Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Internet Access after Trojan Removal with MSE


  • This topic is locked This topic is locked
37 replies to this topic

#1 debski77

debski77

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 14 October 2015 - 04:13 PM

The user was alerted by Microsoft Security Essentials of Malware and removed the Trojan rendering her computer with No Internet Access... it does not show the yellow alert, apparently there is internet connection but No Internet Access... the good thing is she has intranet access.

Attached Files

  • Attached File  FRST.txt   34.27KB   4 downloads

Edited by hamluis, 14 October 2015 - 04:41 PM.
Moved from Win 7 to MRL - Hamluis.


BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 14 October 2015 - 11:56 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1

rufus-128.png + FRST.gif Search with FRST from the Recovery Environment

frst.pngfrstsearch.png


Please copy the FRST64.exe from your desktop to a plugged flash drive.

Win 7:

  • To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html




    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:

    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt


    Select Command Prompt
     
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Write the following text into the Search textbox:
dnsapi.dll
  • Click on the Search Files button.
  • When finished, a log file (Search.txt) is saved to the flashdrive.
  • Please copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 16 October 2015 - 07:00 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-10-2015
Ran by mlindsay (administrator) on SCI-10 (16-10-2015 19:35:11)
Running from E:\
Loaded Profiles: mlindsay (Available Profiles: mlindsay & CMcCaddin)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Solvusoft Corporation) C:\Program Files (x86)\WinThruster\WinThruster.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-09-26] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710720 2015-09-25] (Dropbox, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [761064 2015-09-26] (Adobe Systems Incorporated)
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104288 2015-06-26] (Adobe Systems Incorporated)
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\RunOnce: [Uninstall C:\Users\MLindsay\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\MLindsay\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Policies\Explorer: [NoInplaceSharing] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Policies\Explorer: [NoSimpleStartMenu] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Policies\Explorer: [QuickLaunchEnabled] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\...\Policies\Explorer: [ForceRunOnStartMenu] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-09-25] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notify.lnk [2015-03-06]
ShortcutTarget: Notify.lnk -> C:\Program Files (x86)\Novell\GroupWise\notify.exe (Novell, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.15 192.168.1.16
Tcpip\..\Interfaces\{077E8172-1E8B-404F-B8E2-0D04CB0E5A38}: [DhcpNameServer] 192.168.1.15 192.168.1.16

Internet Explorer:
==================
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D042015-ABB80C9363E1D41E9AFF&form=CONMHP&conlogo=CT3331964
HKU\S-1-5-21-3762272792-2965713096-1444844762-1147\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={0F9ACDB4-923E-11E2-A589-7845C436F1A9}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={0F9ACDB4-923E-11E2-A589-7845C436F1A9}
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&crg=3.5000006.10042&st=23&st=23
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D042015-ABB80C9363E1D41E9AFF&form=CONBDF&conlogo=CT3331964&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> {792D9748-805A-461C-AD0D-54A763A6D2EA} URL =
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com?src=6&q={searchTerms}&barid=&crg=3.5000006.10042&st=23&st=23
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO: Updater By SweetPacks -> {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} -> C:\Program Files\Updater By SweetPacks\Extension64.dll [2013-07-01] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Updater By SweetPacks -> {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} -> C:\Program Files\Updater By SweetPacks\Extension32.dll => No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
Toolbar: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3762272792-2965713096-1444844762-1147 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\MLindsay\AppData\Roaming\Mozilla\Firefox\Profiles\qa2lctdl.default-1443627926212
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3762272792-2965713096-1444844762-1147: @citrixonline.com/appdetectorplugin -> C:\Users\MLindsay\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-08-20] (Citrix Online)
FF Plugin HKU\S-1-5-21-3762272792-2965713096-1444844762-1147: tdameritrade.com/thinkorswim -> C:\Users\MLindsay\AppData\Local\thinkorswim\npthinkorswim.dll [No File]
FF Plugin HKU\S-1-5-21-3762272792-2965713096-1444844762-1147: tdameritrade.com/tossc -> C:\Users\MLindsay\AppData\Local\thinkorswim\nptossc.dll [No File]
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-03-21]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-02-22]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-08-24] <==== ATTENTION

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-26]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-02-04]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-15 05:37 - 2015-09-18 15:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 05:37 - 2015-09-18 15:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 05:37 - 2015-09-18 15:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 20:08 - 2015-10-14 20:08 - 00001180 _____ C:\Users\MLindsay\Desktop\TweakBit PCRepairKit.lnk
2015-10-14 20:08 - 2015-10-14 20:08 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2015-10-14 20:08 - 2015-10-14 20:08 - 00000000 ____D C:\ProgramData\TweakBit
2015-10-14 20:08 - 2015-10-14 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2015-10-14 20:08 - 2015-10-14 20:08 - 00000000 ____D C:\Program Files (x86)\TweakBit
2015-10-14 20:00 - 2015-10-16 15:02 - 00000280 _____ C:\Windows\Tasks\WinThruster_DEFAULT.job
2015-10-14 20:00 - 2015-10-16 15:01 - 00003106 _____ C:\Windows\System32\Tasks\WinThruster
2015-10-14 20:00 - 2015-10-15 11:36 - 00000288 _____ C:\Windows\Tasks\WinThruster_UPDATES.job
2015-10-14 20:00 - 2015-10-14 20:00 - 00003030 _____ C:\Windows\System32\Tasks\WinThruster_UPDATES
2015-10-14 20:00 - 2015-10-14 20:00 - 00002874 _____ C:\Windows\System32\Tasks\WinThruster_DEFAULT
2015-10-14 20:00 - 2015-10-14 20:00 - 00001049 _____ C:\Users\Public\Desktop\WinThruster.lnk
2015-10-14 20:00 - 2015-10-14 20:00 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Solvusoft
2015-10-14 20:00 - 2015-10-14 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2015-10-14 20:00 - 2015-10-14 20:00 - 00000000 ____D C:\Program Files (x86)\WinThruster
2015-10-14 20:00 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-10-14 17:26 - 2015-10-14 17:26 - 00035093 _____ C:\Users\MLindsay\Desktop\FRST.txt
2015-10-14 17:26 - 2015-10-14 17:26 - 00034871 _____ C:\Users\MLindsay\Desktop\Addition.txt
2015-10-14 16:51 - 2015-10-16 19:35 - 00000000 ____D C:\FRST
2015-10-14 10:12 - 2015-09-25 14:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 10:12 - 2015-09-25 14:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 10:12 - 2015-09-25 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 10:12 - 2015-09-25 14:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 10:12 - 2015-09-25 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 10:12 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 10:12 - 2015-09-18 15:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 10:12 - 2015-09-18 14:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 10:12 - 2015-09-16 00:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 10:12 - 2015-09-16 00:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 10:12 - 2015-09-16 00:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 10:12 - 2015-09-16 00:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 10:12 - 2015-09-16 00:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 10:12 - 2015-09-16 00:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 10:12 - 2015-09-16 00:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 10:12 - 2015-09-16 00:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 10:12 - 2015-09-16 00:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 10:12 - 2015-09-16 00:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 10:12 - 2015-09-16 00:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 10:12 - 2015-09-15 23:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 10:12 - 2015-09-15 23:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 10:12 - 2015-09-15 23:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 10:12 - 2015-09-15 23:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 10:12 - 2015-09-15 23:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 10:12 - 2015-09-15 23:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 10:12 - 2015-09-15 23:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 10:12 - 2015-09-15 23:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 10:12 - 2015-09-15 23:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 10:12 - 2015-09-15 23:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 10:12 - 2015-09-15 23:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 10:12 - 2015-09-15 23:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 10:12 - 2015-09-15 23:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 10:12 - 2015-09-15 23:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 10:12 - 2015-09-15 23:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 10:12 - 2015-09-15 23:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 10:12 - 2015-09-15 23:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 10:12 - 2015-09-15 23:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 10:12 - 2015-09-15 23:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 10:12 - 2015-09-15 23:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 10:12 - 2015-09-15 23:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 10:12 - 2015-09-15 23:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 10:12 - 2015-09-15 23:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 10:12 - 2015-09-15 23:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 10:12 - 2015-09-15 23:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 10:12 - 2015-09-15 23:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 10:12 - 2015-09-15 23:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 10:12 - 2015-09-15 23:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 10:12 - 2015-09-15 23:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 10:12 - 2015-09-15 23:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 10:12 - 2015-09-15 23:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 10:12 - 2015-09-15 23:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 10:12 - 2015-09-15 23:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 10:12 - 2015-09-15 23:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 10:12 - 2015-09-15 22:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 10:12 - 2015-09-15 22:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 10:12 - 2015-09-15 22:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 10:12 - 2015-09-15 22:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 10:12 - 2015-09-15 22:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 10:12 - 2015-09-15 22:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 10:12 - 2015-09-15 22:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 10:12 - 2015-09-15 22:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 10:12 - 2015-09-15 22:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 10:12 - 2015-09-15 22:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 10:12 - 2015-08-06 14:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 10:12 - 2015-08-06 14:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 10:12 - 2015-08-06 13:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 10:12 - 2015-08-06 13:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 10:11 - 2015-10-01 14:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 10:11 - 2015-10-01 14:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 10:11 - 2015-10-01 14:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 10:11 - 2015-10-01 14:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 10:11 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 10:11 - 2015-10-01 13:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 10:11 - 2015-09-28 23:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 10:11 - 2015-09-28 23:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 10:11 - 2015-09-28 23:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 10:11 - 2015-09-28 23:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 10:11 - 2015-09-28 23:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 10:11 - 2015-09-28 23:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 10:11 - 2015-09-28 23:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 10:11 - 2015-09-28 23:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 10:11 - 2015-09-28 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 10:11 - 2015-09-28 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 10:11 - 2015-09-28 22:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 10:11 - 2015-09-28 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 10:11 - 2015-09-28 22:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 10:11 - 2015-09-28 22:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 10:11 - 2015-09-28 21:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 10:11 - 2015-09-28 21:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 10:11 - 2015-09-28 21:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 10:11 - 2015-09-28 21:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 10:11 - 2015-09-28 21:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 10:11 - 2015-09-15 14:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 10:11 - 2015-09-15 14:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 10:11 - 2015-09-15 14:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 10:11 - 2015-09-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 10:11 - 2015-09-15 13:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 10:11 - 2015-09-15 13:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 10:11 - 2015-09-15 13:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 10:11 - 2015-09-15 13:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-07 20:39 - 2015-10-07 20:39 - 00000000 ____D C:\Users\MLindsay\AppData\Local\TempTaskUpdateDetection51DDB156-CAF4-4606-BC85-A9B43291197C
2015-10-07 20:13 - 2015-10-07 20:19 - 00000000 ____D C:\Users\TEMP
2015-10-07 19:22 - 2015-10-07 19:22 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Intel Corporation
2015-10-07 19:21 - 2015-10-07 19:35 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Adobe
2015-10-07 19:21 - 2015-10-07 19:35 - 00000000 ____D C:\Users\dlipski\AppData\Local\Adobe
2015-10-07 19:21 - 2015-10-07 19:21 - 00104448 _____ C:\Users\dlipski\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 19:21 - 2015-10-07 19:21 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Apple Computer
2015-10-07 19:21 - 2015-10-07 19:21 - 00000000 ____D C:\Users\dlipski\AppData\Local\Dropbox
2015-10-07 19:20 - 2015-10-07 20:41 - 00000000 ___RD C:\Users\dlipski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 19:20 - 2015-10-07 20:41 - 00000000 ____D C:\Users\dlipski
2015-10-07 19:20 - 2015-10-07 19:20 - 00000000 ____D C:\Users\dlipski\AppData\Local\VirtualStore
2015-10-07 19:20 - 2014-08-20 10:17 - 00000000 ____D C:\Users\dlipski\AppData\Local\SoftThinks
2015-10-07 17:36 - 2015-10-07 20:40 - 00000000 ____D C:\Users\MLindsay\Desktop\Malwarebytes Anti-Malware
2015-10-07 17:10 - 2015-10-07 17:11 - 00000526 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shp.mwsymb
2015-10-07 17:09 - 2015-10-07 17:09 - 00000252 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shp
2015-10-07 17:09 - 2015-10-07 17:09 - 00000108 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shx
2015-10-07 17:09 - 2015-10-07 17:09 - 00000076 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.dbf
2015-10-07 17:09 - 2015-10-07 17:09 - 00000000 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.prj
2015-10-07 16:55 - 2015-10-16 13:54 - 00000000 ____D C:\Users\MLindsay\Desktop\WSR
2015-10-07 13:06 - 2015-10-07 13:12 - 00000000 ____D C:\Users\MLindsay\Desktop\NFI Deliverables
2015-10-06 11:22 - 2015-10-14 20:07 - 00004571 _____ C:\timesheet.DBF
2015-10-02 13:54 - 2015-10-02 13:54 - 00000000 ____D C:\Users\MLindsay\Desktop\Z-SI
2015-10-01 13:22 - 2015-10-01 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-30 12:36 - 2015-09-30 12:36 - 00929872 _____ (Google Inc.) C:\Users\MLindsay\Downloads\ChromeSetup.exe
2015-09-29 12:35 - 2015-09-29 12:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-29 12:34 - 2015-09-29 12:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\MLindsay\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-29 11:34 - 2015-09-30 09:35 - 00000000 ____D C:\Users\MLindsay\Desktop\pc problems
2015-09-28 10:38 - 2015-09-28 11:52 - 00000000 ____D C:\Users\MLindsay\Desktop\Clark, NJ - 7-2015 GW data
2015-09-25 12:28 - 2015-09-25 12:35 - 00001024 _____ C:\billreviewx.IDX
2015-09-25 12:28 - 2015-09-25 12:28 - 00001160 _____ C:\billreview.DBF
2015-09-24 14:29 - 2015-09-24 15:34 - 00000000 ____D C:\Users\MLindsay\Desktop\Submission to H. Shah - 9.24.15
2015-09-21 12:21 - 2015-10-01 13:23 - 00000000 ___RD C:\Users\MLindsay\Dropbox
2015-09-21 12:21 - 2015-09-21 12:21 - 00001232 _____ C:\Users\MLindsay\Desktop\Dropbox.lnk
2015-09-21 12:20 - 2015-09-21 12:20 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Dropbox
2015-09-21 12:19 - 2015-10-16 19:33 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-21 12:19 - 2015-10-16 17:24 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-21 12:19 - 2015-10-01 13:23 - 00000000 ____D C:\Users\MLindsay\AppData\Local\Dropbox
2015-09-21 12:19 - 2015-10-01 13:22 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-21 12:19 - 2015-09-21 12:19 - 00003908 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-09-21 12:19 - 2015-09-21 12:19 - 00003656 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-09-21 12:19 - 2015-09-21 12:19 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-21 08:49 - 2015-09-28 10:06 - 00000000 ____D C:\Windows\TEMPfolder
2015-09-21 08:49 - 2015-09-21 08:49 - 00000000 ____D C:\Windows\system32\ahai

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-16 19:33 - 2014-07-22 10:47 - 00004028 _____ C:\Windows\System32\Tasks\DisplayLogoffMessage1stAttempt
2015-10-16 19:33 - 2013-07-02 12:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-16 19:33 - 2013-02-26 16:27 - 00000000 ___RD C:\Users\MLindsay\Virtual Machines
2015-10-16 19:33 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-16 19:33 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-16 19:32 - 2013-02-26 16:17 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl
2015-10-16 19:32 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-16 19:32 - 2009-07-14 00:51 - 00085100 _____ C:\Windows\setupact.log
2015-10-16 19:31 - 2015-04-15 14:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 19:31 - 2014-05-06 17:46 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 17:49 - 2012-11-27 23:40 - 01300758 _____ C:\Windows\WindowsUpdate.log
2015-10-16 17:46 - 2013-08-14 18:48 - 00000000 ____D C:\Windows\system32\MRT
2015-10-16 17:46 - 2013-02-23 10:07 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-16 17:39 - 2013-02-22 17:35 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Standard.lnk
2015-10-16 17:39 - 2013-02-22 17:35 - 00002051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-10-16 17:25 - 2013-07-02 12:02 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-16 17:13 - 2012-11-27 23:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-15 13:42 - 2009-07-14 01:13 - 00798066 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-13 10:02 - 2014-12-29 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-08 13:25 - 2013-11-22 16:40 - 00000000 ___RD C:\Users\MLindsay\Desktop\MY PROJECTS
2015-10-08 10:44 - 2015-04-06 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 10:33 - 2015-04-06 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 20:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-07 20:41 - 2013-02-26 16:27 - 00000000 ____D C:\Users\MLindsay
2015-10-07 20:40 - 2015-07-09 16:03 - 00000000 ____D C:\Users\cmccaddin
2015-10-07 20:40 - 2014-02-25 12:54 - 00000000 ____D C:\Users\MLindsay\AppData\Local\MapWindow_OSS_Team__-_www
2015-10-07 20:40 - 2013-02-22 17:54 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-07 20:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\security
2015-10-07 20:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-10-07 12:43 - 2013-02-27 18:40 - 00004608 _____ C:\pselect.CDX
2015-10-07 12:43 - 2013-02-27 18:40 - 00004257 _____ C:\pselect.DBF
2015-10-07 12:43 - 2013-02-27 18:40 - 00000768 _____ C:\pselect.FPT
2015-10-07 12:42 - 2013-02-27 18:39 - 00000419 _____ C:\clienttemp.DBF
2015-10-07 12:42 - 2013-02-27 18:39 - 00000419 _____ C:\clientselect.DBF
2015-10-06 15:44 - 2013-03-03 15:30 - 00006736 _____ C:\productivity.DBF
2015-10-06 15:43 - 2013-03-03 15:30 - 00157199 _____ C:\times1.DBF
2015-10-06 15:43 - 2013-03-03 15:30 - 00034304 _____ C:\times1.CDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00013824 _____ C:\timex.IDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00007680 _____ C:\times1h.CDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00000904 _____ C:\times1h.DBF
2015-10-06 15:41 - 2013-02-27 18:40 - 00000769 _____ C:\worktemp.DBF
2015-10-06 15:41 - 2013-02-27 18:40 - 00000769 _____ C:\workselect.DBF
2015-10-01 15:58 - 2010-11-20 23:47 - 00378656 _____ C:\Windows\PFRO.log
2015-09-30 17:27 - 2013-02-26 18:53 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\.oit
2015-09-30 13:04 - 2013-07-02 12:02 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-30 13:04 - 2013-03-21 11:50 - 00000000 ____D C:\Users\MLindsay\AppData\Local\Google
2015-09-30 12:41 - 2015-08-24 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-30 11:45 - 2015-08-25 15:24 - 00000000 ____D C:\Users\MLindsay\Desktop\Old Firefox Data
2015-09-29 13:14 - 2013-03-21 11:44 - 00000000 ____D C:\Program Files\Updater By SweetPacks
2015-09-25 15:28 - 2013-02-26 16:28 - 00104448 _____ C:\Users\MLindsay\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-25 15:28 - 2009-07-14 00:45 - 00408272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-25 15:24 - 2015-09-04 11:32 - 00000000 ____D C:\ProgramData\Panda Security
2015-09-25 15:23 - 2015-09-04 11:34 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Panda Security
2015-09-25 12:35 - 2013-03-14 10:28 - 04860665 _____ C:\billing1.DBF
2015-09-25 12:35 - 2013-03-14 10:28 - 00349696 _____ C:\billing1.CDX
2015-09-25 12:28 - 2013-03-14 10:28 - 00001064 _____ C:\billing1.BAK
2015-09-25 10:03 - 2015-09-04 11:35 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-09-24 10:55 - 2013-02-22 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-22 11:13 - 2015-08-18 12:13 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-09-22 11:13 - 2012-11-27 23:41 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-22 11:13 - 2012-11-27 23:41 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 11:13 - 2012-11-27 23:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 08:49 - 2012-11-28 01:32 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

==================== Files in the root of some directories =======

2015-04-20 11:39 - 2015-04-20 11:39 - 0000064 _____ () C:\Users\MLindsay\AppData\Local\6c6cd0ae4414c721d47c5350741054e7
2015-09-11 11:23 - 2015-09-11 11:23 - 0001416 _____ () C:\Users\MLindsay\AppData\Local\suit.log
2014-08-12 21:29 - 2014-08-12 21:29 - 0002491 _____ () C:\ProgramData\regid.1989-11.com.novell,groupwise_Novell-GroupWise-Client.swidtag

Some files in TEMP:
====================
C:\Users\MLindsay\AppData\Local\Temp\AcDeltree.exe
C:\Users\MLindsay\AppData\Local\Temp\APNSetup.exe
C:\Users\MLindsay\AppData\Local\Temp\DnsSignal.exe
C:\Users\MLindsay\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2kemtw.dll
C:\Users\MLindsay\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\MLindsay\AppData\Local\Temp\gb-installer-nsi.exe
C:\Users\MLindsay\AppData\Local\Temp\gb-update.exe
C:\Users\MLindsay\AppData\Local\Temp\GenericUninstall.exe
C:\Users\MLindsay\AppData\Local\Temp\hsbing_717_active.exe
C:\Users\MLindsay\AppData\Local\Temp\install_temp.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\mgsqlite3.dll
C:\Users\MLindsay\AppData\Local\Temp\SETUP.EXE
C:\Users\MLindsay\AppData\Local\Temp\Shortcut_SweetIPacks.exe
C:\Users\MLindsay\AppData\Local\Temp\SpOrder.dll
C:\Users\MLindsay\AppData\Local\Temp\uninstaller.exe
C:\Users\MLindsay\AppData\Local\Temp\WSSetup.exe
C:\Users\MLindsay\AppData\Local\Temp\{B39BEA65-021C-4769-827F-13FA8E1E34ED}.exe
C:\Users\MLindsay\AppData\Local\Temp\{D9C9C1DA-1EDD-4AD9-B5FB-7D63E7B6FE27}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll
[2012-11-28 01:32] - [2015-09-21 08:49] - 0357888 ____A (Microsoft Corporation) 912A6EF4DBFA0009C0A3BD4484872792

C:\Windows\SysWOW64\dnsapi.dll IS MISSING <==== ATTENTION
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-13 10:08

==================== End of FRST.txt ============================



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 17 October 2015 - 05:21 AM

Please follow the instructions above.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 17 October 2015 - 11:04 AM

Farbar Recovery Scan Tool (x64) Version:16-10-2015
Ran by SYSTEM (2015-10-16 19:50:50)
Running from j:\
Boot Mode: Recovery

================== Search Files: "dnsapi.dll" =============

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2012-11-27 21:32][2012-11-27 21:32] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2012-11-27 21:32][2012-11-27 21:32] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2010-11-20 19:24][2010-11-20 19:24] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2012-11-27 21:32][2012-11-27 21:32] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2012-11-27 21:32][2012-11-27 21:32] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2010-11-20 19:24][2010-11-20 19:24] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01

C:\Windows\System32\dnsapi.dll
[2012-11-27 21:32][2015-09-21 04:49] 0357888 ____A (Microsoft Corporation) 912A6EF4DBFA0009C0A3BD4484872792

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10240.16384_none_9d8c256ebdd2e48a\dnsapi.dll
[2015-07-10 02:30][2015-07-10 02:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll
[2015-07-10 02:30][2015-07-10 02:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E

X:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2010-11-20 01:27][2010-11-20 05:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01

X:\Windows\System32\dnsapi.dll
[2010-11-20 01:27][2010-11-20 05:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01

====== End of Search ======



#6 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 17 October 2015 - 11:05 AM

Sorry for posting wrong txt file



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 17 October 2015 - 11:46 AM

No problem... :)

please download the attached fixlist to your flashdrive and boot into the RE like before. Open command prompt and FRST again. This time press the Fix button.
Attached File  fixlist.txt   316bytes   11 downloads


Reboot the computer and perform the search in normal mode:

Step 1

frst.pngfrstsearch.png

  • Start FRST with Administrator privileges.
  • Write the following text into the Search textbox:
dnsapi.dll
  • Click on the Search Files button.
  • When finished, a log file (Search.txt) pops up and is saved to the same location the tool was run from.
  • Please copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 19 October 2015 - 03:22 PM

Farbar Recovery Scan Tool (x64) Version:17-10-2015
Ran by dlipski (2015-10-19 16:16:19)
Running from E:\
Boot Mode: Normal

================== Search Files: "dnsapi.dll" =============

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_4aa4e997e6a8ddc0\dnsapi.dll
[2012-11-28 01:32][2012-11-28 01:32] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD [File is digitally signed]

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_4a184beecd8df1f1\dnsapi.dll
[2012-11-28 01:32][2012-11-28 01:32] 0270336 ____A (Microsoft Corporation) B40420876B9288E0A1C8CCA8A84E5DC9 [File is digitally signed]

C:\Windows\winsxs\wow64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4a5d2c9ecd59afa7\dnsapi.dll
[2010-11-20 23:24][2010-11-20 23:24] 0270336 ____A (Microsoft Corporation) 59DF156711A76BCB993253EC6C9BBF41 [File is digitally signed]

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.21673_none_40503f45b2481bc5\dnsapi.dll
[2012-11-28 01:32][2012-11-28 01:32] 0357888 ____A (Microsoft Corporation) DCC0888655823103F19EF8FFD330080D [File is digitally signed]

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17570_none_3fc3a19c992d2ff6\dnsapi.dll
[2012-11-28 01:32][2012-11-28 01:32] 0357888 ____A (Microsoft Corporation) 492D07D79E7024CA310867B526D9636D [File is digitally signed]

C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll
[2010-11-20 23:24][2010-11-20 23:24] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01 [File is digitally signed]

C:\Windows\SysWOW64\dnsapi.dll
[2015-10-17 18:28][2012-11-28 01:32] 0270336 ____A (Microsoft Corporation) 1F79F611109C2B97260B68FD6B4FC7DD [File is digitally signed]

C:\Windows\System32\dnsapi.dll
[2012-11-28 01:32][2010-11-20 09:26] 0357888 ____A (Microsoft Corporation) A52B6CC24063CC83C78C0E6F24DEEC01 [File is digitally signed]

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft-windows-dns-client-minwin_31bf3856ad364e35_10.0.10240.16384_none_9d8c256ebdd2e48a\dnsapi.dll
[2015-07-10 06:30][2015-07-10 06:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E [File not signed]

C:\$Windows.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\dnsapi.dll
[2015-07-10 06:30][2015-07-10 06:30] 0680256 ___AL () D41D8CD98F00B204E9800998ECF8427E [File not signed]

====== End of Search ======



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 19 October 2015 - 03:33 PM

:thumbup2:

Step 1

Please download fss.pngFarbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 19 October 2015 - 04:49 PM

It won't let me... it says its a Trojan. Then when I disabled MS Security Essentials its not the right version I need 64 bit.



#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 19 October 2015 - 04:53 PM

It's no trojan and there is only one version:

 

http://www.bleepingcomputer.com/download/farbar-service-scanner/


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 19 October 2015 - 05:09 PM

Yeah I know but it won't download and its displaying alert that its not compatible with version of windows



#13 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:20 AM

Posted 19 October 2015 - 05:13 PM

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#14 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 19 October 2015 - 05:38 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-10-2015
Ran by dlipski (administrator) on SCI-10 (19-10-2015 18:20:30)
Running from E:\
Loaded Profiles: dlipski (Available Profiles: MLindsay & CMcCaddin & dlipski)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\notify.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
(Novell, Inc.) C:\Program Files (x86)\Novell\GroupWise\gwsync.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_226_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-09-26] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36710768 2015-10-01] (Dropbox, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\...\Policies\Explorer: [NoInplaceSharing] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\...\Policies\Explorer: [NoSimpleStartMenu] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\...\Policies\Explorer: [QuickLaunchEnabled] 1
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\...\Policies\Explorer: [ForceRunOnStartMenu] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-10-01] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Notify.lnk [2015-03-06]
ShortcutTarget: Notify.lnk -> C:\Program Files (x86)\Novell\GroupWise\notify.exe (Novell, Inc.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.15 192.168.1.16
Tcpip\..\Interfaces\{077E8172-1E8B-404F-B8E2-0D04CB0E5A38}: [DhcpNameServer] 192.168.1.15 192.168.1.16

Internet Explorer:
==================
HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={0F9ACDB4-923E-11E2-A589-7845C436F1A9}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10042&barid={0F9ACDB4-923E-11E2-A589-7845C436F1A9}
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1240 -> DefaultScope {792D9748-805A-461C-AD0D-54A763A6D2EA} URL =
SearchScopes: HKU\S-1-5-21-3762272792-2965713096-1444844762-1240 -> {792D9748-805A-461C-AD0D-54A763A6D2EA} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO: Updater By SweetPacks -> {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} -> C:\Program Files\Updater By SweetPacks\Extension64.dll [2013-07-01] ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Updater By SweetPacks -> {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD} -> C:\Program Files\Updater By SweetPacks\Extension32.dll => No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-04] (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06] (SweetIM Technologies Ltd.)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF Extension: Updater By SweetPacks - C:\Program Files\Updater By SweetPacks\Firefox [2013-03-21] [not signed]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-02-22] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-08-24] <==== ATTENTION

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-26]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-02-04]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-21] (Dropbox, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Updater By SweetPacks; C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe [188760 2013-07-01] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-19 16:21 - 2015-10-19 16:21 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Macromedia
2015-10-17 20:24 - 2015-10-17 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-17 18:28 - 2012-11-28 01:32 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Sun
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\LocalLow\Sun
2015-10-17 16:25 - 2015-10-17 16:25 - 00000000 ____D C:\Users\dlipski.SADAT\.oracle_jre_usage
2015-10-17 14:39 - 2015-10-17 14:39 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Novell
2015-10-17 14:39 - 2015-10-17 14:39 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Intel Corporation
2015-10-17 14:39 - 2015-10-17 14:39 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Local\Novell
2015-10-17 14:38 - 2015-10-17 14:48 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Local\Adobe
2015-10-17 14:38 - 2015-10-17 14:38 - 00104448 _____ C:\Users\dlipski.SADAT\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-17 14:38 - 2015-10-17 14:38 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Apple Computer
2015-10-17 14:38 - 2015-10-17 14:38 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Local\Dropbox
2015-10-17 14:37 - 2015-10-17 16:25 - 00000000 ____D C:\Users\dlipski.SADAT
2015-10-17 14:37 - 2015-10-17 14:48 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Roaming\Adobe
2015-10-17 14:37 - 2015-10-17 14:38 - 00000000 ___RD C:\Users\dlipski.SADAT\Virtual Machines
2015-10-17 14:37 - 2015-10-17 14:37 - 00005856 __RSH C:\Users\dlipski.SADAT\ntuser.pol
2015-10-17 14:37 - 2015-10-17 14:37 - 00001419 _____ C:\Users\dlipski.SADAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-17 14:37 - 2015-10-17 14:37 - 00000020 ___SH C:\Users\dlipski.SADAT\ntuser.ini
2015-10-17 14:37 - 2015-10-17 14:37 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Local\VirtualStore
2015-10-17 14:37 - 2014-08-20 10:17 - 00000000 ____D C:\Users\dlipski.SADAT\AppData\Local\SoftThinks
2015-10-17 14:37 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\dlipski.SADAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-17 14:37 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\dlipski.SADAT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-15 05:37 - 2015-09-18 15:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 05:37 - 2015-09-18 15:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 05:37 - 2015-09-18 15:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 05:37 - 2015-09-18 15:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 20:08 - 2015-10-14 20:08 - 00000000 ____D C:\ProgramData\TweakBit
2015-10-14 20:00 - 2015-10-17 14:33 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Solvusoft
2015-10-14 20:00 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\Windows\system32\roboot64.exe
2015-10-14 17:26 - 2015-10-14 17:26 - 00035093 _____ C:\Users\MLindsay\Desktop\FRST.txt
2015-10-14 17:26 - 2015-10-14 17:26 - 00034871 _____ C:\Users\MLindsay\Desktop\Addition.txt
2015-10-14 16:51 - 2015-10-19 18:20 - 00000000 ____D C:\FRST
2015-10-14 10:12 - 2015-09-25 14:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 10:12 - 2015-09-25 14:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 10:12 - 2015-09-25 14:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 10:12 - 2015-09-25 14:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 10:12 - 2015-09-25 14:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 10:12 - 2015-09-25 14:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 10:12 - 2015-09-25 13:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 10:12 - 2015-09-25 13:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 10:12 - 2015-09-18 15:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 10:12 - 2015-09-18 14:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 10:12 - 2015-09-16 00:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 10:12 - 2015-09-16 00:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 10:12 - 2015-09-16 00:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 10:12 - 2015-09-16 00:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 10:12 - 2015-09-16 00:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 10:12 - 2015-09-16 00:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 10:12 - 2015-09-16 00:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 10:12 - 2015-09-16 00:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 10:12 - 2015-09-16 00:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 10:12 - 2015-09-16 00:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 10:12 - 2015-09-16 00:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 10:12 - 2015-09-16 00:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 10:12 - 2015-09-16 00:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 10:12 - 2015-09-15 23:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 10:12 - 2015-09-15 23:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 10:12 - 2015-09-15 23:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 10:12 - 2015-09-15 23:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 10:12 - 2015-09-15 23:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 10:12 - 2015-09-15 23:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 10:12 - 2015-09-15 23:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 10:12 - 2015-09-15 23:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 10:12 - 2015-09-15 23:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 10:12 - 2015-09-15 23:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 10:12 - 2015-09-15 23:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 10:12 - 2015-09-15 23:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 10:12 - 2015-09-15 23:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 10:12 - 2015-09-15 23:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 10:12 - 2015-09-15 23:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 10:12 - 2015-09-15 23:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 10:12 - 2015-09-15 23:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 10:12 - 2015-09-15 23:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 10:12 - 2015-09-15 23:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 10:12 - 2015-09-15 23:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 10:12 - 2015-09-15 23:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 10:12 - 2015-09-15 23:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 10:12 - 2015-09-15 23:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 10:12 - 2015-09-15 23:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 10:12 - 2015-09-15 23:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 10:12 - 2015-09-15 23:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 10:12 - 2015-09-15 23:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 10:12 - 2015-09-15 23:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 10:12 - 2015-09-15 23:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 10:12 - 2015-09-15 23:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 10:12 - 2015-09-15 23:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 10:12 - 2015-09-15 23:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 10:12 - 2015-09-15 23:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 10:12 - 2015-09-15 23:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 10:12 - 2015-09-15 22:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 10:12 - 2015-09-15 22:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 10:12 - 2015-09-15 22:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 10:12 - 2015-09-15 22:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 10:12 - 2015-09-15 22:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 10:12 - 2015-09-15 22:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 10:12 - 2015-09-15 22:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 10:12 - 2015-09-15 22:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 10:12 - 2015-09-15 22:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 10:12 - 2015-09-15 22:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 10:12 - 2015-08-06 14:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 10:12 - 2015-08-06 14:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 10:12 - 2015-08-06 13:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 10:12 - 2015-08-06 13:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 10:11 - 2015-10-01 14:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 10:11 - 2015-10-01 14:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 10:11 - 2015-10-01 14:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 10:11 - 2015-10-01 14:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 10:11 - 2015-10-01 14:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 10:11 - 2015-10-01 13:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 10:11 - 2015-10-01 13:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 10:11 - 2015-09-28 23:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 10:11 - 2015-09-28 23:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 10:11 - 2015-09-28 23:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 10:11 - 2015-09-28 23:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 10:11 - 2015-09-28 23:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 10:11 - 2015-09-28 23:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 10:11 - 2015-09-28 23:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 10:11 - 2015-09-28 23:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 10:11 - 2015-09-28 23:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 10:11 - 2015-09-28 23:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 10:11 - 2015-09-28 23:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 23:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 10:11 - 2015-09-28 22:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 10:11 - 2015-09-28 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 10:11 - 2015-09-28 22:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 10:11 - 2015-09-28 22:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 10:11 - 2015-09-28 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 10:11 - 2015-09-28 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 10:11 - 2015-09-28 22:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 10:11 - 2015-09-28 22:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 22:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 10:11 - 2015-09-28 21:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 10:11 - 2015-09-28 21:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 10:11 - 2015-09-28 21:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 10:11 - 2015-09-28 21:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 10:11 - 2015-09-28 21:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 10:11 - 2015-09-28 21:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 10:11 - 2015-09-15 14:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 10:11 - 2015-09-15 14:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 10:11 - 2015-09-15 14:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 10:11 - 2015-09-15 14:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 10:11 - 2015-09-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 10:11 - 2015-09-15 13:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 10:11 - 2015-09-15 13:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 10:11 - 2015-09-15 13:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 10:11 - 2015-09-15 13:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 10:11 - 2015-07-18 09:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-07 20:39 - 2015-10-07 20:39 - 00000000 ____D C:\Users\MLindsay\AppData\Local\TempTaskUpdateDetection51DDB156-CAF4-4606-BC85-A9B43291197C
2015-10-07 20:13 - 2015-10-07 20:19 - 00000000 ____D C:\Users\TEMP
2015-10-07 19:22 - 2015-10-07 19:22 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Intel Corporation
2015-10-07 19:21 - 2015-10-07 19:35 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Adobe
2015-10-07 19:21 - 2015-10-07 19:35 - 00000000 ____D C:\Users\dlipski\AppData\Local\Adobe
2015-10-07 19:21 - 2015-10-07 19:21 - 00104448 _____ C:\Users\dlipski\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 19:21 - 2015-10-07 19:21 - 00000000 ____D C:\Users\dlipski\AppData\Roaming\Apple Computer
2015-10-07 19:21 - 2015-10-07 19:21 - 00000000 ____D C:\Users\dlipski\AppData\Local\Dropbox
2015-10-07 19:20 - 2015-10-07 20:41 - 00000000 ___RD C:\Users\dlipski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-07 19:20 - 2015-10-07 20:41 - 00000000 ____D C:\Users\dlipski
2015-10-07 19:20 - 2015-10-07 19:20 - 00000000 ____D C:\Users\dlipski\AppData\Local\VirtualStore
2015-10-07 19:20 - 2014-08-20 10:17 - 00000000 ____D C:\Users\dlipski\AppData\Local\SoftThinks
2015-10-07 17:36 - 2015-10-07 20:40 - 00000000 ____D C:\Users\MLindsay\Desktop\Malwarebytes Anti-Malware
2015-10-07 17:10 - 2015-10-07 17:11 - 00000526 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shp.mwsymb
2015-10-07 17:09 - 2015-10-07 17:09 - 00000252 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shp
2015-10-07 17:09 - 2015-10-07 17:09 - 00000108 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.shx
2015-10-07 17:09 - 2015-10-07 17:09 - 00000076 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.dbf
2015-10-07 17:09 - 2015-10-07 17:09 - 00000000 _____ C:\Users\MLindsay\Desktop\NFI WSR ploygon.prj
2015-10-07 16:55 - 2015-10-16 13:54 - 00000000 ____D C:\Users\MLindsay\Desktop\WSR
2015-10-07 13:06 - 2015-10-07 13:12 - 00000000 ____D C:\Users\MLindsay\Desktop\NFI Deliverables
2015-10-06 11:22 - 2015-10-19 15:53 - 00061293 _____ C:\timesheet.DBF
2015-10-02 13:54 - 2015-10-02 13:54 - 00000000 ____D C:\Users\MLindsay\Desktop\Z-SI
2015-09-30 12:36 - 2015-09-30 12:36 - 00929872 _____ (Google Inc.) C:\Users\MLindsay\Downloads\ChromeSetup.exe
2015-09-29 12:35 - 2015-09-29 12:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-29 12:34 - 2015-09-29 12:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\MLindsay\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-29 11:34 - 2015-09-30 09:35 - 00000000 ____D C:\Users\MLindsay\Desktop\pc problems
2015-09-28 10:38 - 2015-09-28 11:52 - 00000000 ____D C:\Users\MLindsay\Desktop\Clark, NJ - 7-2015 GW data
2015-09-24 14:29 - 2015-09-24 15:34 - 00000000 ____D C:\Users\MLindsay\Desktop\Submission to H. Shah - 9.24.15
2015-09-21 12:21 - 2015-10-19 16:51 - 00000000 ___RD C:\Users\MLindsay\Dropbox
2015-09-21 12:21 - 2015-09-21 12:21 - 00001232 _____ C:\Users\MLindsay\Desktop\Dropbox.lnk
2015-09-21 12:20 - 2015-09-21 12:20 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Dropbox
2015-09-21 12:19 - 2015-10-19 17:44 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-21 12:19 - 2015-10-19 16:51 - 00000000 ____D C:\Users\MLindsay\AppData\Local\Dropbox
2015-09-21 12:19 - 2015-10-19 16:24 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-21 12:19 - 2015-10-17 20:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-09-21 12:19 - 2015-09-21 12:19 - 00003908 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-09-21 12:19 - 2015-09-21 12:19 - 00003656 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-09-21 12:19 - 2015-09-21 12:19 - 00000000 ____D C:\ProgramData\Dropbox
2015-09-21 08:49 - 2015-09-28 10:06 - 00000000 ____D C:\Windows\TEMPfolder
2015-09-21 08:49 - 2015-09-21 08:49 - 00000000 ____D C:\Windows\system32\ahai

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-19 18:13 - 2012-11-27 23:41 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-19 17:51 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-19 17:51 - 2009-07-14 00:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-19 17:48 - 2009-07-14 01:13 - 00798066 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-19 17:47 - 2012-11-27 23:40 - 01977725 _____ C:\Windows\WindowsUpdate.log
2015-10-19 17:44 - 2014-07-22 10:47 - 00004026 _____ C:\Windows\System32\Tasks\DisplayLogoffMessage1stAttempt
2015-10-19 17:44 - 2013-07-02 12:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-19 17:44 - 2013-02-26 16:17 - 00000120 _____ C:\Windows\system32\config\netlogon.ftl
2015-10-19 17:44 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-19 17:44 - 2009-07-14 00:51 - 00085436 _____ C:\Windows\setupact.log
2015-10-19 17:03 - 2015-07-06 11:17 - 00000000 ____D C:\Users\MLindsay\Desktop\New folder
2015-10-19 16:23 - 2013-07-02 12:02 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-19 16:14 - 2010-11-20 23:47 - 00379316 _____ C:\Windows\PFRO.log
2015-10-19 15:58 - 2013-03-14 10:28 - 05094773 _____ C:\billing1.DBF
2015-10-19 15:58 - 2013-03-14 10:28 - 00359936 _____ C:\billing1.CDX
2015-10-19 15:53 - 2013-03-14 10:28 - 00001064 _____ C:\billing1.BAK
2015-10-17 16:13 - 2012-11-27 23:41 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 16:13 - 2012-11-27 23:41 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 16:13 - 2012-11-27 23:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-17 15:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2015-10-17 14:37 - 2013-02-22 17:54 - 00000000 ____D C:\Windows\system32\appmgmt
2015-10-16 19:33 - 2013-02-26 16:27 - 00000000 ___RD C:\Users\MLindsay\Virtual Machines
2015-10-16 19:31 - 2015-04-15 14:01 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-16 19:31 - 2014-05-06 17:46 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-16 17:49 - 2013-08-14 18:48 - 00000000 ____D C:\Windows\system32\MRT
2015-10-16 17:46 - 2013-02-23 10:07 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-16 17:39 - 2013-02-22 17:35 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Standard.lnk
2015-10-16 17:39 - 2013-02-22 17:35 - 00002051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2015-10-13 10:02 - 2014-12-29 13:22 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-08 13:25 - 2013-11-22 16:40 - 00000000 ___RD C:\Users\MLindsay\Desktop\MY PROJECTS
2015-10-08 10:44 - 2015-04-06 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 10:33 - 2015-04-06 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-07 20:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-07 20:41 - 2013-02-26 16:27 - 00000000 ____D C:\Users\MLindsay
2015-10-07 20:40 - 2015-07-09 16:03 - 00000000 ____D C:\Users\cmccaddin
2015-10-07 20:40 - 2014-02-25 12:54 - 00000000 ____D C:\Users\MLindsay\AppData\Local\MapWindow_OSS_Team__-_www
2015-10-07 20:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\security
2015-10-07 20:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2015-10-07 12:43 - 2013-02-27 18:40 - 00004608 _____ C:\pselect.CDX
2015-10-07 12:43 - 2013-02-27 18:40 - 00004257 _____ C:\pselect.DBF
2015-10-07 12:43 - 2013-02-27 18:40 - 00000768 _____ C:\pselect.FPT
2015-10-07 12:42 - 2013-02-27 18:39 - 00000419 _____ C:\clienttemp.DBF
2015-10-07 12:42 - 2013-02-27 18:39 - 00000419 _____ C:\clientselect.DBF
2015-10-06 15:44 - 2013-03-03 15:30 - 00006736 _____ C:\productivity.DBF
2015-10-06 15:43 - 2013-03-03 15:30 - 00157199 _____ C:\times1.DBF
2015-10-06 15:43 - 2013-03-03 15:30 - 00034304 _____ C:\times1.CDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00013824 _____ C:\timex.IDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00007680 _____ C:\times1h.CDX
2015-10-06 15:43 - 2013-03-03 15:30 - 00000904 _____ C:\times1h.DBF
2015-10-06 15:41 - 2013-02-27 18:40 - 00000769 _____ C:\worktemp.DBF
2015-10-06 15:41 - 2013-02-27 18:40 - 00000769 _____ C:\workselect.DBF
2015-09-30 17:27 - 2013-02-26 18:53 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\.oit
2015-09-30 13:04 - 2013-07-02 12:02 - 00000000 ____D C:\Program Files (x86)\Google
2015-09-30 13:04 - 2013-03-21 11:50 - 00000000 ____D C:\Users\MLindsay\AppData\Local\Google
2015-09-30 12:41 - 2015-08-24 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-30 11:45 - 2015-08-25 15:24 - 00000000 ____D C:\Users\MLindsay\Desktop\Old Firefox Data
2015-09-29 13:14 - 2013-03-21 11:44 - 00000000 ____D C:\Program Files\Updater By SweetPacks
2015-09-25 15:28 - 2013-02-26 16:28 - 00104448 _____ C:\Users\MLindsay\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-25 15:28 - 2009-07-14 00:45 - 00408272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-25 15:24 - 2015-09-04 11:32 - 00000000 ____D C:\ProgramData\Panda Security
2015-09-25 15:23 - 2015-09-04 11:34 - 00000000 ____D C:\Users\MLindsay\AppData\Roaming\Panda Security
2015-09-25 10:03 - 2015-09-04 11:35 - 00000000 ____D C:\ProgramData\panda_url_filtering
2015-09-24 10:55 - 2013-02-22 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2014-08-12 21:29 - 2014-08-12 21:29 - 0002491 _____ () C:\ProgramData\regid.1989-11.com.novell,groupwise_Novell-GroupWise-Client.swidtag

Some files in TEMP:
====================
C:\Users\dlipski.SADAT\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfziodq.dll
C:\Users\MLindsay\AppData\Local\Temp\AcDeltree.exe
C:\Users\MLindsay\AppData\Local\Temp\APNSetup.exe
C:\Users\MLindsay\AppData\Local\Temp\DnsSignal.exe
C:\Users\MLindsay\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpo06klw.dll
C:\Users\MLindsay\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\MLindsay\AppData\Local\Temp\gb-installer-nsi.exe
C:\Users\MLindsay\AppData\Local\Temp\gb-update.exe
C:\Users\MLindsay\AppData\Local\Temp\GenericUninstall.exe
C:\Users\MLindsay\AppData\Local\Temp\hsbing_717_active.exe
C:\Users\MLindsay\AppData\Local\Temp\install_temp.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\MLindsay\AppData\Local\Temp\mgsqlite3.dll
C:\Users\MLindsay\AppData\Local\Temp\SETUP.EXE
C:\Users\MLindsay\AppData\Local\Temp\Shortcut_SweetIPacks.exe
C:\Users\MLindsay\AppData\Local\Temp\SpOrder.dll
C:\Users\MLindsay\AppData\Local\Temp\uninstaller.exe
C:\Users\MLindsay\AppData\Local\Temp\WSSetup.exe
C:\Users\MLindsay\AppData\Local\Temp\{B39BEA65-021C-4769-827F-13FA8E1E34ED}.exe
C:\Users\MLindsay\AppData\Local\Temp\{D9C9C1DA-1EDD-4AD9-B5FB-7D63E7B6FE27}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-13 10:08

==================== End of FRST.txt ============================



#15 debski77

debski77
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:06:20 PM

Posted 19 October 2015 - 05:42 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-10-2015
Ran by dlipski (2015-10-19 18:40:53)
Running from E:\
Windows 7 Professional Service Pack 1 (X64) (2013-02-22 15:57:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2935289706-3412993740-3099836916-500 - Administrator - Enabled)
Guest (S-1-5-21-2935289706-3412993740-3099836916-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS Explorer Desktop (32 bit) (HKLM-x32\...\ArcGIS Explorer Desktop) (Version: 10.1.2500 - Environmental Systems Research Institute, Inc.)
ArcGIS Explorer Desktop (x32 Version: 10.1.2500 - Environmental Systems Research Institute, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.8.0 - Conexant)
CSV to Shapefile Converter (HKLM-x32\...\CSV to Shapefile Converter_is1) (Version:  - Christopher Michaelis (www.HappySquirrel.com))
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Driver Pro v3.0 (HKLM-x32\...\Driver Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Electronic Data Submittal Application 7 (HKLM-x32\...\ST5UNST #1) (Version:  - )
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GroupWise Client - VC Runtimes (release) (x32 Version: 1.00.0000 - Novell) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.3.5 - ) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{80F3F10B-A177-4494-93CE-98090D819093}) (Version: 4.7.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MapWindow GIS (HKLM\...\{D2CBCEA2-07FE-442E-8D31-F2F76A0FD63F}_is1) (Version: 4.8.6 - MapWindow GIS)
MapWinGIS ActiveX Control v4.7SR-A (HKLM-x32\...\MapWinGIS ActiveX_is1) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ Redist - ENU (HKLM-x32\...\{5E09E82C-004D-4F08-B051-46DE6D79F71A}) (Version: 8.0.50215.44 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Novell GroupWise (HKLM-x32\...\{3CB3E739-5564-4117-AAD2-3EAAAF7A1CDA}) (Version: 14.0.1.117118 - Novell, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Updater By SweetPacks 2.0.0.609 (HKLM\...\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1) (Version: 2.0.0.609 - SweetPacks) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows NT Messaging (HKLM-x32\...\WMS) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

28-09-2015 10:17:36 Windows Update
30-09-2015 12:38:58 Removed Internet Explorer Toolbar 4.7 by SweetPacks
01-10-2015 13:32:33 Windows Update
04-10-2015 16:12:31 Windows Update
07-10-2015 17:51:30 Restore Operation
08-10-2015 10:33:31 Windows Update
13-10-2015 10:01:15 Windows Update
16-10-2015 11:47:39 Windows Update
16-10-2015 17:40:25 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-20 12:01 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {279BFA94-150A-47DB-9778-856941941BE6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {295EB232-123B-47F4-B0FA-0FEEC6AD1931} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {3978E789-A927-4782-A853-FD46476F1327} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4ED2898C-1139-4607-A762-FF7EB90427D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {59A11A47-3590-4047-AA5E-91986C85D397} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {61742C2E-01B0-4E6D-BC9B-54ED6062FBAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {63991319-23DE-4DEE-B0D3-755EC7DC373C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {682DBCFE-30F8-4361-8B06-489FEDBA9CE5} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {9498BC36-B63C-4E76-941E-03D157C7565F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {A6711A0E-3B95-4139-9E14-37133F14CB35} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {AB349952-6F87-4FDE-B989-3B72F8B8A889} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {B798B2E6-9B4D-4ECC-A971-646EA23380CB} - System32\Tasks\DisplayLogoffMessage1stAttempt
Task: {BB08CC3C-14C3-4783-B601-BE85FD2FD289} - System32\Tasks\{D4B9DFAE-328D-42EB-B7C0-E527954A2530} => pcalua.exe -a C:\Users\MLindsay\Downloads\trueVisionSetup62.exe -d C:\Users\MLindsay\Downloads
Task: {BE23CE69-33E5-4C65-A34B-58CCB8E14CE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-24 10:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-21 11:44 - 2013-07-01 12:09 - 00188760 ____N () C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
2013-07-12 10:35 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-28 01:11 - 2011-12-15 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-09 10:39 - 2015-07-22 10:40 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2013-07-12 10:17 - 2014-12-23 10:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-10-15 14:09 - 2014-10-15 14:09 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-11-27 23:53 - 2012-02-01 18:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-11-27 23:52 - 2011-12-16 14:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\Control Panel\Desktop\\Wallpaper -> C:\Users\dlipski.SADAT\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.15 - 192.168.1.16
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{B2EC283F-D9B5-45B3-AC05-2F1C79DD63E4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{408E9194-85CC-409C-BAC1-111F136DD2FD}] => (Allow) LPort=2869
FirewallRules: [{F50F9316-F820-4A31-A447-B2E7BAF1BB78}] => (Allow) LPort=1900
FirewallRules: [{26F891BB-16A1-43C2-A7CC-91A2331F72A0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7E3E0126-9185-48B5-BE05-EA9E74ADF8D0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2C9DC29D-AB74-413E-8460-914CDB7DA38F}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{13A98FC5-8C16-4921-B025-2AA93BC28545}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{9386BFC3-2BD3-4A68-975A-72C464853442}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{379D2AF0-D5F5-43F2-A0DC-7FD97E108374}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{5FAB80DD-835C-4FB9-A5B6-D7B8E139FFCB}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [{BDC12D01-6880-4CDF-8110-66772E559C11}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [TCP Query User{FE73233B-BE4F-43C9-969D-205264F6BE8D}C:\users\mlindsay\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mlindsay\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{17D6B7DC-FFAD-4EFA-9C6A-79C4D7F35B4A}C:\users\mlindsay\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mlindsay\appdata\local\akamai\netsession_win.exe
FirewallRules: [AreaD8.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaD8.exe
FirewallRules: [AreaD8.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaD8.exe
FirewallRules: [AreaDinf.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaDinf.exe
FirewallRules: [AreaDinf.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaDinf.exe
FirewallRules: [D8FlowDir.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowDir.exe
FirewallRules: [D8FlowDir.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowDir.exe
FirewallRules: [D8FlowPathExtremeUp.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowPathExtremeUp.exe
FirewallRules: [D8FlowPathExtremeUp.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowPathExtremeUp.exe
FirewallRules: [D8HDistToStrm.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8HDistToStrm.exe
FirewallRules: [D8HDistToStrm.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8HDistToStrm.exe
FirewallRules: [DinfAvalanche.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfAvalanche.exe
FirewallRules: [DinfAvalanche.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfAvalanche.exe
FirewallRules: [DinfConcLimAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfConcLimAccum.exe
FirewallRules: [DinfConcLimAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfConcLimAccum.exe
FirewallRules: [DinfDecayAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDecayAccum.exe
FirewallRules: [DinfDecayAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDecayAccum.exe
FirewallRules: [DinfDistDown.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistDown.exe
FirewallRules: [DinfDistDown.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistDown.exe
FirewallRules: [DinfDistUp.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistUp.exe
FirewallRules: [DinfDistUp.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistUp.exe
FirewallRules: [DinfFlowDir.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfFlowDir.exe
FirewallRules: [DinfFlowDir.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfFlowDir.exe
FirewallRules: [DinfRevAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfRevAccum.exe
FirewallRules: [DinfRevAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfRevAccum.exe
FirewallRules: [DinfTransLimAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfTransLimAccum.exe
FirewallRules: [DinfTransLimAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfTransLimAccum.exe
FirewallRules: [DinfUpDependence.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfUpDependence.exe
FirewallRules: [DinfUpDependence.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfUpDependence.exe
FirewallRules: [DropAnalysis.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DropAnalysis.exe
FirewallRules: [DropAnalysis.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DropAnalysis.exe
FirewallRules: [GridNet.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\GridNet.exe
FirewallRules: [GridNet.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\GridNet.exe
FirewallRules: [LengthArea.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\LengthArea.exe
FirewallRules: [LengthArea.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\LengthArea.exe
FirewallRules: [MoveOutletsToStreams.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\MoveOutletsToStreams.exe
FirewallRules: [MoveOutletsToStreams.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\MoveOutletsToStreams.exe
FirewallRules: [PeukerDouglas.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PeukerDouglas.exe
FirewallRules: [PeukerDouglas.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PeukerDouglas.exe
FirewallRules: [PitRemove.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PitRemove.exe
FirewallRules: [PitRemove.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PitRemove.exe
FirewallRules: [SlopeArea.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeArea.exe
FirewallRules: [SlopeArea.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeArea.exe
FirewallRules: [SlopeAreaRatio.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAreaRatio.exe
FirewallRules: [SlopeAreaRatio.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAreaRatio.exe
FirewallRules: [SlopeAveDown.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAveDown.exe
FirewallRules: [SlopeAveDown.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAveDown.exe
FirewallRules: [StreamNet.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\StreamNet.exe
FirewallRules: [StreamNet.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\StreamNet.exe
FirewallRules: [Threshold.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\Threshold.exe
FirewallRules: [Threshold.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\Threshold.exe
FirewallRules: [{1A4D0FA6-9B04-4065-AE97-2AE6BCBEB8C0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C33315A7-E967-49AA-B9F3-043276A4627F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{402613D9-79F7-4E9B-BFF4-8F7F85D13C4F}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{465C2283-E72B-40B8-8D60-F1D2C49FA5B4}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{FDFE9996-634D-4DEC-A54B-F0A86C0FA8DA}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{4C2E084D-1543-46F7-A0D2-218A212BDF4E}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{AC232E6C-4874-4323-9A13-5859BC2CFEE4}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
FirewallRules: [{FA14F7DB-F4E6-489A-A3EA-760FD103E505}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
FirewallRules: [{7E00039C-DB74-49B3-9B62-6C23BA59ACBF}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{E61DEB21-8EB7-4CDD-B90C-33D66A50EB51}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{B88F2DC4-090F-40B9-B4BC-45CF918B3930}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2015 05:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:52:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:44:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:16:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 02:04:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18057 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19b4

Start Time: 01d10a986775804f

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/18/2015 05:16:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program grpwise.exe version 14.0.1.27118 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1aa0

Start Time: 01d109e9d524d360

Termination Time: 16

Application Path: C:\Program Files (x86)\Novell\GroupWise\grpwise.exe

Report Id: 819e0d4e-75dd-11e5-984b-7845c436f1a9

Error: (10/17/2015 02:31:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2015 07:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2015 05:37:30 PM) (Source: MsiInstaller) (EventID: 1024) (User: SADAT)
Description: Product: Adobe Acrobat XI Standard - Update '{AC76BA86-A440-FFFF-A440-7A8C40011013}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/16/2015 01:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MapWindow.exe, version: 4.8.6.0, time stamp: 0x4eba663c
Faulting module name: RPCRT4.dll, version: 6.1.7601.18939, time stamp: 0x55b02e68
Exception code: 0xc0000005
Fault offset: 0x00000000000242a0
Faulting process id: 0x%9
Faulting application start time: 0xMapWindow.exe0
Faulting application path: MapWindow.exe1
Faulting module path: MapWindow.exe2
Report Id: MapWindow.exe3

System errors:
=============
Error: (10/19/2015 05:54:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (10/19/2015 05:54:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 05:47:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 05:44:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 05:01:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (10/19/2015 05:01:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 04:51:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 04:43:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 04:14:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 02:40:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

==================== Memory info ===========================

Processor: Intel® Core™ i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 54%
Total physical RAM: 3967.55 MB
Available physical RAM: 1798.44 MB
Total Virtual: 7933.3 MB
Available Virtual: 5543.14 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:912.9 GB) (Free:820.74 GB) NTFS
Drive e: () (Removable) (Total:7.6 GB) (Free:7.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: CC0AFA10)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0C)

==================== End of Addition.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-10-2015
Ran by dlipski (2015-10-19 18:40:53)
Running from E:\
Windows 7 Professional Service Pack 1 (X64) (2013-02-22 15:57:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2935289706-3412993740-3099836916-500 - Administrator - Enabled)
Guest (S-1-5-21-2935289706-3412993740-3099836916-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS Explorer Desktop (32 bit) (HKLM-x32\...\ArcGIS Explorer Desktop) (Version: 10.1.2500 - Environmental Systems Research Institute, Inc.)
ArcGIS Explorer Desktop (x32 Version: 10.1.2500 - Environmental Systems Research Institute, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.8.0 - Conexant)
CSV to Shapefile Converter (HKLM-x32\...\CSV to Shapefile Converter_is1) (Version:  - Christopher Michaelis (www.HappySquirrel.com))
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Driver Pro v3.0 (HKLM-x32\...\Driver Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Electronic Data Submittal Application 7 (HKLM-x32\...\ST5UNST #1) (Version:  - )
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GroupWise Client - VC Runtimes (release) (x32 Version: 1.00.0000 - Novell) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.3.5 - ) <==== ATTENTION
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Internet Explorer Toolbar 4.7 by SweetPacks (HKLM-x32\...\{80F3F10B-A177-4494-93CE-98090D819093}) (Version: 4.7.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MapWindow GIS (HKLM\...\{D2CBCEA2-07FE-442E-8D31-F2F76A0FD63F}_is1) (Version: 4.8.6 - MapWindow GIS)
MapWinGIS ActiveX Control v4.7SR-A (HKLM-x32\...\MapWinGIS ActiveX_is1) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ Redist - ENU (HKLM-x32\...\{5E09E82C-004D-4F08-B051-46DE6D79F71A}) (Version: 8.0.50215.44 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Novell GroupWise (HKLM-x32\...\{3CB3E739-5564-4117-AAD2-3EAAAF7A1CDA}) (Version: 14.0.1.117118 - Novell, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Updater By SweetPacks 2.0.0.609 (HKLM\...\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}_is1) (Version: 2.0.0.609 - SweetPacks) <==== ATTENTION
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows NT Messaging (HKLM-x32\...\WMS) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

28-09-2015 10:17:36 Windows Update
30-09-2015 12:38:58 Removed Internet Explorer Toolbar 4.7 by SweetPacks
01-10-2015 13:32:33 Windows Update
04-10-2015 16:12:31 Windows Update
07-10-2015 17:51:30 Restore Operation
08-10-2015 10:33:31 Windows Update
13-10-2015 10:01:15 Windows Update
16-10-2015 11:47:39 Windows Update
16-10-2015 17:40:25 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-08-20 12:01 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {279BFA94-150A-47DB-9778-856941941BE6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {295EB232-123B-47F4-B0FA-0FEEC6AD1931} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {3978E789-A927-4782-A853-FD46476F1327} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4ED2898C-1139-4607-A762-FF7EB90427D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {59A11A47-3590-4047-AA5E-91986C85D397} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2015-09-18] (Microsoft Corporation)
Task: {61742C2E-01B0-4E6D-BC9B-54ED6062FBAB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {63991319-23DE-4DEE-B0D3-755EC7DC373C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-09-21] (Dropbox, Inc.)
Task: {682DBCFE-30F8-4361-8B06-489FEDBA9CE5} - \ProPCCleaner_Start -> No File <==== ATTENTION
Task: {9498BC36-B63C-4E76-941E-03D157C7565F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {A6711A0E-3B95-4139-9E14-37133F14CB35} - \ProPCCleaner_Popup -> No File <==== ATTENTION
Task: {AB349952-6F87-4FDE-B989-3B72F8B8A889} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {B798B2E6-9B4D-4ECC-A971-646EA23380CB} - System32\Tasks\DisplayLogoffMessage1stAttempt
Task: {BB08CC3C-14C3-4783-B601-BE85FD2FD289} - System32\Tasks\{D4B9DFAE-328D-42EB-B7C0-E527954A2530} => pcalua.exe -a C:\Users\MLindsay\Downloads\trueVisionSetup62.exe -d C:\Users\MLindsay\Downloads
Task: {BE23CE69-33E5-4C65-A34B-58CCB8E14CE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-24 10:37 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-21 11:44 - 2013-07-01 12:09 - 00188760 ____N () C:\Program Files\Updater By SweetPacks\ExtensionUpdaterService.exe
2013-07-12 10:35 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-28 01:11 - 2011-12-15 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-09 10:39 - 2015-07-22 10:40 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2013-07-12 10:17 - 2014-12-23 10:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-10-15 14:09 - 2014-10-15 14:09 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-11-27 23:53 - 2012-02-01 18:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-11-27 23:52 - 2011-12-16 14:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3762272792-2965713096-1444844762-1240\Control Panel\Desktop\\Wallpaper -> C:\Users\dlipski.SADAT\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.15 - 192.168.1.16
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{B2EC283F-D9B5-45B3-AC05-2F1C79DD63E4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{408E9194-85CC-409C-BAC1-111F136DD2FD}] => (Allow) LPort=2869
FirewallRules: [{F50F9316-F820-4A31-A447-B2E7BAF1BB78}] => (Allow) LPort=1900
FirewallRules: [{26F891BB-16A1-43C2-A7CC-91A2331F72A0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7E3E0126-9185-48B5-BE05-EA9E74ADF8D0}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{2C9DC29D-AB74-413E-8460-914CDB7DA38F}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{13A98FC5-8C16-4921-B025-2AA93BC28545}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{9386BFC3-2BD3-4A68-975A-72C464853442}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{379D2AF0-D5F5-43F2-A0DC-7FD97E108374}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{5FAB80DD-835C-4FB9-A5B6-D7B8E139FFCB}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [{BDC12D01-6880-4CDF-8110-66772E559C11}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
FirewallRules: [TCP Query User{FE73233B-BE4F-43C9-969D-205264F6BE8D}C:\users\mlindsay\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mlindsay\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{17D6B7DC-FFAD-4EFA-9C6A-79C4D7F35B4A}C:\users\mlindsay\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mlindsay\appdata\local\akamai\netsession_win.exe
FirewallRules: [AreaD8.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaD8.exe
FirewallRules: [AreaD8.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaD8.exe
FirewallRules: [AreaDinf.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaDinf.exe
FirewallRules: [AreaDinf.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\AreaDinf.exe
FirewallRules: [D8FlowDir.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowDir.exe
FirewallRules: [D8FlowDir.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowDir.exe
FirewallRules: [D8FlowPathExtremeUp.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowPathExtremeUp.exe
FirewallRules: [D8FlowPathExtremeUp.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8FlowPathExtremeUp.exe
FirewallRules: [D8HDistToStrm.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8HDistToStrm.exe
FirewallRules: [D8HDistToStrm.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\D8HDistToStrm.exe
FirewallRules: [DinfAvalanche.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfAvalanche.exe
FirewallRules: [DinfAvalanche.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfAvalanche.exe
FirewallRules: [DinfConcLimAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfConcLimAccum.exe
FirewallRules: [DinfConcLimAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfConcLimAccum.exe
FirewallRules: [DinfDecayAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDecayAccum.exe
FirewallRules: [DinfDecayAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDecayAccum.exe
FirewallRules: [DinfDistDown.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistDown.exe
FirewallRules: [DinfDistDown.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistDown.exe
FirewallRules: [DinfDistUp.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistUp.exe
FirewallRules: [DinfDistUp.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfDistUp.exe
FirewallRules: [DinfFlowDir.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfFlowDir.exe
FirewallRules: [DinfFlowDir.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfFlowDir.exe
FirewallRules: [DinfRevAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfRevAccum.exe
FirewallRules: [DinfRevAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfRevAccum.exe
FirewallRules: [DinfTransLimAccum.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfTransLimAccum.exe
FirewallRules: [DinfTransLimAccum.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfTransLimAccum.exe
FirewallRules: [DinfUpDependence.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfUpDependence.exe
FirewallRules: [DinfUpDependence.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DinfUpDependence.exe
FirewallRules: [DropAnalysis.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DropAnalysis.exe
FirewallRules: [DropAnalysis.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\DropAnalysis.exe
FirewallRules: [GridNet.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\GridNet.exe
FirewallRules: [GridNet.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\GridNet.exe
FirewallRules: [LengthArea.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\LengthArea.exe
FirewallRules: [LengthArea.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\LengthArea.exe
FirewallRules: [MoveOutletsToStreams.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\MoveOutletsToStreams.exe
FirewallRules: [MoveOutletsToStreams.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\MoveOutletsToStreams.exe
FirewallRules: [PeukerDouglas.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PeukerDouglas.exe
FirewallRules: [PeukerDouglas.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PeukerDouglas.exe
FirewallRules: [PitRemove.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PitRemove.exe
FirewallRules: [PitRemove.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\PitRemove.exe
FirewallRules: [SlopeArea.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeArea.exe
FirewallRules: [SlopeArea.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeArea.exe
FirewallRules: [SlopeAreaRatio.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAreaRatio.exe
FirewallRules: [SlopeAreaRatio.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAreaRatio.exe
FirewallRules: [SlopeAveDown.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAveDown.exe
FirewallRules: [SlopeAveDown.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\SlopeAveDown.exe
FirewallRules: [StreamNet.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\StreamNet.exe
FirewallRules: [StreamNet.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\StreamNet.exe
FirewallRules: [Threshold.exe-TCP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\Threshold.exe
FirewallRules: [Threshold.exe-UDP] => (Block) C:\Program Files\MapWindow\Taudem5Exe\Threshold.exe
FirewallRules: [{1A4D0FA6-9B04-4065-AE97-2AE6BCBEB8C0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C33315A7-E967-49AA-B9F3-043276A4627F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{402613D9-79F7-4E9B-BFF4-8F7F85D13C4F}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{465C2283-E72B-40B8-8D60-F1D2C49FA5B4}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\grpwise.exe
FirewallRules: [{FDFE9996-634D-4DEC-A54B-F0A86C0FA8DA}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{4C2E084D-1543-46F7-A0D2-218A212BDF4E}] => (Allow) C:\Program Files (x86)\Novell\GroupWise\notify.exe
FirewallRules: [{AC232E6C-4874-4323-9A13-5859BC2CFEE4}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
FirewallRules: [{FA14F7DB-F4E6-489A-A3EA-760FD103E505}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
FirewallRules: [{7E00039C-DB74-49B3-9B62-6C23BA59ACBF}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{E61DEB21-8EB7-4CDD-B90C-33D66A50EB51}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{B88F2DC4-090F-40B9-B4BC-45CF918B3930}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2015 05:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:52:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:44:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 04:16:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2015 02:04:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.9600.18057 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19b4

Start Time: 01d10a986775804f

Termination Time: 0

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (10/18/2015 05:16:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program grpwise.exe version 14.0.1.27118 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1aa0

Start Time: 01d109e9d524d360

Termination Time: 16

Application Path: C:\Program Files (x86)\Novell\GroupWise\grpwise.exe

Report Id: 819e0d4e-75dd-11e5-984b-7845c436f1a9

Error: (10/17/2015 02:31:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2015 07:34:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/16/2015 05:37:30 PM) (Source: MsiInstaller) (EventID: 1024) (User: SADAT)
Description: Product: Adobe Acrobat XI Standard - Update '{AC76BA86-A440-FFFF-A440-7A8C40011013}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/16/2015 01:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MapWindow.exe, version: 4.8.6.0, time stamp: 0x4eba663c
Faulting module name: RPCRT4.dll, version: 6.1.7601.18939, time stamp: 0x55b02e68
Exception code: 0xc0000005
Fault offset: 0x00000000000242a0
Faulting process id: 0x%9
Faulting application start time: 0xMapWindow.exe0
Faulting application path: MapWindow.exe1
Faulting module path: MapWindow.exe2
Report Id: MapWindow.exe3

System errors:
=============
Error: (10/19/2015 05:54:07 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (10/19/2015 05:54:04 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 05:47:29 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 05:44:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 05:01:06 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

Error: (10/19/2015 05:01:03 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5

Error: (10/19/2015 04:51:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 04:43:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 04:14:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cherimoya

Error: (10/19/2015 02:40:14 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5

==================== Memory info ===========================

Processor: Intel® Core™ i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 54%
Total physical RAM: 3967.55 MB
Available physical RAM: 1798.44 MB
Total Virtual: 7933.3 MB
Available Virtual: 5543.14 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:912.9 GB) (Free:820.74 GB) NTFS
Drive e: () (Removable) (Total:7.6 GB) (Free:7.42 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: CC0AFA10)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.6 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.6 GB) - (Type=0C)

==================== End of Addition.txt ============================






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users