73B79-A290-49AD-8CE6-8603BAA954BA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A814168E-0BEA-4D5F-BCA5-84521B2F14F5} - \6ddde594-a416-47af-9f95-0592ff8a588d-3 -> No File <==== ATTENTION
Task: {B4311AB7-59A6-43BB-85DC-E7FB00336BCB} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {C7C5ADD7-5FA9-4724-99F4-B656E9D415DA} - \6ddde594-a416-47af-9f95-0592ff8a588d-5 -> No File <==== ATTENTION
Task: {CB12FD54-63F6-4E33-A54A-815DA26AA8F1} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {CF702BC8-87E1-49DA-B312-1D7DA647A8AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D0E05102-DA02-430C-8EF8-83AF40634E99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E1350513-1C84-44F6-8D51-83BE46BB5E8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {E5949479-49A8-4C2F-8D22-1D4FD2E5EBE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {E7A184AD-8C9F-4DA1-86EB-48B79AD4D463} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe
Task: {EAF69D78-C9DA-4D55-B5B0-A4E0040018A6} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {F0E3EDA9-5CA8-4F04-B759-3EC20DBFD76C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F7E41EED-A5F5-4599-997C-E4C668736B0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {F8B591B3-C93F-4B73-A050-A34B2C83DBE7} - System32\Tasks\OrangeDefender => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
Task: {FFA41C1E-7DB0-4FB6-8B67-9C3FCC6A5535} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-15] (Microsoft Corporation)
Task: {FFC707CA-1B2D-4BBE-B807-6C873C843E7A} - \BackgroundContainer Startup Task -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEll.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\OrangeDefender.job => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-01 15:13 - 2014-05-01 15:13 - 000470016 _____ () C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-09-01 16:55 - 2017-09-01 16:55 - 000144384 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node
2017-09-01 16:55 - 2017-09-01 16:55 - 000200704 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node
2017-09-01 16:55 - 2017-09-01 16:55 - 000150528 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\proxydetect\proxydetect.node
2016-12-03 16:15 - 2014-12-05 03:27 - 000055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-12-03 16:15 - 2014-12-05 03:27 - 000104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2017-05-18 09:02 - 2017-05-18 09:02 - 040524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-02-19 08:06 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 keystone.mwbsys.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "AutoCAD Startup Accelerator.lnk"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "HP CoolSense"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "9F0FCC58F4532437C0990DE9760FFC474A266A75._service_run"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "BingSvc"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7A645B69-362E-4EE2-8CE5-DFACAC5603A8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{D782BA86-E313-4785-BE7A-E0AA52F761A6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{65FF2F08-B2FD-4C29-9A2D-6C4785952AA4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{59C4327E-1A5F-40D3-96DE-9C6743B154A6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{06204FF9-6E76-4B45-B4D2-44073EA1F8AE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{CC59BA0E-A4C8-4871-9697-B06BF0899AA2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{BA6E5C22-B696-4FC1-B8CA-F85D1810CFBC}] => (Allow) LPort=1900
FirewallRules: [{1BEF48EF-6072-421A-8229-D4CD8AFD3B5D}] => (Allow) LPort=2869
FirewallRules: [{9922D39D-8207-43D6-BC1C-81841DA5AE82}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{E882DFD6-5944-4807-BE36-9F7DCA638F09}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{26244B2B-CB95-44D1-9344-7C50E4F0EBCF}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5FA746C5-F586-4737-84E8-F57F0D04F477}] => (Allow) LPort=49470
FirewallRules: [{BE8B78FE-FE0C-42D6-B970-C6C314817AB6}] => (Allow) LPort=5000
FirewallRules: [{E9493B2E-A113-434D-8BCA-B0A9DB7C1FB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E8B0052-4BA3-4415-9091-F1EEAB51BC7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{467BE659-8B76-48CA-8656-5FD30461E852}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [UDP Query User{EC67D28C-4469-4103-945D-48A8FC530A77}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [{A140E2CE-A15F-4B68-8C30-8C88AAF5FA3D}] => (Block) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [{1723DA4D-2A86-4684-BB4A-AA5DAD470570}] => (Block) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [TCP Query User{14E85697-FDE0-478E-82DC-6D030F5A82AC}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Block) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [UDP Query User{F3C2753D-8C12-4615-BEA0-87B96BAC2B7E}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Block) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [TCP Query User{BB400C81-D32A-4452-8638-6539F56F8585}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{ADA83DE0-EFA8-4D8F-93A2-133C8634A97E}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [TCP Query User{A44F587B-1072-4901-8F6D-0E685D891933}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{D913DBAD-815B-4BF5-AFA1-0EADD9C66DA7}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{B28C77E1-1923-4202-9D5F-3D3C3CD5A09B}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{6D8006D1-E865-463F-849B-B53CB0BAA512}C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe
FirewallRules: [UDP Query User{E0EE1A84-9FAD-48B0-836D-5213151EA0A8}C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe
FirewallRules: [TCP Query User{C1293E44-8F8D-4A8C-84E9-11BAE4FCE15B}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Allow) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [UDP Query User{109B28AB-A439-46D6-B91C-1DC6D424AE00}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Allow) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [TCP Query User{634FB0B0-911A-4472-AA11-A1B3FD389474}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [UDP Query User{FE16509F-1FFD-4D6B-BB12-07E5FDB7ECC3}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [TCP Query User{BC75A0BD-FF96-4041-A81B-D6EF4E609126}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{DC319B7E-3628-4C30-B912-D22F179CE423}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{FE429DC8-2073-4C1C-91D0-38B8EB35CF6F}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{82F1BA54-DE6F-458E-955F-EFB82B0B005E}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{E3B78D5F-3064-4D51-842B-0B151E4EAFF2}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [UDP Query User{A3D2F767-4F8B-44AA-B262-ABB05FCD2865}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [TCP Query User{DA09C15C-FE37-4869-AC35-70FAE3BBA503}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4F640E3-6105-463A-971C-5AE1D5F9D92F}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F200758C-F4C0-401B-8AD2-2B1F9E92CCFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{364BF091-0FF2-4762-A9C2-AF8C4D7AFD53}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{482FA6CE-2CD5-4AF9-B6DF-E1668E8D7E3F}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{F851DB0B-E124-41D3-A091-24DACAB00F28}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
FirewallRules: [{7E9964E4-E2E0-4E69-864B-D50F5DA0A4B0}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/22/2017 08:25:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.SystemSpeedup.UI.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Avira.SystemSpeedup.UI.Systray.Program.Main()
Error: (09/22/2017 08:22:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1154
Start Time: 01d333d7760ba330
Termination Time: 4294967295
Application Path: C:\WINDOWS\system32\wwahost.exe
Report Id: 681e366d-9fcb-11e7-81e7-28924a4e870a
Faulting package full name: AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6
Faulting package-relative application ID: App
Error: (09/22/2017 06:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.SystemSpeedup.UI.Systray.exe, version: 3.1.0.4242, time stamp: 0x58502f1f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f32841
Exception code: 0xe0434352
Fault offset: 0x00015608
Faulting process ID: 0xdc0
Faulting application start time: 0x01d333c5bbbffd9f
Faulting application path: C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
Faulting module path: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Report ID: 26315c05-9fb9-11e7-81e6-28924a4e870a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/22/2017 06:11:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.SystemSpeedup.UI.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Avira.SystemSpeedup.UI.Systray.Program.Main()
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (09/22/2017 08:23:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP Support Solutions Framework Service service did not respond on starting.
Error: (09/22/2017 08:17:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service did not respond on starting.
Error: (09/22/2017 08:15:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Encryption Provider Host Service service terminated with the following error:
An exception occurred in the service when handling the control request.
Error: (09/22/2017 08:15:57 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The W3C Logging Service service depends on the following service: W3SVC. This service might not be installed.
Error: (09/22/2017 08:15:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Content Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/22/2017 08:14:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/22/2017 06:11:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service did not respond on starting.
Error: (09/22/2017 06:10:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Encryption Provider Host Service service terminated with the following error:
An exception occurred in the service when handling the control request.
Error: (09/22/2017 06:10:10 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The W3C Logging Service service depends on the following service: W3SVC. This service might not be installed.
Error: (09/22/2017 06:09:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Content Service service failed to start due to the following error:
The system cannot find the file specified.
CodeIntegrity:
===================================
Date: 2017-09-22 20:22:41.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 20:03:04.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:50:26.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:45:39.255
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:42:45.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:40:08.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:38:57.797
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:25:18.091
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:21:30.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:05:01.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 18%
Total physical RAM: 7770.26 MB
Available physical RAM: 6354.56 MB
Total Virtual: 8986.26 MB
Available Virtual: 7516.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:910.5 GB) (Free:762.73 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.8 GB) (Free:2.47 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E28E0A4)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Ell (22-09-2017 20:25:46)
Running from C:\Users\Ell\Desktop
Windows 8.1 (Update) (X64) (2015-08-16 18:49:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1066567997-190004360-2357831206-500 - Administrator - Disabled)
Ell (S-1-5-21-1066567997-190004360-2357831206-1002 - Administrator - Enabled) => C:\Users\Ell
Guest (S-1-5-21-1066567997-190004360-2357831206-501 - Limited - Disabled)
lydia_000 (S-1-5-21-1066567997-190004360-2357831206-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - Français (French) (HKLM\...\{5783F2D7-F001-040C-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk SketchBook Pro 7 (HKLM\...\{4448344E-76B2-45B7-826B-0D4110301533}) (Version: 7.21.0000 - Autodesk)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.4.19.3 - HP)
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.7.27.15 - HP)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HydraVision (HKLM-x32\...\{89CE7F9B-B4DF-8585-638B-6BD807ADE9C7}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Kaspersky Internet Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Malwarebytes Anti-Malware v2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes Anti-Malware)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 fr) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 fr)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4 - Mozilla)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.04 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.4.1 - Chaos Software Ltd)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17343 - Microsoft Corporation)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1066567997-190004360-2357831206-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\fr-FR\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-17] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\shellex.dll [2017-06-30] (Kaspersky Lab ZAO)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02608101-4B2C-4C3A-AC46-763F22DAE1BE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {070B7C78-446D-48F5-96A2-09911B5F508B} - \6ddde594-a416-47af-9f95-0592ff8a588d-5_user -> No File <==== ATTENTION
Task: {0DCEC632-F6F3-4654-AE6C-C4F4405EF3AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {26A8C566-44DF-4ABD-828E-89DA2A2FC1E2} - \6ddde594-a416-47af-9f95-0592ff8a588d-1-6 -> No File <==== ATTENTION
Task: {3113623E-C511-402E-B184-E471017D3C78} - \6ddde594-a416-47af-9f95-0592ff8a588d-7 -> No File <==== ATTENTION
Task: {408067FA-0ED4-4674-B7ED-CA37D678A4DC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-12] (AVAST Software)
Task: {422A88ED-937C-4AA0-87D4-E2E05EF20010} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {441AB90F-4DF2-4642-8587-64E6E5A1C100} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2017-06-30] (AO Kaspersky Lab)
Task: {51905E34-A8AF-4CD6-BFE9-3EE501E6B774} - System32\Tasks\OrangeDefenderUpdate => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\updAvTask.exe
Task: {589D7632-EE07-4A81-87CF-8E5E6F8D65FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-04-01] (HP Inc.)
Task: {58F5AD20-D72B-4C42-BEA1-0607C76B934F} - System32\Tasks\HPCeeScheduleForEll => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {6709E2ED-FE74-4D9D-901E-ABA2C8E8BF20} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {6C56D8CF-9516-4F24-BAFF-A45E1B015966} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lydia20011@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {745E12B5-1567-496F-A02D-B1AA58A3AEE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {7EF68824-5556-49EA-A432-96F78477D11D} - \6ddde594-a416-47af-9f95-0592ff8a588d-1-7 -> No File <==== ATTENTION
Task: {803C4409-B05B-4B80-BB63-145F78BFA37E} - \Crossbrowse -> No File <==== ATTENTION
Task: {83E33DDE-7469-4FF3-A557-308E54716CE7} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
Task: {907DDE22-2B97-452F-BFA5-379244620CA4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {97112D6A-D68E-499F-AF56-A84808212C5F} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe [2016-12-13] (Avira Operations GmbH & Co. KG)
Task: {97AD4B90-9C78-43BD-AF7C-1E49941E9095} - \6ddde594-a416-47af-9f95-0592ff8a588d-6 -> No File <==== ATTENTION
Task: {982668DB-6CC9-41A4-99A7-8A9A58C50C92} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A2EEE92A-DF8F-4B35-A081-FAD21BE263F4} - System32\Tasks\{02494B9A-40E1-4B06-BBCC-22C8B19C6CCE} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Ell\AppData\Roaming\oursurfing\UninstallManager.exe -c -ptid=2sq3
Task: {A2F73B79-A290-49AD-8CE6-8603BAA954BA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A814168E-0BEA-4D5F-BCA5-84521B2F14F5} - \6ddde594-a416-47af-9f95-0592ff8a588d-3 -> No File <==== ATTENTION
Task: {B4311AB7-59A6-43BB-85DC-E7FB00336BCB} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Task: {C7C5ADD7-5FA9-4724-99F4-B656E9D415DA} - \6ddde594-a416-47af-9f95-0592ff8a588d-5 -> No File <==== ATTENTION
Task: {CB12FD54-63F6-4E33-A54A-815DA26AA8F1} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {CF702BC8-87E1-49DA-B312-1D7DA647A8AE} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D0E05102-DA02-430C-8EF8-83AF40634E99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E1350513-1C84-44F6-8D51-83BE46BB5E8E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {E5949479-49A8-4C2F-8D22-1D4FD2E5EBE8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {E7A184AD-8C9F-4DA1-86EB-48B79AD4D463} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe
Task: {EAF69D78-C9DA-4D55-B5B0-A4E0040018A6} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: {F0E3EDA9-5CA8-4F04-B759-3EC20DBFD76C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F7E41EED-A5F5-4599-997C-E4C668736B0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {F8B591B3-C93F-4B73-A050-A34B2C83DBE7} - System32\Tasks\OrangeDefender => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
Task: {FFA41C1E-7DB0-4FB6-8B67-9C3FCC6A5535} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-15] (Microsoft Corporation)
Task: {FFC707CA-1B2D-4BBE-B807-6C873C843E7A} - \BackgroundContainer Startup Task -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForEll.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\OrangeDefender.job => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-05-01 15:13 - 2014-05-01 15:13 - 000470016 _____ () C:\Users\Ell\AppData\Local\MEGAsync\ShellExtX64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-09-01 16:55 - 2017-09-01 16:55 - 000144384 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node
2017-09-01 16:55 - 2017-09-01 16:55 - 000200704 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node
2017-09-01 16:55 - 2017-09-01 16:55 - 000150528 _____ () \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\proxydetect\proxydetect.node
2016-12-03 16:15 - 2014-12-05 03:27 - 000055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2016-12-03 16:15 - 2014-12-05 03:27 - 000104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 000794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2017-05-18 09:02 - 2017-05-18 09:02 - 040524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-02-19 08:06 - 000000853 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 keystone.mwbsys.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "AutoCAD Startup Accelerator.lnk"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "HP CoolSense"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "9F0FCC58F4532437C0990DE9760FFC474A266A75._service_run"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-1066567997-190004360-2357831206-1002\...\StartupApproved\Run: => "BingSvc"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7A645B69-362E-4EE2-8CE5-DFACAC5603A8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{D782BA86-E313-4785-BE7A-E0AA52F761A6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{65FF2F08-B2FD-4C29-9A2D-6C4785952AA4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{59C4327E-1A5F-40D3-96DE-9C6743B154A6}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{06204FF9-6E76-4B45-B4D2-44073EA1F8AE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{CC59BA0E-A4C8-4871-9697-B06BF0899AA2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{BA6E5C22-B696-4FC1-B8CA-F85D1810CFBC}] => (Allow) LPort=1900
FirewallRules: [{1BEF48EF-6072-421A-8229-D4CD8AFD3B5D}] => (Allow) LPort=2869
FirewallRules: [{9922D39D-8207-43D6-BC1C-81841DA5AE82}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{E882DFD6-5944-4807-BE36-9F7DCA638F09}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{26244B2B-CB95-44D1-9344-7C50E4F0EBCF}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5FA746C5-F586-4737-84E8-F57F0D04F477}] => (Allow) LPort=49470
FirewallRules: [{BE8B78FE-FE0C-42D6-B970-C6C314817AB6}] => (Allow) LPort=5000
FirewallRules: [{E9493B2E-A113-434D-8BCA-B0A9DB7C1FB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E8B0052-4BA3-4415-9091-F1EEAB51BC7F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{467BE659-8B76-48CA-8656-5FD30461E852}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [UDP Query User{EC67D28C-4469-4103-945D-48A8FC530A77}C:\program files (x86)\valve\half-life\hl.exe] => (Allow) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [{A140E2CE-A15F-4B68-8C30-8C88AAF5FA3D}] => (Block) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [{1723DA4D-2A86-4684-BB4A-AA5DAD470570}] => (Block) C:\program files (x86)\valve\half-life\hl.exe
FirewallRules: [TCP Query User{14E85697-FDE0-478E-82DC-6D030F5A82AC}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Block) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [UDP Query User{F3C2753D-8C12-4615-BEA0-87B96BAC2B7E}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Block) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [TCP Query User{BB400C81-D32A-4452-8638-6539F56F8585}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{ADA83DE0-EFA8-4D8F-93A2-133C8634A97E}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [TCP Query User{A44F587B-1072-4901-8F6D-0E685D891933}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [UDP Query User{D913DBAD-815B-4BF5-AFA1-0EADD9C66DA7}C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\sketchup.exe
FirewallRules: [{B28C77E1-1923-4202-9D5F-3D3C3CD5A09B}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{6D8006D1-E865-463F-849B-B53CB0BAA512}C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe
FirewallRules: [UDP Query User{E0EE1A84-9FAD-48B0-836D-5213151EA0A8}C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe] => (Block) C:\program files (x86)\sketchup\sketchup 2013\layout\layout.exe
FirewallRules: [TCP Query User{C1293E44-8F8D-4A8C-84E9-11BAE4FCE15B}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Allow) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [UDP Query User{109B28AB-A439-46D6-B91C-1DC6D424AE00}C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe] => (Allow) C:\users\ell\desktop\sketchup pro 2013 13.0 build 3689 (cracked files) [chingliu]\cracked files\sketchup.exe
FirewallRules: [TCP Query User{634FB0B0-911A-4472-AA11-A1B3FD389474}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [UDP Query User{FE16509F-1FFD-4D6B-BB12-07E5FDB7ECC3}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [TCP Query User{BC75A0BD-FF96-4041-A81B-D6EF4E609126}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{DC319B7E-3628-4C30-B912-D22F179CE423}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{FE429DC8-2073-4C1C-91D0-38B8EB35CF6F}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{82F1BA54-DE6F-458E-955F-EFB82B0B005E}C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc101\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{E3B78D5F-3064-4D51-842B-0B151E4EAFF2}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [UDP Query User{A3D2F767-4F8B-44AA-B262-ABB05FCD2865}C:\program files\sketchup\sketchup 2016\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2016\sketchup.exe
FirewallRules: [TCP Query User{DA09C15C-FE37-4869-AC35-70FAE3BBA503}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4F640E3-6105-463A-971C-5AE1D5F9D92F}C:\users\ell\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ell\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F200758C-F4C0-401B-8AD2-2B1F9E92CCFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{364BF091-0FF2-4762-A9C2-AF8C4D7AFD53}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{482FA6CE-2CD5-4AF9-B6DF-E1668E8D7E3F}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{F851DB0B-E124-41D3-A091-24DACAB00F28}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
FirewallRules: [{7E9964E4-E2E0-4E69-864B-D50F5DA0A4B0}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/22/2017 08:25:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.SystemSpeedup.UI.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Avira.SystemSpeedup.UI.Systray.Program.Main()
Error: (09/22/2017 08:22:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1154
Start Time: 01d333d7760ba330
Termination Time: 4294967295
Application Path: C:\WINDOWS\system32\wwahost.exe
Report Id: 681e366d-9fcb-11e7-81e7-28924a4e870a
Faulting package full name: AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6
Faulting package-relative application ID: App
Error: (09/22/2017 06:12:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.SystemSpeedup.UI.Systray.exe, version: 3.1.0.4242, time stamp: 0x58502f1f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f32841
Exception code: 0xe0434352
Fault offset: 0x00015608
Faulting process ID: 0xdc0
Faulting application start time: 0x01d333c5bbbffd9f
Faulting application path: C:\Program Files (x86)\Avira\AviraSpeedup\Avira.SystemSpeedup.UI.Systray.exe
Faulting module path: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Report ID: 26315c05-9fb9-11e7-81e6-28924a4e870a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/22/2017 06:11:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.SystemSpeedup.UI.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at Avira.SystemSpeedup.UI.Systray.Program.Main()
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 03:59:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (09/22/2017 02:57:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
System errors:
=============
Error: (09/22/2017 08:23:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP Support Solutions Framework Service service did not respond on starting.
Error: (09/22/2017 08:17:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service did not respond on starting.
Error: (09/22/2017 08:15:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Encryption Provider Host Service service terminated with the following error:
An exception occurred in the service when handling the control request.
Error: (09/22/2017 08:15:57 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The W3C Logging Service service depends on the following service: W3SVC. This service might not be installed.
Error: (09/22/2017 08:15:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Content Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/22/2017 08:14:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppEx Networks Accelerator LWF service failed to start due to the following error:
The system cannot find the file specified.
Error: (09/22/2017 06:11:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Work Folders service did not respond on starting.
Error: (09/22/2017 06:10:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Encryption Provider Host Service service terminated with the following error:
An exception occurred in the service when handling the control request.
Error: (09/22/2017 06:10:10 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The W3C Logging Service service depends on the following service: W3SVC. This service might not be installed.
Error: (09/22/2017 06:09:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Autodesk Content Service service failed to start due to the following error:
The system cannot find the file specified.
CodeIntegrity:
===================================
Date: 2017-09-22 20:22:41.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 20:03:04.818
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:50:26.147
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:45:39.255
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:42:45.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:40:08.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:38:57.797
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:25:18.091
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:21:30.081
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-22 19:05:01.093
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD E2-1800 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 18%
Total physical RAM: 7770.26 MB
Available physical RAM: 6354.56 MB
Total Virtual: 8986.26 MB
Available Virtual: 7516.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:910.5 GB) (Free:762.73 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:19.8 GB) (Free:2.47 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1E28E0A4)
Partition: GPT.
==================== End of Addition.txt ============================