Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Missing DLL file "dnsapi"


  • This topic is locked This topic is locked
9 replies to this topic

#1 ThatDellGuy2900

ThatDellGuy2900

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oswego County, New York
  • Local time:04:23 PM

Posted 09 October 2015 - 02:03 AM

Hello my fellow computer people! I've been having this major issue the past few days. It started two days ago when I logged on and my skype would not start as it said the "dnsapi.dll" file was missing. I've looked into it, researched and researched, found several answers, in which none have worked. My Malware software won't run because of it, when I do a "sfc /scannow" scan in the CP, it gets to 33% and fails, and I cant register WinThruster software to verify and clean the registry because it will not connect to the internet, even though there is a hard wired CAT6 cable connected to the PC. I'm at the end of the road and want to know what you guys think. Any thoughts? Thank you to all of you in advance!


Edited by Orange Blossom, 09 October 2015 - 09:35 AM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 09 October 2015 - 02:14 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 ThatDellGuy2900

ThatDellGuy2900
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oswego County, New York
  • Local time:04:23 PM

Posted 09 October 2015 - 10:07 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-10-2015
Ran by Whaley David (administrator) on LENOVO-PC (09-10-2015 10:57:45)
Running from C:\Users\Whaley David\Desktop
Loaded Profiles: Whaley David (Available Profiles: Whaley David & Laurie & Dale)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Spotify Ltd) C:\Users\Whaley David\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Dropbox, Inc.) C:\Users\Whaley David\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
(Dropbox, Inc.) C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM\...\Run: [UMonit] => C:\Windows\SysWOW64\UMonit64.exe [55352 2015-09-21] ()
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-05-31] (Razer Inc.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [AmazonGSDownloaderTray] => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe [326144 2009-10-23] (Amazon.com)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [Info Center] => C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe [28792 2013-12-26] (PC Pitstop LLC)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [Spotify Web Helper] => C:\Users\Whaley David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2025016 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-11-06] (NETGEAR Inc.)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [16CC2B923570E9411FAC276F2621DD1F0F148A72._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [Dropbox Update] => C:\Users\Whaley David\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-21] (Dropbox, Inc.)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [DV] => C:\ProgramData\DataFile\Downloads\DV.exe
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55100016 2015-08-26] (Skype Technologies S.A.)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Run: [Spotify] => C:\Users\Whaley David\AppData\Roaming\Spotify\Spotify.exe [7571000 2015-09-19] (Spotify Ltd)
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\MountPoints2: I - I:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\MountPoints2: {1cad4ed3-f5f1-11e4-807a-4437e61b17e5} - G:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\MountPoints2: {b93c30ff-6e91-11e4-a5de-4437e61b17e5} - J:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-06-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Smart Wizard.lnk [2015-01-24]
ShortcutTarget: NETGEAR WNDA3100v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2015-01-24]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-01-24]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1916182683-1298059335-62827055-1003\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49181;https=127.0.0.1:49181
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16E4EF3F-5C3C-4C59-B1CB-838981DF967B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17E54070-A74D-4A3E-8D6B-F51EDDB57ECD}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{193F1521-474B-4EE8-884C-5B89B5D7EED8}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.com/
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130857054152693205&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: Radio Canyon -> {11111111-1111-1111-1111-110611081104} ->  No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Radio Canyon -> {11111111-1111-1111-1111-110611081104} ->  No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-27] (Oracle Corporation)
BHO-x32: PCMatic AdBlocker -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll [2015-08-18] (PC Matic, LLC)
Toolbar: HKU\S-1-5-21-1916182683-1298059335-62827055-1001 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D9305048-DD6B-4EDF-8706-096EBE24E1D7} hxxp://192.168.1.64/IPCWeb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3331321&octid=EB_ORIGINAL_CTID&ISID=M615B861B-DE15-444D-B14D-55D0BC89E574&SearchSource=55&CUI=&UM=8&UP=SP0A130E91-BF6A-49C4-B71E-782889A1CF17&SSPV=
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF user.js: detected! => C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\user.js [2015-08-27]
FF Extension: alertboxajitkcom - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\alertbox@ajitk.com [2015-04-03]
FF Extension: ehtiprobertkatic - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\ehtip@robertkatic [2015-09-03]
FF Extension: ffext_basicvideoextstartpage24 - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\ffext_basicvideoext@startpage24 [2014-10-05]
FF Extension: jid1UfSghNz6VhKecwjetpack - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\jid1-UfSghNz6VhKecw@jetpack [2015-01-19]
FF Extension: moredisplayresolutionsmhafaicom - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\more-display-resolutions@mhafai.com [2015-08-29]
FF Extension: multirevenuegooglemailcom - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\multirevenue@googlemail.com [2015-05-27]
FF Extension: Crazy Shopperama - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\Extensions\Pm9mmqRVQ@gmail.com [2015-05-27]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-07-10]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-07-10]
FF HKLM-x32\...\Firefox\Extensions: [noreply@pcpitstop.com] - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMatic.uBlock.firefox
FF Extension: PC Matic - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMatic.uBlock.firefox [2015-09-23]
FF Extension: No Name - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\extensions\0YUm7YA2T@gmail.com [not found]
FF Extension: No Name - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\extensions\525eaf00-9712-4ce5-9c71-9aa6a175421b@gmail.com [not found]
FF Extension: No Name - C:\Users\Whaley David\AppData\Roaming\Mozilla\Firefox\Profiles\ft9le7n1.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [not found]
FF Extension: No Name - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12191.xpi [not found]
FF Extension: No Name - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12191.xpi [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-29] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-08-29] <==== ATTENTION
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3334306&octid=EB_ORIGINAL_CTID&ISID=MC59CE20C-B619-431E-8EC3-4D05CA7DC255&SearchSource=55&CUI=&UM=8&UP=SP1EF610C4-C7A2-4B53-A02D-BDC934D210F1&D=083015&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=MBE3FF719-01A2-431F-B6B1-4A7B96F37036&SearchSource=55&CUI=&UM=8&UP=SP80CCB460-27BF-4268-BB42-AD882A6D4A93&D=082815&SSPV=","hxxp://www.google.com/","hxxp://search.gboxapp.com/","hxxp://www.default-search.net/?sid=492&aid=229&itype=n&ver=13467&tm=437&src=hmp","hxxps://mysearch.avg.com/?cid={A0ADC4AB-9E9F-498E-B77B-3C0228C4C858}&mid=1dabca2e189d47d2a68bd16f5e69a035-3ced3b4299ba66be22f4321398a48132b4ccfd0d&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-21%2019:10:38&v=3.2.0.14&pid=wtu&sg=&sap=hp","hxxp://www.istart123.com/?type=hp&ts=1408756861&from=tugs&uid=ST31000528AS_6VP9ERYQXXXX6VP9ERYQ","hxxp://groovorio.com/?f=7&a=grv_tuto5_14_31&cd=2XzuyEtN2Y1L1QzuyEyEtAyB0EyCtC0BtCyB0EyD0AtC0DtDtN0D0Tzu0SzyyCyDtN1L2XzutAtFtDtFtCyDtFtCtN1L1Czu1N1C2X1V2Z2Y2Z1FyD1VtCyE1VtAtCtN1L1G1B1V1N2Y1L1Qzu2StC0DyCtA0FyDyBtDtG0AtBtCtAtG0DyDyC0AtGzy0C0FyCtGyBzy0DyDtAyDtB0E0EyEtC0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0FyDtBzytDyDtDtGyBzzzzyEtGyE0EyEyBtGzz0FtAyCtG0A0ByBzyyCyDtAyE0E0F0BtA2Q&cr=436882064&ir=","hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9ho1IAoH5LYnFv7JfOqd6-ng95Wo5BrgVMCTEuEAGy00KzuJZ5u6ybkgHZ46rvVgFJ6NyVunJiVi9AGUqOSBAOj3lA2YAMq8kDwFVptBo-cd6XG8KFKeQYmFF9zigh88fIwvByBHnemLytlbfJMLSd2S7K5KpLaVw37iw,,","hxxp://www.trovi.com/?gd=&ctid=CT3333887&octid=EB_ORIGINAL_CTID&ISID=M1DB805DD-BED7-4556-AD4A-DDB87A49C1C8&SearchSource=55&CUI=&UM=8&UP=SP8598838F-07A4-493F-A812-DA22C489788B&D=082415&SSPV=","hxxp://www.trovi.com/?gd=&ctid=CT3334306&octid=EB_ORIGINAL_CTID&ISID=MA73AACF5-B809-4222-947D-DF53ECEFB601&SearchSource=55&CUI=&UM=8&UP=SP575A542A-6F9B-4A10-82EA-946EF26139E5&D=082715&SSPV="
CHR Profile: C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-27]
CHR Extension: (Google Drive) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-27]
CHR Extension: (YouTube) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-27]
CHR Extension: (Google Cast) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-06-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2014-07-10]
CHR Extension: (Google Search) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-27]
CHR Extension: (*Split Screen*) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\eachfleknamlcepmplpdghagngjfjkin [2014-06-27]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2014-07-10]
CHR Extension: (gghkfhpblkcmlkmpcpgaajbbiikbhpdi) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gghkfhpblkcmlkmpcpgaajbbiikbhpdi [2015-09-04]
CHR Extension: (Google Docs Offline) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\Whaley David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-27]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-07-10]
CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [701824 2014-12-24] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-05-22] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 msdotnetserv_v2050729; C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msnetcore.exe [3003880 2015-07-05] (Copyright © Microsoft 2015)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2014-11-06] (NETGEAR)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198456 2015-08-18] (PC Pitstop LLC)
S3 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [367616 2014-05-20] (Razer Inc.) [File not signed]
R3 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [801472 2015-03-10] (Samsung Electronics Co., Ltd.)
S3 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()
S3 BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [X]
S2 MySql; C:/mysql/bin/mysqld-nt.exe [X]
S3 vncserver; "C:\Program Files\RealVNC\VNC Server\vncservice.exe" vncserver [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [117224 2015-09-21] (GenesysLogic)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 mr8980; C:\Windows\System32\DRIVERS\mr8980x64.sys [114176 2011-04-19] (Mars Semiconductor Corp.)
S3 mr8980; C:\Windows\SysWOW64\DRIVERS\mr8980x64.sys [114176 2011-04-19] (Mars Semiconductor Corp.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 Phosgene; C:\Windows\System32\DRIVERS\Phosgene.sys [33672 2015-09-02] (Adoriasoft LLC)
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc)
S3 rzjstk; C:\Windows\System32\DRIVERS\rzjstk.sys [27816 2014-05-19] (Razer Inc)
S3 rzkeypadendpt; C:\Windows\System32\DRIVERS\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 NPF; system32\drivers\NPF.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 zgi5m2f2zxm0bdf; system32\drivers\zgi5m2f2zxm0bdf.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-09 10:57 - 2015-10-09 10:58 - 00036920 _____ C:\Users\Whaley David\Desktop\FRST.txt
2015-10-09 10:57 - 2015-10-09 10:57 - 00000000 ____D C:\FRST
2015-10-09 10:57 - 2015-10-09 10:56 - 02194944 _____ (Farbar) C:\Users\Whaley David\Desktop\FRST64.exe
2015-10-09 07:21 - 2015-10-09 07:21 - 00000000 ____D C:\Windows\th-TH
2015-10-09 07:21 - 2015-10-09 07:21 - 00000000 ____D C:\Windows\SysWOW64\Drivers\th-TH
2015-10-09 06:44 - 2015-10-09 07:03 - 00744932 _____ C:\Windows\system32\perfh013.dat
2015-10-09 06:44 - 2015-10-09 07:03 - 00153586 _____ C:\Windows\system32\perfc013.dat
2015-10-09 06:44 - 2015-10-09 06:42 - 00341322 _____ C:\Windows\system32\perfi013.dat
2015-10-09 06:44 - 2015-10-09 06:42 - 00043068 _____ C:\Windows\system32\perfd013.dat
2015-10-09 06:42 - 2015-10-09 06:42 - 00000000 ____D C:\Windows\SysWOW64\nl
2015-10-09 06:42 - 2015-10-09 06:42 - 00000000 ____D C:\Windows\SysWOW64\0413
2015-10-09 06:42 - 2015-10-09 06:42 - 00000000 ____D C:\Windows\system32\nl
2015-10-09 06:42 - 2015-10-09 06:42 - 00000000 ____D C:\Windows\system32\0413
2015-10-09 06:24 - 2015-10-09 06:24 - 00000000 ____D C:\Windows\SysWOW64\Drivers\lv-LV
2015-10-09 06:24 - 2015-10-09 06:24 - 00000000 ____D C:\Windows\system32\Drivers\lv-LV
2015-10-09 06:24 - 2015-10-09 06:24 - 00000000 ____D C:\Windows\lv-LV
2015-10-09 06:07 - 2015-10-09 07:03 - 00482936 _____ C:\Windows\system32\perfh00B.dat
2015-10-09 06:07 - 2015-10-09 07:03 - 00102004 _____ C:\Windows\system32\perfc00B.dat
2015-10-09 06:07 - 2015-10-09 06:05 - 00279790 _____ C:\Windows\system32\perfi00B.dat
2015-10-09 06:07 - 2015-10-09 06:05 - 00038258 _____ C:\Windows\system32\perfd00B.dat
2015-10-09 06:06 - 2015-10-09 06:06 - 00000000 ____D C:\Windows\SysWOW64\fi
2015-10-09 06:05 - 2015-10-09 06:05 - 00000000 ____D C:\Windows\system32\fi
2015-10-09 05:48 - 2015-10-09 05:48 - 00000000 ____D C:\Windows\uk-UA
2015-10-09 05:48 - 2015-10-09 05:48 - 00000000 ____D C:\Windows\SysWOW64\Drivers\uk-UA
2015-10-09 05:48 - 2015-10-09 05:48 - 00000000 ____D C:\Windows\system32\Drivers\uk-UA
2015-10-09 05:32 - 2015-10-09 07:03 - 00746890 _____ C:\Windows\system32\perfh00A.dat
2015-10-09 05:32 - 2015-10-09 07:03 - 00158958 _____ C:\Windows\system32\perfc00A.dat
2015-10-09 05:32 - 2015-10-09 05:29 - 00341432 _____ C:\Windows\system32\perfi00A.dat
2015-10-09 05:32 - 2015-10-09 05:29 - 00041390 _____ C:\Windows\system32\perfd00A.dat
2015-10-09 05:30 - 2015-10-09 05:30 - 00000000 ____D C:\Windows\SysWOW64\es
2015-10-09 05:30 - 2015-10-09 05:30 - 00000000 ____D C:\Windows\SysWOW64\0C0A
2015-10-09 05:30 - 2015-10-09 05:30 - 00000000 ____D C:\Windows\system32\es
2015-10-09 05:30 - 2015-10-09 05:30 - 00000000 ____D C:\Windows\system32\0C0A
2015-10-09 05:14 - 2015-10-09 07:03 - 00393778 _____ C:\Windows\system32\perfh00D.dat
2015-10-09 05:14 - 2015-10-09 07:03 - 00085242 _____ C:\Windows\system32\perfc00D.dat
2015-10-09 05:14 - 2015-10-09 05:12 - 00229316 _____ C:\Windows\system32\perfi00D.dat
2015-10-09 05:14 - 2015-10-09 05:12 - 00032166 _____ C:\Windows\system32\perfd00D.dat
2015-10-09 05:13 - 2015-10-09 05:13 - 00000000 ____D C:\Windows\SysWOW64\he
2015-10-09 05:13 - 2015-10-09 05:13 - 00000000 ____D C:\Windows\SysWOW64\Drivers\he-IL
2015-10-09 05:13 - 2015-10-09 05:13 - 00000000 ____D C:\Windows\system32\he
2015-10-09 05:12 - 2015-10-09 05:12 - 00000000 ____D C:\Windows\he-IL
2015-10-09 04:56 - 2015-10-09 04:56 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sl-SI
2015-10-09 04:56 - 2015-10-09 04:56 - 00000000 ____D C:\Windows\system32\Drivers\sl-SI
2015-10-09 04:56 - 2015-10-09 04:56 - 00000000 ____D C:\Windows\sl-SI
2015-10-09 04:42 - 2015-10-09 07:03 - 00741480 _____ C:\Windows\system32\perfh010.dat
2015-10-09 04:42 - 2015-10-09 07:03 - 00147330 _____ C:\Windows\system32\perfc010.dat
2015-10-09 04:42 - 2015-10-09 04:40 - 00335478 _____ C:\Windows\system32\perfi010.dat
2015-10-09 04:42 - 2015-10-09 04:40 - 00037534 _____ C:\Windows\system32\perfd010.dat
2015-10-09 04:40 - 2015-10-09 04:40 - 00000000 ____D C:\Windows\SysWOW64\it
2015-10-09 04:40 - 2015-10-09 04:40 - 00000000 ____D C:\Windows\SysWOW64\0410
2015-10-09 04:40 - 2015-10-09 04:40 - 00000000 ____D C:\Windows\system32\it
2015-10-09 04:40 - 2015-10-09 04:40 - 00000000 ____D C:\Windows\system32\0410
2015-10-09 04:26 - 2015-10-09 07:03 - 00747150 _____ C:\Windows\system32\perfh00C.dat
2015-10-09 04:26 - 2015-10-09 07:03 - 00480448 _____ C:\Windows\system32\perfh001.dat
2015-10-09 04:26 - 2015-10-09 07:03 - 00150064 _____ C:\Windows\system32\perfc00C.dat
2015-10-09 04:26 - 2015-10-09 07:03 - 00095256 _____ C:\Windows\system32\perfc001.dat
2015-10-09 04:26 - 2015-10-09 04:23 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2015-10-09 04:26 - 2015-10-09 04:23 - 00289060 _____ C:\Windows\system32\perfi001.dat
2015-10-09 04:26 - 2015-10-09 04:23 - 00042056 _____ C:\Windows\system32\perfd001.dat
2015-10-09 04:26 - 2015-10-09 04:23 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2015-10-09 04:24 - 2015-10-09 07:01 - 00000000 ____D C:\Windows\SysWOW64\fr
2015-10-09 04:24 - 2015-10-09 07:01 - 00000000 ____D C:\Windows\system32\fr
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\SysWOW64\Drivers\ar-SA
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\SysWOW64\ar
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\SysWOW64\040C
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\system32\ar
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\system32\040C
2015-10-09 04:24 - 2015-10-09 04:24 - 00000000 ____D C:\Windows\ar-SA
2015-10-09 04:07 - 2015-10-09 04:07 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sk-SK
2015-10-09 04:07 - 2015-10-09 04:07 - 00000000 ____D C:\Windows\system32\Drivers\sk-SK
2015-10-09 04:07 - 2015-10-09 04:07 - 00000000 ____D C:\Windows\sk-SK
2015-10-09 03:52 - 2015-10-09 07:03 - 00698642 _____ C:\Windows\system32\perfh007.dat
2015-10-09 03:52 - 2015-10-09 07:03 - 00149600 _____ C:\Windows\system32\perfc007.dat
2015-10-09 03:52 - 2015-10-09 03:50 - 00295922 _____ C:\Windows\system32\perfi007.dat
2015-10-09 03:52 - 2015-10-09 03:50 - 00038104 _____ C:\Windows\system32\perfd007.dat
2015-10-09 03:51 - 2015-10-09 07:01 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-10-09 03:51 - 2015-10-09 03:51 - 00000000 ____D C:\Windows\SysWOW64\de
2015-10-09 03:51 - 2015-10-09 03:51 - 00000000 ____D C:\Windows\SysWOW64\0407
2015-10-09 03:50 - 2015-10-09 03:50 - 00000000 ____D C:\Windows\system32\de
2015-10-09 03:50 - 2015-10-09 03:50 - 00000000 ____D C:\Windows\system32\0407
2015-10-09 01:34 - 2015-10-09 01:34 - 00000000 ____D C:\Users\Laurie\AppData\Roaming\Solvusoft
2015-10-09 01:27 - 2015-10-09 02:33 - 00003106 _____ C:\Windows\System32\Tasks\WinThruster
2015-10-09 01:17 - 2015-10-09 01:22 - 00001680 _____ C:\Windows\system32\ASOROSet.bin
2015-10-09 01:17 - 2015-10-09 01:17 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2015-10-09 00:55 - 2015-10-09 00:55 - 00156592 _____ (Bjørnar Henden) C:\Users\Whaley David\Downloads\isxdl.dll
2015-10-09 00:41 - 2015-10-09 01:44 - 00001043 _____ C:\Users\Public\Desktop\WinThruster.lnk
2015-10-09 00:41 - 2015-10-09 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2015-10-09 00:41 - 2015-10-09 01:44 - 00000000 ____D C:\Program Files (x86)\WinThruster
2015-10-09 00:41 - 2015-10-09 01:23 - 00000296 _____ C:\Windows\Tasks\WinThruster_UPDATES.job
2015-10-09 00:41 - 2015-10-09 01:23 - 00000288 _____ C:\Windows\Tasks\WinThruster_DEFAULT.job
2015-10-09 00:41 - 2015-10-09 00:41 - 00003054 _____ C:\Windows\System32\Tasks\WinThruster_UPDATES
2015-10-09 00:41 - 2015-10-09 00:41 - 00002898 _____ C:\Windows\System32\Tasks\WinThruster_DEFAULT
2015-10-09 00:41 - 2015-10-09 00:41 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Solvusoft
2015-10-07 02:12 - 2015-10-07 02:12 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-10-07 02:12 - 2015-10-07 02:12 - 00000000 ____D C:\Program Files (x86)\Genesyslogic
2015-10-07 02:12 - 2015-09-21 10:10 - 05634032 _____ (Genesys) C:\Windows\system32\GeneIcon.dll
2015-10-07 02:12 - 2015-09-21 10:06 - 00055352 _____ () C:\Windows\SysWOW64\UMonit64.exe
2015-10-07 01:56 - 2015-09-25 14:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-07 01:56 - 2015-09-25 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-07 01:56 - 2015-09-25 14:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-07 01:56 - 2015-09-25 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-07 01:56 - 2015-09-25 14:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-07 01:56 - 2015-09-25 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-07 01:56 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-07 01:56 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-07 01:56 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-07 01:56 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-07 01:56 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-07 01:56 - 2015-09-18 15:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-07 01:56 - 2015-09-18 15:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-07 01:56 - 2015-09-18 15:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-07 01:56 - 2015-09-18 15:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-07 01:56 - 2015-09-18 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-07 01:56 - 2015-09-18 15:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-07 01:56 - 2015-09-18 15:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-07 01:56 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-07 01:55 - 2015-08-05 14:02 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-07 01:55 - 2015-08-05 14:02 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-07 01:55 - 2015-08-05 13:56 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-10-07 01:55 - 2015-08-05 13:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-07 01:55 - 2015-08-05 13:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-07 01:55 - 2015-08-05 13:55 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-07 01:55 - 2015-08-05 13:50 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-07 01:55 - 2015-08-05 13:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-07 01:55 - 2015-08-05 13:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-07 01:55 - 2015-08-05 13:41 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-07 01:55 - 2015-08-05 13:41 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-07 01:55 - 2015-08-05 13:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-07 01:55 - 2015-08-05 13:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-07 01:55 - 2015-08-05 13:40 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-07 01:55 - 2015-08-05 13:40 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-07 01:55 - 2015-08-05 13:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-07 01:55 - 2015-08-05 13:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-07 01:55 - 2015-08-05 13:40 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-07 01:55 - 2015-08-05 13:39 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-07 01:55 - 2015-08-05 13:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-07 01:55 - 2015-08-05 13:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-07 01:55 - 2015-08-05 13:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-07 01:55 - 2015-08-05 13:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-07 01:55 - 2015-08-05 13:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-07 01:55 - 2015-08-05 13:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-10-07 01:55 - 2015-08-05 12:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-07 01:55 - 2015-08-05 12:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-07 01:55 - 2015-08-05 12:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-05 01:09 - 2015-10-09 01:49 - 00000000 ____D C:\Program Files (x86)\911CAD
2015-10-05 01:07 - 2015-10-05 01:08 - 02952793 _____ (RAD Software ) C:\Users\Whaley David\Downloads\setup-911cad.exe
2015-10-05 00:17 - 2015-10-05 00:17 - 00000000 ___HD C:\$Windows.~BT
2015-10-03 18:52 - 2015-10-03 18:52 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-03 18:28 - 2002-08-29 06:14 - 00002272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\W95Inf16.DLL
2015-10-03 18:28 - 2001-08-17 21:43 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\W95Inf32.DLL
2015-10-03 18:26 - 2015-10-03 18:27 - 04772407 _____ C:\Users\Whaley David\Downloads\LoopRecorder208-Setup.exe
2015-09-29 01:57 - 2015-09-29 01:57 - 783774948 _____ C:\Windows\MEMORY.DMP
2015-09-29 01:57 - 2015-09-29 01:57 - 00275552 _____ C:\Windows\Minidump\092915-21403-01.dmp
2015-09-28 02:13 - 2015-09-28 02:13 - 00000221 _____ C:\Users\Whaley David\Desktop\Train Simulator.url
2015-09-27 00:39 - 2015-10-05 11:40 - 00000080 _____ C:\Users\Whaley David\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-09-27 00:34 - 2015-10-04 20:32 - 00000000 ____D C:\Program Files\Rockstar Games
2015-09-25 16:37 - 2015-09-25 16:37 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-25 16:37 - 2015-09-25 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-25 16:36 - 2015-09-25 16:37 - 00000000 ____D C:\Program Files\iTunes
2015-09-25 16:36 - 2015-09-25 16:36 - 00000000 ____D C:\Program Files\iPod
2015-09-25 16:36 - 2015-09-25 16:36 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-25 16:34 - 2015-09-25 16:34 - 00000000 ____D C:\Program Files\Bonjour
2015-09-25 16:34 - 2015-09-25 16:34 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-25 16:34 - 2015-09-25 16:34 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-25 13:37 - 2015-09-25 14:25 - 167601944 _____ (Apple Inc.) C:\Users\Whaley David\Downloads\iTunes6464Setup.exe
2015-09-24 12:19 - 2015-09-24 12:19 - 00000000 _____ C:\Windows\SysWOW64\SBRC.dat
2015-09-24 12:14 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2015-09-24 11:22 - 2015-09-24 11:22 - 00000000 ____D C:\ProgramData\PCPitstopDat
2015-09-23 23:46 - 2015-09-23 23:46 - 00000222 _____ C:\Users\Whaley David\Desktop\Grand Theft Auto V.url
2015-09-23 23:35 - 2015-09-23 23:35 - 00001240 _____ C:\Users\Whaley David\Desktop\PC Matic.lnk
2015-09-23 23:35 - 2015-09-23 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop
2015-09-23 23:34 - 2015-09-23 23:34 - 05335664 _____ (PC Pitstop LLC ) C:\Users\Whaley David\Downloads\pcmatic-setup-1067.exe
2015-09-21 10:10 - 2015-09-21 10:10 - 01730312 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-09-21 10:10 - 2015-09-21 10:10 - 00129536 _____ (Genesys Logic) C:\Windows\system32\GSCoinst.dll
2015-09-21 10:10 - 2015-09-21 10:10 - 00117224 _____ (GenesysLogic) C:\Windows\system32\Drivers\GeneStor.sys
2015-09-20 00:09 - 2015-09-20 00:09 - 01193161 _____ C:\Windows\unins000.exe
2015-09-20 00:09 - 2015-09-02 07:28 - 00033672 _____ (Adoriasoft LLC) C:\Windows\system32\Drivers\Phosgene.sys
2015-09-19 11:07 - 2015-09-19 11:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f2ecd7e5319a.job
2015-09-19 11:07 - 2015-09-19 11:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-14 23:31 - 2015-09-14 23:31 - 00000000 ____D C:\Users\Whaley David\Documents\Holotech
2015-09-14 23:28 - 2015-09-20 00:09 - 00005140 _____ C:\Windows\unins000.dat
2015-09-14 23:28 - 2015-09-20 00:09 - 00000000 ____D C:\Program Files (x86)\Phosgene
2015-09-14 23:28 - 2015-09-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2015-09-14 23:28 - 2015-09-14 23:28 - 00000000 ____D C:\Program Files (x86)\Xiph.Org
2015-09-13 17:39 - 2014-11-26 07:07 - 00118576 _____ C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2015-09-13 17:38 - 2014-04-16 04:22 - 00029184 _____ () C:\Windows\system32\usp02l.dll
2015-09-13 17:38 - 2010-10-20 04:46 - 00089600 _____ (SS) C:\Windows\system32\usp02ci.dll
2015-09-13 17:37 - 2015-09-13 17:37 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2015-09-13 17:37 - 2014-12-26 00:56 - 00000357 _____ C:\Windows\system32\usp02l.smt
2015-09-13 17:37 - 2013-05-10 05:48 - 00162136 _____ C:\Windows\system32\usp02ci.exe
2015-09-13 17:34 - 2015-03-18 11:09 - 00158040 _____ (SS) C:\Windows\system32\ssm1mci.exe
2015-09-13 17:34 - 2015-03-18 11:09 - 00022528 _____ () C:\Windows\system32\ssm1mlm.dll
2015-09-12 12:12 - 2015-09-12 12:57 - 00001018 _____ C:\Users\Public\Desktop\CpFix.lnk
2015-09-12 11:59 - 2015-10-05 03:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-12 11:59 - 2015-09-12 12:57 - 00001096 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-12 11:58 - 2015-09-12 11:58 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Whaley David\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-12 11:58 - 2015-09-12 11:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 11:58 - 2015-09-12 11:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-12 11:58 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-12 11:58 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-12 11:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-09 23:39 - 2015-09-09 23:39 - 00000000 ____D C:\Users\Dale.Whaley\Documents\EA Games
2015-09-09 17:00 - 2015-08-05 13:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 17:00 - 2015-08-05 13:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 17:00 - 2015-08-05 13:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 17:00 - 2015-08-05 13:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 17:00 - 2015-07-14 23:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 17:00 - 2015-07-14 22:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 16:59 - 2015-08-17 21:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 16:59 - 2015-08-17 21:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 16:59 - 2015-08-15 02:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 16:59 - 2015-08-15 02:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 16:59 - 2015-08-15 02:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:59 - 2015-08-15 02:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 16:59 - 2015-08-15 02:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:59 - 2015-08-15 02:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 16:59 - 2015-08-15 02:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 16:59 - 2015-08-15 02:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 16:59 - 2015-08-15 02:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:59 - 2015-08-15 02:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 16:59 - 2015-08-15 02:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 16:59 - 2015-08-15 02:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 16:59 - 2015-08-15 02:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 16:59 - 2015-08-15 02:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 16:59 - 2015-08-15 02:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 16:59 - 2015-08-15 02:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 16:59 - 2015-08-15 02:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:59 - 2015-08-15 02:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 16:59 - 2015-08-15 01:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:59 - 2015-08-15 01:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 16:59 - 2015-08-15 01:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 16:59 - 2015-08-15 01:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:59 - 2015-08-15 01:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 16:59 - 2015-08-15 01:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 16:59 - 2015-08-15 01:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 16:59 - 2015-08-15 01:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 16:59 - 2015-08-15 01:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 16:59 - 2015-08-15 01:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 16:59 - 2015-08-15 01:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 16:59 - 2015-08-15 01:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 16:59 - 2015-08-15 01:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 16:59 - 2015-08-15 01:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 16:59 - 2015-08-15 01:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 16:59 - 2015-08-15 01:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 16:59 - 2015-08-15 01:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 16:59 - 2015-08-15 01:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 16:59 - 2015-08-15 01:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 16:59 - 2015-08-15 01:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 16:59 - 2015-08-15 01:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 16:59 - 2015-08-15 01:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 16:59 - 2015-08-15 01:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:59 - 2015-08-15 01:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 16:59 - 2015-08-15 01:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 16:59 - 2015-08-15 01:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 16:59 - 2015-08-15 01:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 16:59 - 2015-08-15 01:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 16:59 - 2015-08-15 01:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 16:59 - 2015-08-15 01:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 16:59 - 2015-08-15 01:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 16:59 - 2015-08-15 01:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 16:59 - 2015-08-15 01:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 16:59 - 2015-08-15 01:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 16:59 - 2015-08-15 01:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 16:59 - 2015-08-15 00:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 16:59 - 2015-08-15 00:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 16:59 - 2015-08-15 00:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 16:59 - 2015-08-15 00:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 16:59 - 2015-08-15 00:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 16:59 - 2015-07-09 13:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 16:59 - 2015-07-09 13:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 16:59 - 2015-07-09 13:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 16:59 - 2015-07-09 13:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 16:58 - 2015-08-27 14:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 16:58 - 2015-08-27 14:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 16:58 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 16:58 - 2015-08-27 14:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 16:58 - 2015-08-27 13:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 16:58 - 2015-08-27 13:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 16:58 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 16:58 - 2015-08-27 13:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 16:58 - 2015-08-04 14:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 16:58 - 2015-08-04 14:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 16:58 - 2015-08-04 13:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 16:58 - 2015-08-04 13:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 16:58 - 2015-08-04 13:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:58 - 2015-07-22 20:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:58 - 2015-07-22 20:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 16:58 - 2015-07-22 20:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 16:58 - 2015-07-22 20:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 16:58 - 2015-07-22 20:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 16:58 - 2015-07-22 20:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 16:58 - 2015-07-22 20:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 16:58 - 2015-07-22 20:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 16:58 - 2015-07-22 20:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 16:58 - 2015-07-22 20:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 16:58 - 2015-07-22 19:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 19:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 16:58 - 2015-07-22 13:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 16:58 - 2015-07-22 13:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 16:58 - 2015-07-22 13:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 16:58 - 2015-07-22 13:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 16:58 - 2015-07-22 13:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 16:58 - 2015-07-22 13:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 16:58 - 2015-07-22 13:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 16:58 - 2015-07-22 13:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 16:58 - 2015-07-22 13:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 16:58 - 2015-07-22 13:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 13:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 12:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 16:58 - 2015-07-22 12:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 16:58 - 2015-07-22 12:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 16:58 - 2015-07-22 12:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 12:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 16:58 - 2015-07-22 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 16:58 - 2015-06-25 06:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 16:58 - 2015-06-25 06:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 16:58 - 2015-06-25 06:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 16:58 - 2015-06-25 05:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 16:57 - 2015-09-01 23:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 16:57 - 2015-09-01 23:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 16:57 - 2015-09-01 23:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 16:57 - 2015-09-01 23:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 16:57 - 2015-09-01 22:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 16:57 - 2015-09-01 22:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 16:57 - 2015-09-01 22:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 16:57 - 2015-09-01 22:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 16:57 - 2015-09-01 21:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 16:57 - 2015-09-01 21:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 16:57 - 2015-09-01 21:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 16:57 - 2015-08-04 13:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:57 - 2015-08-04 13:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:57 - 2015-08-04 13:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 16:57 - 2015-08-04 12:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-10-09 10:52 - 2014-06-26 20:58 - 01451139 _____ C:\Windows\WindowsUpdate.log
2015-10-09 07:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-10-09 07:21 - 2009-10-30 16:16 - 00000000 ____D C:\Windows\system32\Drivers\th-TH
2015-10-09 07:21 - 2009-07-14 03:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-09 07:21 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-10-09 07:21 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\system32\WCN
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-10-09 07:21 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\th-TH
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\oobe
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\servicing
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-09 07:21 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-10-09 07:01 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-10-09 07:01 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\system32\winrm
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\system32\slmgr
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-10-09 06:42 - 2009-07-14 01:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-10-09 06:42 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Setup
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\MUI
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\com
2015-10-09 06:42 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\IME
2015-10-09 06:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2015-10-09 06:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\lv-LV
2015-10-09 05:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2015-10-09 05:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\uk-UA
2015-10-09 05:13 - 2009-10-30 16:16 - 00000000 ____D C:\Windows\system32\Drivers\he-IL
2015-10-09 05:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2015-10-09 05:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\he-IL
2015-10-09 04:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-10-09 04:56 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-10-09 04:24 - 2009-10-30 16:16 - 00000000 ____D C:\Windows\system32\Drivers\ar-SA
2015-10-09 04:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-10-09 04:24 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-10-09 04:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2015-10-09 04:07 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-10-09 02:39 - 2009-07-14 00:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-09 02:39 - 2009-07-14 00:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-09 02:33 - 2014-12-23 17:10 - 00000000 ____D C:\Users\Whaley David\AppData\Local\Spotify
2015-10-09 02:33 - 2014-12-23 17:09 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Spotify
2015-10-09 02:31 - 2014-07-20 00:34 - 00000000 ____D C:\Users\Whaley David\AppData\Local\Adobe
2015-10-09 02:30 - 2015-08-31 00:40 - 00011070 _____ C:\Windows\setupact.log
2015-10-09 02:30 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-09 01:24 - 2014-06-26 21:55 - 00000000 ___HD C:\Users\Whaley David
2015-10-09 01:23 - 2015-08-31 00:27 - 00491524 _____ C:\Windows\PFRO.log
2015-10-09 01:22 - 2015-02-26 02:11 - 112197632 _____ C:\Windows\system32\config\software.bak
2015-10-09 01:22 - 2009-07-13 22:34 - 22806528 _____ C:\Windows\system32\config\SYSTEM.bak
2015-10-09 01:22 - 2009-07-13 22:34 - 00028672 _____ C:\Windows\system32\config\SECURITY.bak
2015-10-09 01:18 - 2009-07-13 22:34 - 00176128 _____ C:\Windows\system32\config\SAM.bak
2015-10-09 00:12 - 2014-07-23 03:09 - 00000000 ____D C:\ProgramData\PCPitstop
2015-10-07 18:03 - 2015-09-03 00:35 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-07 02:15 - 2014-09-28 22:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-07 02:12 - 2014-06-28 13:43 - 00000000 ____D C:\Windows\system32\MRT
2015-10-07 01:57 - 2014-12-10 11:50 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-07 01:57 - 2014-07-02 08:28 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-07 01:56 - 2015-04-07 00:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 01:56 - 2015-04-07 00:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-07 01:09 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-07 00:52 - 2014-11-16 21:08 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Rainmeter
2015-10-07 00:52 - 2014-10-05 12:30 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-10-07 00:52 - 2014-10-05 12:30 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-07 00:52 - 2014-07-28 13:35 - 00000000 ____D C:\Users\Dale.Whaley
2015-10-07 00:52 - 2014-06-28 14:58 - 00000000 ____D C:\Users\Laurie
2015-10-07 00:52 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-10-05 03:56 - 2014-06-27 03:41 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Skype
2015-10-05 01:07 - 2015-01-04 23:32 - 00002265 _____ C:\Users\Public\Desktop\Samsung Printer Diagnostics.lnk
2015-10-05 01:07 - 2015-01-04 23:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2015-10-05 00:18 - 2014-06-26 21:54 - 00000000 ____D C:\Windows\Panther
2015-10-05 00:15 - 2014-06-27 03:24 - 00044953 _____ C:\Windows\system32\lvcoinst.log
2015-10-05 00:01 - 2015-03-01 13:03 - 00000000 ____D C:\Users\Whaley David\AppData\Local\LogMeIn Hamachi
2015-10-04 23:58 - 2014-08-24 14:29 - 00000000 ___RD C:\Users\Whaley David\Dropbox
2015-10-04 23:58 - 2014-08-24 14:26 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Dropbox
2015-10-04 23:40 - 2014-07-04 23:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-04 23:21 - 2014-07-01 01:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-04 20:32 - 2014-10-05 18:34 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-04 13:42 - 2015-08-24 23:59 - 00000000 ____D C:\ProgramData\Motorola
2015-10-03 17:19 - 2009-07-14 01:08 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-29 01:57 - 2014-06-27 21:04 - 00000000 ____D C:\Windows\Minidump
2015-09-27 14:37 - 2014-07-20 23:43 - 00000000 ____D C:\Users\Whaley David\Documents\Rockstar Games
2015-09-27 00:39 - 2014-10-08 15:15 - 00000000 ____D C:\Users\Whaley David\AppData\Local\Rockstar Games
2015-09-26 08:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\L2Schemas
2015-09-25 16:36 - 2014-09-11 22:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-25 16:34 - 2014-09-11 22:43 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-24 20:57 - 2015-08-25 01:54 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 11:10 - 2014-10-05 13:27 - 00000000 ____D C:\Users\Whaley David\Documents\EA Games
2015-09-23 23:36 - 2009-07-14 01:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 23:35 - 2015-08-29 12:39 - 00000000 ____D C:\Program Files (x86)\PCPitstop
2015-09-20 11:44 - 2014-06-28 14:58 - 00000000 ____D C:\Users\Laurie\AppData\Local\Google
2015-09-20 10:07 - 2015-03-31 16:39 - 00000000 ____D C:\Users\Laurie\AppData\Local\LogMeIn Hamachi
2015-09-19 12:03 - 2015-01-04 23:33 - 00000000 ____D C:\ProgramData\Samsung
2015-09-14 00:28 - 2011-06-22 09:50 - 00000000 ____D C:\Fraps
2015-09-13 17:51 - 2015-01-05 00:31 - 00000072 _____ C:\Users\Public\LMDebug.log
2015-09-13 17:35 - 2015-01-04 23:32 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-09-13 17:22 - 2015-01-04 23:34 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Samsung
2015-09-12 14:05 - 2014-08-22 21:23 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-09-12 12:58 - 2015-09-03 00:35 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-12 12:58 - 2015-05-05 21:34 - 00000985 _____ C:\Users\Public\Desktop\Zviewer.lnk
2015-09-12 12:58 - 2015-02-16 17:02 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-09-12 12:58 - 2014-12-23 17:10 - 00001847 _____ C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-09-12 12:58 - 2014-12-18 00:27 - 00000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-12 12:58 - 2014-12-18 00:27 - 00000953 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-09-12 12:58 - 2014-11-16 21:08 - 00001738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2015-09-12 12:58 - 2014-11-16 02:33 - 00001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-09-12 12:58 - 2014-11-15 23:12 - 00001209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-09-12 12:58 - 2014-10-13 21:31 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-09-12 12:58 - 2014-10-13 21:31 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-09-12 12:58 - 2014-07-21 04:18 - 00001959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanner Software.lnk
2015-09-12 12:58 - 2014-07-19 19:31 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-12 12:58 - 2014-07-04 22:23 - 00002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk
2015-09-12 12:58 - 2014-07-01 01:24 - 00000911 _____ C:\Users\Public\Desktop\Steam.lnk
2015-09-12 12:58 - 2014-06-26 18:04 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-09-12 12:58 - 2014-06-26 18:04 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-09-12 12:58 - 2009-07-14 00:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-12 12:58 - 2009-07-14 00:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-09-12 12:58 - 2009-07-14 00:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-09-12 12:58 - 2009-07-14 00:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-09-12 12:57 - 2015-09-07 01:08 - 00002130 _____ C:\Users\Public\Desktop\ASTRO 25 Portable CPS.lnk
2015-09-12 12:57 - 2015-06-09 15:30 - 00002101 _____ C:\Users\Public\Desktop\Bus & Cable Car Simulator - San Francisco.lnk
2015-09-12 12:57 - 2015-03-20 16:47 - 00000146 _____ C:\Users\Whaley David\Desktop\Sound.lnk
2015-09-12 12:57 - 2015-03-15 11:04 - 00001136 _____ C:\Users\Public\Desktop\MAGIX Music Studio 2.lnk
2015-09-12 12:57 - 2015-03-01 13:02 - 00000920 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-09-12 12:57 - 2015-02-23 23:07 - 00001549 _____ C:\Users\Whaley David\Desktop\VNC Viewer.lnk
2015-09-12 12:57 - 2015-02-22 19:42 - 00000844 _____ C:\Users\Whaley David\Desktop\Windows XP.lnk
2015-09-12 12:57 - 2014-12-23 17:10 - 00001841 _____ C:\Users\Whaley David\Desktop\Spotify.lnk
2015-09-12 12:57 - 2014-11-23 17:15 - 00000922 _____ C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Smart Wizard.lnk
2015-09-12 12:57 - 2014-11-17 00:59 - 00001439 _____ C:\Users\Whaley David\Desktop\ZModeler2.lnk
2015-09-12 12:57 - 2014-10-06 21:41 - 00000973 _____ C:\Users\Public\Desktop\Origin.lnk
2015-09-12 12:57 - 2014-10-05 18:34 - 00002046 _____ C:\Users\Public\Desktop\Rockstar Games Social Club.lnk
2015-09-12 12:57 - 2014-10-05 15:27 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-09-12 12:57 - 2014-09-07 00:19 - 00000566 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-09-12 12:57 - 2014-08-31 21:42 - 00001103 _____ C:\Users\Public\Desktop\MAGIX Music Maker 2014.lnk
2015-09-12 12:57 - 2014-08-24 14:29 - 00001027 _____ C:\Users\Whaley David\Desktop\Dropbox.lnk
2015-09-12 12:57 - 2014-08-11 23:20 - 00001059 _____ C:\Users\Whaley David\Desktop\Notepad++.lnk
2015-09-12 12:57 - 2014-07-21 02:34 - 00001220 _____ C:\Users\Public\Desktop\911 - First Responders.lnk
2015-09-12 12:57 - 2014-07-20 21:17 - 00002284 _____ C:\Users\Whaley David\Desktop\SparkIV.lnk
2015-09-12 12:57 - 2014-07-20 19:36 - 00001226 _____ C:\Users\Whaley David\Desktop\TeamSpeak 3 Client.lnk
2015-09-12 12:57 - 2014-07-20 00:19 - 00001419 _____ C:\Users\Whaley David\Desktop\OpenIV.lnk
2015-09-12 12:57 - 2014-07-19 19:31 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-09-12 12:57 - 2014-07-19 19:25 - 00001005 _____ C:\Users\Whaley David\Desktop\WinRAR.lnk
2015-09-12 12:57 - 2014-07-10 23:49 - 00001326 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-09-12 12:57 - 2014-07-04 22:23 - 00002044 _____ C:\Users\Public\Desktop\NETGEAR Genie.lnk
2015-09-12 12:57 - 2014-07-03 01:38 - 00001077 _____ C:\Users\Whaley David\Desktop\Rigs of Rods.lnk
2015-09-12 12:57 - 2014-06-27 17:54 - 00000964 _____ C:\Users\Whaley David\Desktop\VirtualDJ LE Lite (DJ2GO).lnk
2015-09-12 12:57 - 2009-07-14 01:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-09-12 12:57 - 2009-07-14 00:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-09-12 12:56 - 2014-12-28 23:23 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\IHlpr
2015-09-12 12:56 - 2014-11-16 01:12 - 00000000 ____D C:\Program Files (x86)\b575059b-035c-4a2d-8639-ebbae477f1a4
2015-09-12 12:56 - 2014-07-19 19:22 - 00000000 ____D C:\Users\Whaley David\AppData\Roaming\Systweak
2015-09-12 12:56 - 2014-07-19 19:22 - 00000000 ____D C:\ProgramData\Systweak
2015-09-12 12:20 - 2014-06-26 21:56 - 00000000 ___RD C:\Users\Whaley David\Virtual Machines
2015-09-12 12:12 - 2015-09-07 01:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-12 12:12 - 2015-09-07 01:08 - 00000000 ____D C:\Program Files (x86)\Motorola
2015-09-09 23:36 - 2015-09-02 16:20 - 00000000 ____D C:\Users\Dale.Whaley\AppData\Roaming\Samsung
2015-09-09 23:36 - 2015-09-02 16:20 - 00000000 ____D C:\Users\Dale.Whaley\AppData\Local\LogMeIn Hamachi
2015-09-09 22:04 - 2009-07-14 01:13 - 00809548 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-09 21:58 - 2009-07-14 00:45 - 00518216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 18:05 - 2015-09-02 13:09 - 00000010 _____ C:\Users\Public\Documents\test.txt
 
==================== Files in the root of some directories =======
 
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Whaley David\AppData\Roaming\9HT6JsD
2015-04-14 12:28 - 2015-04-14 12:28 - 0001171 _____ () C:\Users\Whaley David\AppData\Roaming\jBoGl2uQjvGU
2015-04-19 08:20 - 2015-04-19 08:20 - 0005872 _____ () C:\Users\Whaley David\AppData\Roaming\LYbwo2PY2B
2015-03-31 04:14 - 2015-03-31 04:14 - 0001171 _____ () C:\Users\Whaley David\AppData\Roaming\TI0Nw82wH0duU
2015-03-31 04:14 - 2015-03-31 04:14 - 0005655 _____ () C:\Users\Whaley David\AppData\Roaming\TI0Nw82wH0duUbWvD3P5
2015-09-03 00:26 - 2015-09-03 00:26 - 0000070 _____ () C:\Users\Whaley David\AppData\Roaming\WB.CFG
2015-04-14 12:28 - 2015-04-14 12:28 - 0001171 _____ () C:\Users\Whaley David\AppData\Roaming\zpZi7XIUjGpbhka0t
2014-12-30 20:29 - 2014-12-30 20:29 - 0000064 _____ () C:\Users\Whaley David\AppData\Local\1ff6ce7d909340441bf710180dd60f46
2014-12-01 20:26 - 2014-12-16 20:26 - 0000010 _____ () C:\Users\Whaley David\AppData\Local\DSI.DAT
 
Some files in TEMP:
====================
C:\Users\Whaley David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpekrrhw.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2014-06-26 22:36] - [2014-02-04 14:25] - 0221184 ____A (Microsoft Corporation) B6BB1EDE455D39B80F4BAE23478A2905
 
C:\Windows\SysWOW64\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-10-05 04:51
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-10-2015
Ran by Whaley David (2015-10-09 10:58:44)
Running from C:\Users\Whaley David\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-06-27 01:54:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1916182683-1298059335-62827055-500 - Administrator - Disabled)
Dale (S-1-5-21-1916182683-1298059335-62827055-1004 - Limited - Enabled) => C:\Users\Dale.Whaley
Guest (S-1-5-21-1916182683-1298059335-62827055-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1916182683-1298059335-62827055-1002 - Limited - Enabled)
Laurie (S-1-5-21-1916182683-1298059335-62827055-1003 - Administrator - Enabled) => C:\Users\Laurie
Whaley David (S-1-5-21-1916182683-1298059335-62827055-1001 - Administrator - Enabled) => C:\Users\Whaley David
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1-Wire Drivers Version 4.03 Beta x64 (HKLM\...\{0041F5D9-B2C5-4007-90B2-60F65DAEF492}) (Version: 4.0.3 - Maxim Integrated Products)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
911 - First Reponsders (HKLM-x32\...\911 - First Responders) (Version: 1.0.0.0 - Atari)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced Keys Administrator R05.00.00 (HKLM-x32\...\{2F6FD56C-3125-4A34-BDEA-E7F566E6C55D}) (Version: 5.0.0 - Motorola Solutions, Inc.)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ASTRO 25 Portable CPS (HKLM-x32\...\{11CD1FA0-4EF4-11D5-A76E-0010B575AE4F}) (Version: 20.01.000 - Motorola)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bus & Cable Car Simulator - San Francisco (HKLM-x32\...\Bus & Cable Car Simulator - San Francisco) (Version:  - )
Bus-Simulator 2012 (HKLM-x32\...\Steam App 253770) (Version:  - TML Studios)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CpFix (HKLM-x32\...\InstallShield_{C72781A8-C1AD-4430-AD6C-A3264FC53DC1}) (Version: 4.00.0000 - Your Company Name)
CpFix (x32 Version: 4.00.0000 - Your Company Name) Hidden
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EchoLink (HKLM-x32\...\{DC33421C-0E1C-470A-BE37-7B7C82677812}) (Version: 2.0.908 - Synergenics, LLC)
FaceRig (HKLM-x32\...\Steam App 274920) (Version:  - Holotech Studios)
FaceRig Virtual Video driver version 1.0.1.1000 (HKLM-x32\...\{7D6A1A0F-F57E-4C6B-9331-86CBC7D5C787}_is1) (Version: 1.0.1.1000 - Adoriasoft LLC)
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version:  - Giants Software)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KPG-111D (HKLM-x32\...\{6AFBC841-2540-4095-974E-56748BBF76D1}) (Version:  - )
KPG-143D (HKLM-x32\...\{0327B963-3CF2-47D6-A916-E2DD633C6375}) (Version:  - )
KPG-82D (HKLM-x32\...\{70A4A785-931D-426D-BA73-63C9E845FE66}) (Version:  - )
KPG-89D (HKLM-x32\...\{721A642C-4769-11D8-8F88-0050DA8F812F}) (Version:  - )
KPG-99D (HKLM-x32\...\{76D698A4-B9FF-4746-8780-EB7FB72AAC1F}) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
MAGIX Analogue Modelling Suite Plus (HKLM\...\MX.{F485F2FE-1D3D-4F6D-AD4E-13FA5FB22A88}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Analogue Modelling Suite Plus (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Burn routines (HKLM\...\{A64B679B-E591-4C74-B74A-147E0CCEDCE4}) (Version: 11.0.0.238 - MAGIX Software GmbH)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX essentialFX Suite (HKLM\...\MX.{CB7B17F4-3833-4699-890B-52C5D0AB926D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX essentialFX Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{099D5322-82F4-44ED-9A7D-B5945D60A960}) (Version: 4.3.1.6 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.1.6 - MAGIX AG) Hidden
MAGIX Music Maker 2014 (HKLM-x32\...\MX.{92D71205-2FC1-4B3D-8D78-30AC1BF59E3F}) (Version: 20.0.0.28 - MAGIX AG)
MAGIX Music Maker 2014 (Version: 20.0.0.28 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Update (Version: 20.0.5.56 - MAGIX Software GmbH) Hidden
MAGIX Music Studio 2 (HKLM-x32\...\MX.{B0A66D5D-A76E-4E9C-82F0-97211F0D0A66}) (Version: 20.0.0.10 - MAGIX AG)
MAGIX Music Studio 2 (Version: 20.0.0.10 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{AE0A2237-BE68-4F3A-AF96-DC0B2423081D}) (Version: 7.0.1.27 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Vandal VST-PlugIn (HKLM\...\MX.{24F96DED-7B99-49C4-B877-CDCDC37762FA}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vandal VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX VariVerb II VST-PlugIn (HKLM\...\MX.{7A97538C-6D3F-4BB5-B2A1-D0ECFB199A4C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX VariVerb II VST-PlugIn (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Vintage Effects Suite (HKLM\...\MX.{48978B41-9CD5-4274-9519-B622DD89727D}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Vintage Effects Suite (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.46 - NETGEAR Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
Notepad++ Download Packages (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Notepad++ Download Packages) (Version:  - ) <==== ATTENTION
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
PC Matic 1.1.0.56 (HKLM-x32\...\PC Matic_is1) (Version: 1.1.0.56 - PC Pitstop LLC)
PC Pitstop Info Center 1.0.0.18 (HKLM-x32\...\PCPitstopInfoCenter_is1) (Version: 1.0.0.18 - PC Pitstop LLC.)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2326 - )
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.13 - Razer Inc.)
Rigs of Rods 0.38.67 (HKLM-x32\...\Rigs of Rods 0.38.67) (Version: 0.38.67 - Rigs of Rods Team)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (3/17/2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(5/25/2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.11.28 (3/10/2015) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.10 (6/20/2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.17 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.29 (9/9/2015) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Software for Scanners (HKLM-x32\...\{B8726461-A7C6-4628-A67C-FE5FC5FB3E9F}) (Version: 0.08.0018 - BuTel Software)
Spotify (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Spotify) (Version: 1.0.14.124.g4dfabc51 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Train Simulator (HKLM-x32\...\Steam App 24010) (Version:  - Dovetail Games)
UV5R_W64_VIP (HKLM-x32\...\ST6UNST #1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ LE Lite (DJ2GO) (HKLM-x32\...\{FCE465F3-ACA2-487A-BCC9-5F1CB9F0CC42}) (Version: 7.0.3 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Piano (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Electric Piano Update (Version: 1.0.2.0 - MAGIX AG) Hidden
VNC Server 5.2.3 (HKLM\...\{E248D9BE-834C-4BE3-BBE3-E66B2AE39886}) (Version: 5.2.3 - RealVNC Ltd)
VNC Viewer 5.2.3 (HKLM\...\{18B1E36F-0DA3-4FDA-BC57-DD815B0DF3B2}) (Version: 5.2.3 - RealVNC Ltd)
WebM Project Directshow Filters (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\webmdshow) (Version:  - )
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/27/2014 2.10.00) (HKLM\...\A360E2EA788FFC586113AFE1F2AABF01EBE7A248) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/27/2014 2.10.00) (HKLM\...\42F5D8399C4B7EB9005D88E9045ABB1A715CD59A) (Version: 01/27/2014 2.10.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Windows Driver Package - Logitech (lvrs64) MEDIA  (09/21/2012 13.51.823.0) (HKLM\...\F919ABDA112FFD3234966D231D76D8F1D091A09F) (Version: 09/21/2012 13.51.823.0 - Logitech)
Windows Driver Package - Motorola Solutions, Inc. (fudally) MotorolaUSBFlashZap  (02/17/2012 03.05.00.00) (HKLM\...\99A33EE7E3B07A41DC270DDC562488CD01FEB0FF) (Version: 02/17/2012 03.05.00.00 - Motorola Solutions, Inc.)
Windows Driver Package - OEM (mr8980) Image  (04/19/2011 2.0.0.1) (HKLM\...\DE5320649B94E9499B2E71228DAB28425E5FB72D) (Version: 04/19/2011 2.0.0.1 - OEM)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinRAR 5.01 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
Winrar Packages (HKU\S-1-5-21-1916182683-1298059335-62827055-1001\...\Winrar Packages) (Version:  - ) <==== ATTENTION
WinThruster (HKLM-x32\...\WinThruster_is1) (Version: 1.79 - solvusoft Corporation) <==== ATTENTION
Wireless Monitoring System (x32 Version: 1.00.0000 - MR8980) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zviewer version 2.0.0.9 (HKLM-x32\...\{1B00336F-393F-4DC7-9956-42C69ED6565E}_is1) (Version: 2.0.0.9 - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1916182683-1298059335-62827055-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Whaley David\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
09-10-2015 00:43:42 WinThruster Fri, Oct 09, 15  00:43
09-10-2015 03:35:20 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {015BCA9A-FD68-46D5-930C-23CC4545769F} - System32\Tasks\WinThruster_DEFAULT => C:\Program Files (x86)\WinThruster\WinThruster.exe [2012-10-15] (Solvusoft Corporation) <==== ATTENTION
Task: {07B11857-2C7A-4868-8A54-D16F6AC23FDD} - System32\Tasks\{7DC2D182-A723-4BBC-A0A6-56AD622C1ADB} => pcalua.exe -a "C:\Users\Whaley David\Downloads\1378665975_ovisetup.exe" -d "C:\Users\Whaley David\Downloads"
Task: {0899DDFE-FA71-4A50-921A-B47477488DD0} - System32\Tasks\{48087850-2A1F-4AD7-83DE-EBFA47E9EAAB} => C:\Users\Whaley David\Desktop\New folder (2)\SPECTRA.EXE
Task: {121D7327-7166-4DC2-81A8-F305310BDC19} - System32\Tasks\{2DCA863B-D153-4C10-9819-E568A4AD34BD} => pcalua.exe -a C:\Temp\mysql\SETUP.EXE -d C:\Temp\mysql
Task: {26A6C740-854B-43A5-8B41-8732481F0E47} - System32\Tasks\{DDB6B45A-C31A-4DB5-83BB-0FA52C7B805B} => C:\Users\Whaley David\Desktop\New folder (2)\SPECTRA.EXE
Task: {4DA80695-E568-4B4B-926F-B7490B830511} - System32\Tasks\WinThruster => C:\Program Files (x86)\WinThruster\WinThruster.exe [2012-10-15] (Solvusoft Corporation) <==== ATTENTION
Task: {50FD9792-9495-46A9-BE0B-B208B187069C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LENOVO-PC-Whaley David LENOVO-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-08-11] (Microsoft Corporation)
Task: {5253A0F4-1E4E-4C6E-9BAB-2F8DDF063682} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {5A7028D2-A6DA-4126-A186-EACF064922B1} - System32\Tasks\WinThruster_UPDATES => C:\Program Files (x86)\WinThruster\WinThruster.exe [2012-10-15] (Solvusoft Corporation) <==== ATTENTION
Task: {7558B50E-D7C0-469E-B89A-0CFBA15E0B29} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {84AEF74C-02B8-4D11-8A42-23CE4DE75D2D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {9553B11B-BE0A-4ACE-83AE-91CC9E0DF382} - System32\Tasks\{1CF1FF06-75B4-4F7E-AC60-933EDB934FC2} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\ALEIR\ST6UNST.000"
Task: {A4A01B08-ACEB-4904-9792-E02291C300E0} - System32\Tasks\{101B4817-2CDA-40D9-BAB8-1D12A2EE3C29} => C:\Users\Whaley David\Desktop\New folder (2)\SPECTRA.EXE
Task: {CC1CE1B4-24BF-4E5C-B33D-EE2AAB335206} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {E059D35B-EEF4-4EE4-9FDA-12E8CA147AA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {F332029D-6918-4B6A-8371-FB9FBC20CA35} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {F42BC5DC-35C8-4D07-A697-6F31E1903DC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {F933D912-B487-4957-9692-B12A1AB0CD8D} - System32\Tasks\{5E5F7BA1-4251-47D5-BAA2-1DECB50BDA15} => pcalua.exe -a "C:\Users\Whaley David\AppData\Roaming\istart123\UninstallManager.exe" -c -ptid=tugs
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f2ecd7e5319a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WinThruster_DEFAULT.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
Task: C:\Windows\Tasks\WinThruster_UPDATES.job => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-09-13 17:34 - 2015-03-18 11:09 - 00022528 _____ () C:\Windows\System32\ssm1mlm.dll
2015-01-04 23:34 - 2014-04-16 04:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2015-09-13 17:38 - 2014-04-16 04:22 - 00029184 _____ () C:\Windows\System32\usp02l.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-04 23:09 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-10-07 02:12 - 2015-09-21 10:06 - 00055352 _____ () C:\Windows\SysWOW64\UMonit64.exe
2014-11-23 17:15 - 2010-08-19 16:25 - 00272864 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2014-11-23 17:15 - 2011-09-16 13:35 - 04559840 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2014-12-28 23:23 - 2014-11-18 15:44 - 00255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
2014-09-17 09:13 - 2014-09-17 09:13 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-09-17 09:13 - 2014-09-17 09:13 - 00752312 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-09-26 15:40 - 2014-09-26 15:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-01-04 23:35 - 2013-10-04 00:53 - 00734720 _____ () C:\Windows\system32\SnMinDrv.dll
2014-10-23 06:19 - 2015-08-20 05:54 - 00087552 _____ () C:\Windows\system32\SSDEVM64.DLL
2014-09-08 13:32 - 2014-09-08 13:32 - 00050688 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-11-23 17:15 - 2010-11-10 18:28 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2014-11-23 17:15 - 2010-07-08 12:24 - 00258048 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2014-12-28 23:23 - 2014-02-13 16:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\traynet.dll
2014-12-28 23:23 - 2014-02-13 16:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\libcurl.dll
2014-12-28 23:23 - 2014-02-13 16:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\zlib1.dll
2014-12-28 23:23 - 2014-02-13 16:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\uexper.dll
2015-10-09 02:32 - 2015-10-09 02:32 - 00071168 _____ () c:\Users\Whaley David\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpekrrhw.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:C0789917
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\myradioplayer => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1916182683-1298059335-62827055-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Whaley David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{43F1F7E3-4CAA-4D8D-8CB5-01AFD88BCB21}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
FirewallRules: [{C46BC078-0E1F-4B21-B30D-CE238092BA2B}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
FirewallRules: [{2089C76D-2DAE-4C69-8CBC-208B5B6DB4DA}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
FirewallRules: [{8945CC42-4D89-4F93-98F3-4B31D5469FA5}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
FirewallRules: [{3300963F-EEDC-4739-9D21-629EAA27DFE8}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [{630FD68B-7927-42BC-BCF2-B79308D8549C}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [{835B8FE5-CE6E-41B9-9DF6-3B3815ED85AF}] => (Allow) C:\Program Files (x86)\PCPitstop\PC Matic\PCMatic.exe
FirewallRules: [{50586720-854A-4120-A958-3EAC83CCC6A4}] => (Allow) C:\Program Files (x86)\PCPitstop\PC Matic\PCMatic.exe
FirewallRules: [{C34D7AA6-9CC9-4566-905B-992F89649F74}] => (Allow) C:\Program Files (x86)\PCPitstop\PC Matic\PCMatic.exe
FirewallRules: [{1F996404-3C13-4181-8F29-F8EA9BDC9B3F}] => (Allow) C:\Program Files (x86)\PCPitstop\PC Matic\PCMatic.exe
FirewallRules: [TCP Query User{ECD51276-A6E3-441D-9E2F-CEECFD5D7CE4}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{3D208E94-517D-4D48-9246-C749B486AEE3}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [TCP Query User{99EF82F6-E155-4DA2-A706-C47E4B8F791F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{9F8C8809-5A75-49C4-B204-F662D7C2A37E}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{6885CC0D-E6B1-41DE-A8AD-209413A8C3D9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05826173-D54F-46ED-AA45-CD252EABA605}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{217CB27E-0ADF-44DB-BD5D-C710E5B0586D}C:\users\whaley david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\whaley david\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{49BF401C-AE9E-40DB-86D9-EAFBEF74413A}C:\users\whaley david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\whaley david\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F8D469C0-9088-43F9-A177-42C90D0A678A}C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B71E7021-9FEE-48ED-A226-78D83407837B}C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DAAE3929-5E1B-4CBB-BD24-8712AE70819D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{55877CD9-3E92-4FDA-99D6-D4D829DBDACA}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [UDP Query User{9C1AE8BB-8A53-4274-97CF-4587EB644A55}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [TCP Query User{F3AF7EB6-8525-4690-ABC8-7C492C07D178}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{4154D9B8-5FFA-4A3C-8A6F-A018B3C2DB6F}C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{C46C39E6-2B63-4462-AB11-C9B52AC503A4}C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\whaley david\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{109A94AE-F384-4A98-B57B-C5C10E3AB4C8}C:\program files (x86)\itunes\itunes.exe] => (Allow) C:\program files (x86)\itunes\itunes.exe
FirewallRules: [{C8C02AAA-C36E-4127-BE80-3F6867944F8E}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{6F79BBD5-DBF6-4C01-8607-1035002837D6}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{98A3F25F-2242-4F33-8757-A2A7ACF3AB7D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{937525DA-AD35-4440-9EB3-92B2EC0074C5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{25C17EBE-0FFC-4814-A786-25848ED0742E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9D730DB9-E5B5-4203-BC86-83C0A2D08E57}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DCD0287A-D351-463B-8EE0-1A03E1C9D934}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4C45510D-A5DF-42E8-ABC5-A54A40BB7D0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{501F2CF9-24AB-462D-9820-54F237A805D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{5E828757-03CD-497D-9C4A-F670590C0DEE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{361EA07D-7415-4A48-A87E-C401EBEA6D1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [TCP Query User{0DA83131-BB21-4B06-AA2C-61F650ED03E3}C:\program files (x86)\wizardworks\911 - first responders\em4.exe] => (Allow) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [UDP Query User{FA8EE00E-4769-4E66-B6D2-FBE4B6FE31CA}C:\program files (x86)\wizardworks\911 - first responders\em4.exe] => (Allow) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [{2E8C4D36-93E1-485B-8B52-277ECDF7010F}] => (Block) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [{4EB5B57E-D025-47EC-A159-97E48617C5D6}] => (Block) C:\program files (x86)\wizardworks\911 - first responders\em4.exe
FirewallRules: [TCP Query User{70096203-5D63-4102-8509-5388D3C802AD}I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{48BB2F29-E84A-4CDD-BD76-91FF15010A15}I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{6AF29B61-1596-4BED-A0B0-39272B589D90}] => (Block) I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{DC9FCDC2-C633-4201-B1CB-7BF95A938292}] => (Block) I:\games\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{3D831158-7D3B-49D3-9685-2DC8524475A3}] => (Allow) I:\Games\steamapps\common\Grand Theft Auto IV\GTAIV\LCPDFR\LCPDFR Diagnostics Tool.exe
FirewallRules: [{1ADFD4B7-E204-4986-95FA-88A257623BF1}] => (Allow) I:\Games\steamapps\common\Grand Theft Auto IV\GTAIV\LCPDFR\LCPDFR Diagnostics Tool.exe
FirewallRules: [TCP Query User{C81FBE2F-7F58-4DE6-AF05-FC8FE56AD9CF}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{0CC4F7DD-EE3E-4463-B76D-6ACAE2D30CF2}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{571B1E03-E5A7-4C29-877A-2440589CECBE}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{BBB07E99-E568-4A5E-A5A7-91FD5A57B6EB}] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{F7E7C339-7612-4C24-9133-DF2039D4CFD5}C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [UDP Query User{EBAE40EF-A534-4063-A1BE-32BCC9365678}C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [{6AAF35DB-942E-4A82-804C-A310DFCB7619}] => (Block) C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [{6C8F4249-B877-4986-946E-D28954E8254A}] => (Block) C:\program files (x86)\steam\steamapps\common\farming simulator 2013\farmingsimulator2013game.exe
FirewallRules: [TCP Query User{4E6825FB-8CCA-4A98-B580-B4674B51C3A8}C:\program files (x86)\zviewer\zviewer.exe] => (Allow) C:\program files (x86)\zviewer\zviewer.exe
FirewallRules: [UDP Query User{499AB7D6-5F0A-4208-8247-2A67FD64C877}C:\program files (x86)\zviewer\zviewer.exe] => (Allow) C:\program files (x86)\zviewer\zviewer.exe
FirewallRules: [{803675F8-A6CB-4EAD-ADBD-20BBF66B519B}] => (Block) C:\program files (x86)\zviewer\zviewer.exe
FirewallRules: [{B6C66C7F-F58E-486A-88F6-32000C0CAB78}] => (Block) C:\program files (x86)\zviewer\zviewer.exe
FirewallRules: [{E2732738-5DB2-410C-98EF-5555BFAD471D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{784A6740-36E9-45FC-9E31-1A69DCC9FE5C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{9BE6F5F6-4FA2-4B48-A626-01D171D9FB9F}C:\program files (x86)\k1rfd\echolink\echolink.exe] => (Allow) C:\program files (x86)\k1rfd\echolink\echolink.exe
FirewallRules: [UDP Query User{9F691CCB-C7EA-4A83-BBD1-134D1B28C16F}C:\program files (x86)\k1rfd\echolink\echolink.exe] => (Allow) C:\program files (x86)\k1rfd\echolink\echolink.exe
FirewallRules: [{0CEEFFC1-74DB-41F3-B47E-BC4223CB1488}] => (Block) C:\program files (x86)\k1rfd\echolink\echolink.exe
FirewallRules: [{18DFAEC7-30D9-42EC-9E3C-05883BAE311B}] => (Block) C:\program files (x86)\k1rfd\echolink\echolink.exe
FirewallRules: [{9657AA8F-6131-480A-B68F-86ABA37E666C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bus-Simulator 2012\Bin_High_Win64\BusSimulator2012.exe
FirewallRules: [{7EFC64C3-EA13-4D6C-BA0E-E0A2B71860CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bus-Simulator 2012\Bin_High_Win64\BusSimulator2012.exe
FirewallRules: [TCP Query User{A7C4E0A3-8814-417C-89A0-3615CA420C7D}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{B1924C47-32B0-4EFD-AF35-ADCBC374C07D}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [TCP Query User{CBFA762B-A839-4314-A5F2-3E3BBA9308AE}C:\users\whaley david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\whaley david\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7B857F90-DB94-4C1F-A3DA-DA4A202DF8D2}C:\users\whaley david\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\whaley david\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C561C219-70D2-4D41-8904-A8E57A323012}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{80E38053-D798-4F1F-826A-7AE56096EB95}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{85F3E633-6668-4B60-8DFB-BDCF8B5541A0}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{DCB351EC-A295-40A9-B667-824114CF674E}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{D3E93402-09EB-454F-BE7C-39F8FC075725}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msnetcore.exe
FirewallRules: [{3CC24112-E1BD-4357-AB14-6EF4C3041847}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msbuild.exe
FirewallRules: [{E2A18070-0B08-49ED-B2F9-C8E013F2A8CC}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{A57578F4-60B4-4936-B7E9-CA6A14F4595D}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{1EA280C0-0931-46F3-8C82-6C55DEE11B67}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{56FC710D-3CB6-484A-8DE5-70094AB2DC9A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{A2D3F874-170E-4399-83B1-92575A0C9ECF}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe
FirewallRules: [{69B7D44F-0BFD-4781-80DF-037B30E7900E}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe
FirewallRules: [{03672D5A-99BF-4156-95E0-13931E8A51E4}] => (Allow) C:\Windows\system32\spool\drivers\x64\3\NetFaxMon64.exe
FirewallRules: [{5E2A9ACF-D948-4AF9-AF43-AA99A1CFCF46}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{662A2CE8-F083-48DF-A242-810F485A3043}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{8C5DAB2B-1BED-408A-90E4-453C984A78B1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{7234F3FF-D871-438D-85CF-EE76FD7605C3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{8AB0543F-BA80-47B3-B3E4-49620A14DDDF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{F7637C8F-F823-4429-89F9-879A5148A398}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{5FF60697-ABE6-42D5-B773-8C7AC7484655}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{CC3013BE-880B-422E-82F1-3250D1ABC5AC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{B3FE700E-FFFA-4C69-8D46-72E856D47121}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{2A7363C2-A29B-4DEA-8245-707A3E4276FB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{C7E2CAEB-DD9A-4284-8CD2-A92BC34E3378}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [{07624126-6D8D-41D1-B263-4C197EC2A3DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FaceRig\Bin\Launcher.exe
FirewallRules: [{B8AA103D-ADA1-4065-BD7F-9147D742198E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{84D7EC46-64F3-4BDA-89D6-20AD0CED389F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FaceRig\Bin\FaceRig.exe
FirewallRules: [{685AF72B-C3DA-4C2F-A254-89654E53D4EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B6897910-8D98-43CA-B52C-21B2783E97CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72A82F6E-3B69-40AC-BC6F-C7C0719534F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{326C7E71-50FF-4CD4-9C9E-8CB37CF5F5A4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{40A3A781-BD47-4BE4-B359-0BFB6E776FE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E732109A-1D68-4008-B9E8-6C7AA58DDC7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{10586836-8A64-4167-B8AC-6F544E0B9300}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{D0D3F7CB-1623-455B-93D2-B7F59912FCE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{49BEB758-0004-4B88-AACF-CDFF128D8F84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{CDD29D16-3F9E-4E5D-B108-E9F732721727}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{DDFAF099-7D51-43D2-B4DF-4E52EDE8BA88}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{E84D13A0-A947-4B4C-973F-BEA21BE50E12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{63E21519-979B-4E1A-A131-B6CDAEBC793B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{D24B8FAC-474B-4BCF-8E3E-973535F3688E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{D55FFDD3-F444-483D-A26F-A70C2A4B3692}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{BF6836F3-D092-4CBE-A5FF-41DFCAD75062}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{F72A72CC-E099-4272-A358-DB8DE8DAE9DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{75DF5BC5-FB72-4B62-B2CB-ABFFEAAF80C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{35FBFFF1-CAAA-4F49-9593-03D205A497EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{A22350C9-7A33-40E9-BFE0-A697E504CF8D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{06CC4480-089A-43AE-AF4F-98EDCE63EF6A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{C34F7201-4DBA-44B7-8144-ACBAE66BEE4C}] => (Allow) C:\Program Files (x86)\WinThruster\WinThruster.exe
FirewallRules: [{01CAEFAC-F701-4A0E-9410-48E549FCFDE0}] => (Allow) C:\Program Files (x86)\WinThruster\WinThruster.exe
FirewallRules: [{1559DA74-1C4C-4CF2-8EBC-A8BB2FD66DBE}] => (Allow) C:\Program Files (x86)\WinThruster\WinThruster.exe
FirewallRules: [{0217A342-E28B-44F2-82AD-AF14790D5E4D}] => (Allow) C:\Program Files (x86)\WinThruster\WinThruster.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: NPF
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: zgi5m2f2zxm0bdf
Description: zgi5m2f2zxm0bdf
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: zgi5m2f2zxm0bdf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/09/2015 10:52:36 AM) (Source: ESENT) (EventID: 474) (User: )
Description: wuaueng.dll (324) SUS20ClientDataStore: The database page read from the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 533561344 (0x000000001fcd8000) (database page wuaueng.dll0) for 32768 (0x00008000) bytes failed verification due to a page checksum mismatch.  The expected checksum was [0079ff86bee4d75b:97729772ed13117c:3d33c2cc5da24104:60469fb93dc95f95] and the actual checksum was [b4c1b4c1bee4d717:97729772ed13117c:3d33c2cc5da24104:60469fb93dc95f95].  The read operation will fail with error -1018 (0xfffffc06).  If this condition persists then please restore the database from a previous backup.  This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
 
Error: (10/09/2015 07:41:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TrustedInstaller.exe, version: 6.1.7601.17514, time stamp: 0x4ce7989b
Faulting module name: wcp.dll, version: 6.1.7601.18766, time stamp: 0x54e4396d
Exception code: 0xc0000005
Fault offset: 0x00000000000a6838
Faulting process id: 0xb34
Faulting application start time: 0xTrustedInstaller.exe0
Faulting application path: TrustedInstaller.exe1
Faulting module path: TrustedInstaller.exe2
Report Id: TrustedInstaller.exe3
 
Error: (10/09/2015 02:31:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NETGEARGenie.exe, version: 2.3.1.0, time stamp: 0x5459d9a3
Faulting module name: Qt5Core.dll, version: 5.1.1.0, time stamp: 0x521a52e4
Exception code: 0xc0000005
Fault offset: 0x00210e90
Faulting process id: 0xafc
Faulting application start time: 0xNETGEARGenie.exe0
Faulting application path: NETGEARGenie.exe1
Faulting module path: NETGEARGenie.exe2
Report Id: NETGEARGenie.exe3
 
Error: (10/09/2015 02:30:19 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
 
Error: (10/08/2015 12:20:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NETGEARGenie.exe, version: 2.3.1.0, time stamp: 0x5459d9a3
Faulting module name: Qt5Core.dll, version: 5.1.1.0, time stamp: 0x521a52e4
Exception code: 0xc0000005
Fault offset: 0x00210e90
Faulting process id: 0x92c
Faulting application start time: 0xNETGEARGenie.exe0
Faulting application path: NETGEARGenie.exe1
Faulting module path: NETGEARGenie.exe2
Report Id: NETGEARGenie.exe3
 
Error: (10/08/2015 12:19:15 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
 
Error: (10/07/2015 11:18:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NETGEARGenie.exe, version: 2.3.1.0, time stamp: 0x5459d9a3
Faulting module name: Qt5Core.dll, version: 5.1.1.0, time stamp: 0x521a52e4
Exception code: 0xc0000005
Fault offset: 0x00210e90
Faulting process id: 0xe30
Faulting application start time: 0xNETGEARGenie.exe0
Faulting application path: NETGEARGenie.exe1
Faulting module path: NETGEARGenie.exe2
Report Id: NETGEARGenie.exe3
 
Error: (10/07/2015 11:15:08 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
 
Error: (10/07/2015 05:54:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NETGEARGenie.exe, version: 2.3.1.0, time stamp: 0x5459d9a3
Faulting module name: Qt5Core.dll, version: 5.1.1.0, time stamp: 0x521a52e4
Exception code: 0xc0000005
Fault offset: 0x00210e90
Faulting process id: 0x16f8
Faulting application start time: 0xNETGEARGenie.exe0
Faulting application path: NETGEARGenie.exe1
Faulting module path: NETGEARGenie.exe2
Report Id: NETGEARGenie.exe3
 
Error: (10/07/2015 05:54:25 PM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start
 
 
System errors:
=============
Error: (10/09/2015 10:57:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:55:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:50:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:48:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:43:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:41:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:40:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:40:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:40:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
Error: (10/09/2015 10:39:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The DNS Client service terminated with the following error: 
%%127
 
 
CodeIntegrity:
===================================
  Date: 2015-08-25 01:34:59.228
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:34:20.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:34:20.616
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:33:45.282
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:33:45.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:33:24.924
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:29:37.664
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:29:37.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:28:25.280
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-08-25 01:28:25.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU E5800 @ 3.20GHz
Percentage of memory in use: 36%
Total physical RAM: 12287.18 MB
Available physical RAM: 7816.38 MB
Total Virtual: 24572.55 MB
Available Virtual: 20517.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:230.68 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (WD SATA) (Fixed) (Total:232.89 GB) (Free:228.59 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DF648891)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 4FCB6A46)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 09 October 2015 - 11:30 AM

Hi,

Step 1

Please uninstall some programs:
  • Windows 7w7.png: Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    globalupdate Helper
    Notepad++ Download Packages
    Winrar Packages
    WinThruster

  • Reboot your computer.
Step 2

rufus-128.png + FRST.gif Search with FRST from the Recovery Environment

frst.pngfrstsearch.png


Please copy the FRST64.exe from your desktop to a plugged flash drive.

Win 7:
  • To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html




    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:

    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt


    Select Command Prompt

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Write the following text into the Search textbox:
dnsapi.dll
  • Click on the Search Files button.
  • When finished, a log file (Search.txt) is saved to the flashdrive.
  • Please copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 ThatDellGuy2900

ThatDellGuy2900
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oswego County, New York
  • Local time:04:23 PM

Posted 09 October 2015 - 12:46 PM

Farbar Recovery Scan Tool (x64) Version:08-10-2015
Ran by SYSTEM (2015-10-09 12:59:03)
Running from c:\
Boot Mode: Recovery
 
================== Search Files: "dnsapi.dll" =============
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2011-04-12 16:53][2011-03-02 21:12] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2011-04-12 16:53][2011-03-02 21:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2011-04-05 12:06][2010-11-20 04:18] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac\dnsapi.dll
[2011-04-12 16:53][2011-03-02 21:50] 0270336 ____A (Microsoft Corporation) 11DD7EB4446F25C132D0D8527DDCAF4D
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3\dnsapi.dll
[2011-04-12 16:53][2011-03-02 21:29] 0269824 ____A (Microsoft Corporation) 62390F4ACE9E2B63E3CA26B7F7497897
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d\dnsapi.dll
[2009-07-13 15:12][2009-07-13 17:15] 0269824 ____A (Microsoft Corporation) 6D5A49D6479EB753C7879F73A4C35E0F
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2011-04-12 16:53][2011-03-02 22:12] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2011-04-12 16:53][2011-03-02 22:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2011-04-05 12:06][2010-11-20 05:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsapi.dll
[2011-04-12 16:53][2011-03-02 22:23] 0356864 ____A (Microsoft Corporation) B538E393F7FD85A054106FF21A4240EA
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsapi.dll
[2011-04-12 16:53][2011-03-02 22:17] 0356352 ____A (Microsoft Corporation) E247E7DEB20C0CF0801A8AC39E9CE1DF
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
[2009-07-13 15:21][2009-07-13 17:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E
 
C:\Windows.old\Windows\SysWOW64\dnsapi.dll
[2011-04-12 16:53][2011-03-02 21:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9
 
C:\Windows.old\Windows\System32\dnsapi.dll
[2011-04-12 16:53][2011-03-02 22:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2014-06-26 18:36][2011-03-02 21:12] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2014-06-26 18:36][2011-03-02 21:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2014-06-29 08:40][2010-11-20 04:18] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac\dnsapi.dll
[2014-06-26 18:36][2011-03-02 21:50] 0270336 ____A (Microsoft Corporation) 11DD7EB4446F25C132D0D8527DDCAF4D
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3\dnsapi.dll
[2014-06-26 18:36][2011-03-02 21:29] 0269824 ____A (Microsoft Corporation) 62390F4ACE9E2B63E3CA26B7F7497897
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d\dnsapi.dll
[2009-07-13 15:12][2009-07-13 17:15] 0269824 ____A (Microsoft Corporation) 6D5A49D6479EB753C7879F73A4C35E0F
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2014-06-26 18:36][2011-03-02 22:12] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2014-06-26 18:36][2011-03-02 22:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2014-06-29 08:40][2010-11-20 05:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsapi.dll
[2014-06-26 18:36][2011-03-02 22:23] 0356864 ____A (Microsoft Corporation) B538E393F7FD85A054106FF21A4240EA
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsapi.dll
[2014-06-26 18:36][2011-03-02 22:17] 0356352 ____A (Microsoft Corporation) E247E7DEB20C0CF0801A8AC39E9CE1DF
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
[2009-07-13 15:21][2009-07-13 17:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E
 
C:\Windows\System32\dnsapi.dll
[2014-06-26 18:36][2014-02-04 10:25] 0221184 ____A (Microsoft Corporation) B6BB1EDE455D39B80F4BAE23478A2905
 
C:\$Recycle.Bin\S-1-5-21-1916182683-1298059335-62827055-1001\$RYKH5TK\dnsapi.dll
[2014-06-26 18:36][2015-08-24 21:18] 0357888 ____A (Microsoft Corporation) 0E4E27DDEC7F5282C284799613F814FC
 
X:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
[2009-07-13 15:21][2009-07-13 17:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E
 
X:\Windows\System32\dnsapi.dll
[2009-07-13 15:21][2009-07-13 17:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E
 
====== End of Search ======


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 09 October 2015 - 01:06 PM

Hi,

please download the attached fixlist to your flashdrive and boot into the RE like before. Open command prompt and FRST again. This time press the Fix button.

Attached File  fixlist.txt   316bytes   11 downloads



Reboot the computer and perform the search in normal mode:

Step 1

frst.pngfrstsearch.png

  • Start FRST with Administrator privileges.
  • Write the following text into the Search textbox:
dnsapi.dll
  • Click on the Search Files button.
  • When finished, a log file (Search.txt) pops up and is saved to the same location the tool was run from.
  • Please copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 ThatDellGuy2900

ThatDellGuy2900
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oswego County, New York
  • Local time:04:23 PM

Posted 11 October 2015 - 02:01 PM

Everything appears to be working correctly after that repair, THANK YOU!!!!! I can't thank you enough for your help! :-) Here are the scan results:

 

Farbar Recovery Scan Tool (x64) Version:11-10-2015 01
Ran by Whaley David (2015-10-11 14:12:00)
Running from C:\Users\Whaley David\Desktop
Boot Mode: Normal
 
================== Search Files: "dnsapi.dll" =============
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2011-04-12 20:53][2011-03-03 01:12] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2011-04-12 20:53][2011-03-03 01:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9 [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2011-04-05 16:06][2010-11-20 08:18] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41 [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac\dnsapi.dll
[2011-04-12 20:53][2011-03-03 01:50] 0270336 ____A (Microsoft Corporation) 11DD7EB4446F25C132D0D8527DDCAF4D [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3\dnsapi.dll
[2011-04-12 20:53][2011-03-03 01:29] 0269824 ____A (Microsoft Corporation) 62390F4ACE9E2B63E3CA26B7F7497897 [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d\dnsapi.dll
[2009-07-13 19:12][2009-07-13 21:15] 0269824 ____A (Microsoft Corporation) 6D5A49D6479EB753C7879F73A4C35E0F [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2011-04-12 20:53][2011-03-03 02:12] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2011-04-12 20:53][2011-03-03 02:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2011-04-05 16:06][2010-11-20 09:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01 [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsapi.dll
[2011-04-12 20:53][2011-03-03 02:23] 0356864 ____A (Microsoft Corporation) B538E393F7FD85A054106FF21A4240EA [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsapi.dll
[2011-04-12 20:53][2011-03-03 02:17] 0356352 ____A (Microsoft Corporation) E247E7DEB20C0CF0801A8AC39E9CE1DF [File is digitally signed]
 
C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
[2009-07-13 19:21][2009-07-13 21:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E [File is digitally signed]
 
C:\Windows.old\Windows\SysWOW64\dnsapi.dll
[2011-04-12 20:53][2011-03-03 01:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9 [File is digitally signed]
 
C:\Windows.old\Windows\System32\dnsapi.dll
[2011-04-12 20:53][2011-03-03 02:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2014-06-26 22:36][2011-03-03 01:12] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2014-06-26 22:36][2011-03-03 01:38] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9 [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2014-06-29 12:40][2010-11-20 08:18] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41 [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_49006e49e950e0ac\dnsapi.dll
[2014-06-26 22:36][2011-03-03 01:50] 0270336 ____A (Microsoft Corporation) 11DD7EB4446F25C132D0D8527DDCAF4D [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_4833ef7cd065b8b3\dnsapi.dll
[2014-06-26 22:36][2011-03-03 01:29] 0269824 ____A (Microsoft Corporation) 62390F4ACE9E2B63E3CA26B7F7497897 [File is digitally signed]
 
C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_482c18d6d06b2c0d\dnsapi.dll
[2009-07-13 19:12][2009-07-13 21:15] 0269824 ____A (Microsoft Corporation) 6D5A49D6479EB753C7879F73A4C35E0F [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2014-06-26 22:36][2011-03-03 02:12] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2014-06-26 22:36][2011-03-03 02:24] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2014-06-29 12:40][2010-11-20 09:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01 [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.20914_none_3eabc3f7b4f01eb1\dnsapi.dll
[2014-06-26 22:36][2011-03-03 02:23] 0356864 ____A (Microsoft Corporation) B538E393F7FD85A054106FF21A4240EA [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16772_none_3ddf452a9c04f6b8\dnsapi.dll
[2014-06-26 22:36][2011-03-03 02:17] 0356352 ____A (Microsoft Corporation) E247E7DEB20C0CF0801A8AC39E9CE1DF [File is digitally signed]
 
C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7600.16385_none_3dd76e849c0a6a12\dnsapi.dll
[2009-07-13 19:21][2009-07-13 21:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E [File is digitally signed]
 
C:\Windows\SysWOW64\dnsapi.dll
[2015-10-11 18:01][2009-07-13 21:15] 0269824 ____A (Microsoft Corporation) 6D5A49D6479EB753C7879F73A4C35E0F [File is digitally signed]
 
C:\Windows\System32\dnsapi.dll
[2014-06-26 22:36][2009-07-13 21:40] 0356352 ____A (Microsoft Corporation) 05A2D26ACF0939A4E97160315F1FA12E [File is digitally signed]
 
C:\$Recycle.Bin\S-1-5-21-1916182683-1298059335-62827055-1001\$RYKH5TK\dnsapi.dll
[2014-06-26 22:36][2015-08-25 01:18] 0357888 ____A (Microsoft Corporation) 0E4E27DDEC7F5282C284799613F814FC [File not signed]
 

====== End of Search ====== 



#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 11 October 2015 - 02:04 PM

We're not done yet! :)

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
    Copy and paste the contents of that logfile in your next reply.
Step 2

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 14 October 2015 - 03:51 AM

Hi,

3 Day Inactivity

this is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:23 AM

Posted 16 October 2015 - 05:40 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users