Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dnsapi.dll not found


  • This topic is locked This topic is locked
27 replies to this topic

#1 Sherrod

Sherrod

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 08 November 2015 - 09:09 PM

Everytime I boot up my pc I get a message about the "dnsapi.dll" not being found as a popup on the desktop. It happened yesterday after my computer froze and I restarted it. I ran the repair cd that came with the computer to try and fix it but it didn't help. Many programs won't open and I am unable to get on the internet on that computer. Please Help! 

Attached Files



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 10 November 2015 - 06:16 AM

Hello and welcome to the Malware Removal Logs area :)

My name is Alexstrasza and I will assist you with your problem. You can call me Alex :)

Before we begin, there are a few things I want to make sure you know:
  • I am currently in training, so my responses might be delayed. I will generally reply within 48 hours - if this is not possible, I will let you know.
  • Please do not run any tools without being instructed to, as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the Follow this topic button, and make sure a tick is in the receive notifications and is set to Instantly. Any replies should be made in this topic by clicking the Reply to this topic button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. Please inform me if you need more time.
  • Please stay with me until I have confirmed that you are clean. Absence of symptoms does not mean that the computer is clean.
Shall we begin then?

===

As you have made changes to the system after your FRST logs were made, I will need fresh logs to take a look at your system.

Farbar Recovery Scan Tool

Please download the correct version of Farbar Recovery Scan Tool and save it to your Desktop.

32-bit version here

64-bit version here

Note 1: Don't know if your Windows is 32-bit or 64-bit? Check it out here. The Automatic detection section should give you information about your OS. If it's not, use the Manual detection section.

Note 2: Temporary disable your antivirus and/or antimalware if they flag FRST as unsafe, as the tool is safe.
  • Right click on FRST/FRST64.exe and choose Run as Administrator.
  • When the tool launches, choose Yes at the disclaimer.
  • Place a checkmark in Addition.txt.
  • Choose Scan.
  • The tool will produces two logs named FRST.txt and Addition.txt in the same location where the tool is run from.
  • Please copy the log and paste it here.
Regards,
Alex

Edited by Alexstrasza, 10 November 2015 - 06:27 AM.


#3 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 08:45 AM

Hello Ok I will make new logs


Edited by Sherrod, 10 November 2015 - 08:46 AM.


#4 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 09:07 AM

here are the new logs

https://drive.google.com/file/d/0Bzk28gC9LZ_HOVRTT3AtT3BQZHc/view?usp=sharing

 

https://drive.google.com/file/d/0Bzk28gC9LZ_HNXpqSXUxa01zVXc/view?usp=sharing



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 10 November 2015 - 10:08 AM

Hello Sherrod,

I must warn you of the following.

:step1: Pirated software

Bleeping Computer does not allow the use of pirated software.

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.
 
When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
If you want to read on then the full post is here.

Peer-to-peer file distribution via torrents contain a lot of illegal information, and thus can put your computer at risk. I recommend that you remove or stop using torrents.

I will help you clean your machine, but please remember that this is a one-time deal. After that I will refuse further assistance.

===

:step2: Fix with Farbar Recovery Scan Tool
  • Please download the attached fixlist.txt and save it to your Desktop.
    Note: It's important that both FRST/FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply
===

:step3: Registry cleaner and optimization tool

Looking through your logs I noticed that you have Auslogics Registry Cleaner and PCFixKit installed. Bleeping Computer DOES NOT recommend the use of these programs.

Why you should not use Registry Cleaners and Optimization Tools

===

:step4: Uninstalling Programs

Click the Start orb on the taskbar, and then click the Control Panel button.
  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.
A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting Remove:

Auslogics Registry Cleaner
PCFixKit 2.1
globalupdate Helper
KMSpico v9.1.3


Additional instructions can be found here if needed.

If you run into any issues, please let me know.

To recap, in your next reply I will need the following information:
  • Confirmation that you have acknowledged the warnings above;
  • Contents of Fixlog.txt;
  • Confirmation that you have uninstalled the aforementioned software.
Regards,
Alex

#6 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 10:19 AM

thank you Alex, I will try these steps


Edited by Sherrod, 10 November 2015 - 10:19 AM.


#7 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 11:11 AM

1. I understand your statement about using pirated software

2. https://drive.google.com/file/d/0Bzk28gC9LZ_HdWI5eWNQQ3laVUk/view?usp=sharing

3. I have removed the requested software

4. everything works except using chrome(DNS_probe_finished_no internet)


Edited by Sherrod, 10 November 2015 - 11:12 AM.


#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 10 November 2015 - 02:09 PM

Hello Sherrod,

Instead of posting the logs on Google Drive, please copy and paste the contents directly into the forum.

Please create a new set of FRST logs for me - remember to place a checkmark in Addition.txt!

Regards,
Alex 



#9 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 02:27 PM

ok Alex, will do 



#10 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 10 November 2015 - 03:00 PM

 
here you go Alex,
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Sherrod (administrator) on ALTEREDS1 (10-11-2015 13:53:35)
Running from J:\
Loaded Profiles: Sherrod (Available Profiles: Sherrod)
Platform: Windows 8.1 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(3d-io GmbH) C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
() C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Autodesk Inc.) C:\Users\Sherrod\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Sherrod\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Sherrod\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
() C:\Program Files\Autodesk\3ds Max 2016\DADispatcherService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam.exe
(www.Bandisoft.com) C:\Program Files (x86)\Bandicam\bdcam64.bin
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-10-01] (Raptr, Inc)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [523144 2015-09-06] (Autodesk Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [Pinger] => C:\Program Files (x86)\Pinger\Pinger.exe [10265088 2013-02-06] ()
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638768 2015-09-30] (Electronic Arts)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [BitTorrent] => C:\Users\Sherrod\AppData\Roaming\BitTorrent\BitTorrent.exe [1698152 2015-09-06] (BitTorrent Inc.)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [VoxOx] => C:\Program Files (x86)\VoxOx\VoxOx.exe [8720384 2013-02-14] ()
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3125280 2013-10-17] (Disc Soft Ltd)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sherrod\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Run: [GoogleChromeAutoLaunch_05F5F6D4AB12CFEF14E50A81E7847150] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\MountPoints2: {8cbd8e9a-1423-11e4-825e-08edb9ddbddd} - "D:\setup.exe" 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6210 Genie.lnk [2015-10-17]
ShortcutTarget: NETGEAR A6210 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6210\A6210.EXE (NETGEAR)
Startup: C:\Users\Sherrod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-07-21]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2CD82176-F68D-46D8-8DA9-DCDFFE1C0868}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{EBACE922-C0DB-4BF4-AB06-6E04F8D90767}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1579711554-1020547166-143356-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1579711554-1020547166-143356-1001 -> {BB8049B3-5BC8-4C5F-894E-95DEA5EA1A03} URL = 
SearchScopes: HKU\S-1-5-21-1579711554-1020547166-143356-1001 -> {C804388F-AC47-4915-97B6-D009EEEBC68B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Sherrod\AppData\Roaming\Mozilla\Firefox\Profiles\twlyglu5.default
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-1579711554-1020547166-143356-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sherrod\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-21] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1579711554-1020547166-143356-1001: ikinema.com/IKinemaWebAnimatePlugin -> C:\Users\Sherrod\AppData\Roaming\ikinema_wa\IKinemaWebAnimatePlugin\1.0.0.35\npIKinemaWebAnimatePlugin.dll [2015-04-28] (IKinema Ltd)
FF Plugin HKU\S-1-5-21-1579711554-1020547166-143356-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial_lidns@buzzsocialpoints.com.xpi [2012-11-08] [not signed]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-18] <==== ATTENTION (Points to *.cfg file)
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=F94zbuzdk00MC1_CF,4f81f5f4-5080-4af1-98fb-a54cb9f1c89b,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-12]
CHR Extension: (Google Docs) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-12]
CHR Extension: (Google Drive) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (Hootsuite Hootlet) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2015-09-17]
CHR Extension: (YouTube) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Searchanger) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkmmcpiffbmhaojcffajlagoofcmbob [2015-08-22]
CHR Extension: (Google Sheets) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-12]
CHR Extension: (Google Docs Offline) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-13]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-08-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-12]
CHR Extension: (Gmail) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-12]
CHR Extension: (Streak for Gmail) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2015-10-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 3d-io License Server v2.0; C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [34816 2013-02-25] (3d-io GmbH) [File not signed]
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1136520 2015-09-06] (Autodesk Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-07-25] (Microsoft Corporation)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-14] () [File not signed]
S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-14] () [File not signed]
R2 NetgearSwitchUSB; C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe [210648 2014-05-13] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-09-30] (Electronic Arts)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 A6210; C:\Windows\system32\DRIVERS\A6210.sys [2209936 2014-08-15] (MediaTek Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-07-25] (Disc Soft Ltd)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [468240 2013-02-20] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-09-04] ()
S3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2014-06-30] ()
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-10 09:52 - 2015-11-10 09:51 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-11-10 07:55 - 2015-11-10 07:55 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-11-10 07:55 - 2015-11-10 07:55 - 00001389 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-11-10 07:55 - 2015-11-10 07:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-11-10 07:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-11-10 07:54 - 2015-11-08 21:27 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Sherrod\Desktop\spybot-2.4.exe
2015-11-08 20:48 - 2013-12-06 11:58 - 00001003 _____ C:\Users\Sherrod\Desktop\README.txt
2015-11-08 20:38 - 2015-11-10 10:00 - 00003112 _____ C:\Windows\System32\Tasks\RDReminder
2015-11-08 20:38 - 2015-11-09 18:07 - 00000316 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2015-11-08 20:38 - 2015-11-09 18:07 - 00000300 _____ C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2015-11-08 20:38 - 2015-11-08 21:05 - 00003042 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_Updates
2015-11-08 20:38 - 2015-11-08 21:05 - 00003028 _____ C:\Windows\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2015-11-08 20:38 - 2015-11-08 20:38 - 00001098 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2015-11-08 20:38 - 2015-11-08 20:38 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\dll-files.com
2015-11-08 20:38 - 2015-11-08 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2015-11-08 20:38 - 2015-11-08 20:38 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2015-11-08 19:51 - 2015-11-08 19:51 - 00000000 ____D C:\AutoRuns
2015-11-08 19:26 - 2015-11-10 13:53 - 00000000 ____D C:\FRST
2015-11-08 18:52 - 2015-11-10 10:03 - 00000000 ____D C:\Program Files (x86)\PCFixKit
2015-11-08 18:52 - 2015-11-08 18:52 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\PCFixKit
2015-11-08 13:57 - 2015-11-08 21:33 - 00000085 _____ C:\Windows\wininit.ini
2015-11-05 23:30 - 2015-11-05 23:30 - 00000000 ____D C:\Users\Sherrod\AppData\LocalLow\Altered Planets
2015-11-05 00:34 - 2015-11-05 00:34 - 00005144 _____ C:\Users\Sherrod\Desktop\JRT.txt
2015-11-04 20:44 - 2015-11-04 20:44 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2015-11-04 20:40 - 2015-11-04 20:40 - 00000965 _____ C:\Users\Public\Desktop\Unity 5.3.0b5 (64-bit).lnk
2015-11-04 20:40 - 2015-11-04 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.3.0b5 (64-bit)
2015-11-04 20:36 - 2015-11-04 20:41 - 00000000 ____D C:\Program Files\Unity 5.3.0b5
2015-11-04 19:39 - 2015-11-04 19:29 - 00668992 _____ C:\Users\Sherrod\Desktop\UnityDownloadAssistant-5.3.0b5 (1).exe
2015-10-25 03:40 - 2015-10-25 03:41 - 00282848 _____ C:\Windows\Minidump\102515-48687-01.dmp
2015-10-23 15:00 - 2015-10-23 15:00 - 00000000 ____D C:\Users\Sherrod\Desktop\RusMedic
2015-10-23 14:20 - 2015-11-10 10:11 - 00002307 _____ C:\Windows\setupact.log
2015-10-23 14:20 - 2015-10-23 14:20 - 00000000 _____ C:\Windows\setuperr.log
2015-10-23 11:56 - 2015-10-23 11:56 - 00000000 ____D C:\Users\Sherrod\Desktop\models
2015-10-23 03:57 - 2014-07-21 17:32 - 01056768 _____ C:\Users\Sherrod\Desktop\BallisticShield.max
2015-10-22 14:25 - 2015-10-22 14:25 - 00000000 _____ C:\Users\Sherrod\AppData\Local\{D5A1AF9B-3B2D-4F4F-A091-3D9CDBFE9ACD}
2015-10-21 14:25 - 2015-10-21 14:25 - 00000000 _____ C:\Users\Sherrod\AppData\Local\{01BDA95F-1A73-494B-AA36-E373D53EB49F}
2015-10-20 05:18 - 2015-09-10 12:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-20 05:18 - 2015-09-10 11:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-20 05:18 - 2015-09-10 11:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-20 05:18 - 2015-09-10 11:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-20 05:18 - 2015-09-10 11:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-20 05:18 - 2015-09-10 11:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-20 05:18 - 2015-09-10 11:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-20 05:18 - 2015-09-10 11:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-20 05:18 - 2015-09-10 10:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-20 05:18 - 2015-09-10 10:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-20 05:18 - 2015-09-10 10:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-20 05:18 - 2015-09-10 10:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-20 05:18 - 2015-09-10 10:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-20 05:18 - 2015-09-10 10:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-20 05:18 - 2015-09-10 10:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-20 05:18 - 2015-09-10 10:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-20 05:18 - 2015-09-10 10:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-20 05:18 - 2015-09-10 10:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-20 05:18 - 2015-09-10 10:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-20 05:18 - 2015-09-10 10:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-20 05:18 - 2015-09-10 10:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-20 05:18 - 2015-09-10 10:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-20 05:18 - 2015-09-10 10:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-20 05:18 - 2015-09-10 10:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-20 05:18 - 2015-09-10 10:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-20 05:18 - 2015-09-10 10:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-20 05:18 - 2015-09-10 10:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-20 05:18 - 2015-09-10 10:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-20 05:18 - 2015-09-10 10:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-20 05:18 - 2015-09-10 09:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-20 05:18 - 2015-09-10 09:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-20 05:18 - 2015-09-10 09:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-20 05:18 - 2015-09-10 09:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-20 05:18 - 2015-09-10 09:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-20 05:18 - 2015-09-10 09:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-20 05:18 - 2015-09-10 09:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-20 05:18 - 2015-09-10 09:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-20 05:18 - 2015-09-10 09:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-20 05:18 - 2015-09-10 09:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-20 04:09 - 2015-08-26 20:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-20 04:09 - 2015-08-26 20:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-20 03:53 - 2015-09-18 21:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-20 03:53 - 2015-09-18 07:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-20 03:53 - 2015-09-18 07:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-20 03:53 - 2015-09-18 07:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-20 03:53 - 2015-09-18 07:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-20 03:53 - 2015-09-18 07:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-20 03:53 - 2015-09-18 07:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-20 03:52 - 2015-09-29 06:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-20 03:52 - 2015-09-24 11:51 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-10-20 03:52 - 2015-09-24 11:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2015-10-20 03:52 - 2015-09-24 11:30 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-10-20 03:52 - 2015-09-24 10:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-20 03:52 - 2015-09-24 10:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-20 03:51 - 2015-09-29 17:42 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-20 03:51 - 2015-09-29 17:42 - 01519584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-20 03:51 - 2015-09-29 17:42 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-20 03:51 - 2015-09-29 17:42 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-20 02:12 - 2015-10-20 02:12 - 00000000 ____D C:\Unreal Engine Marketplace - Kubold Cover Animset Pro
2015-10-17 14:48 - 2014-02-20 17:25 - 00196662 _____ C:\Users\Sherrod\Desktop\weapon_minihose_iw6_col.BMP
2015-10-17 12:49 - 2015-10-17 12:49 - 00001753 _____ C:\Windows\system32\RaCoInst.log
2015-10-17 12:49 - 2015-10-17 12:49 - 00000000 ____D C:\ProgramData\Ralink
2015-10-17 12:48 - 2015-10-17 12:48 - 00002041 _____ C:\Users\Public\Desktop\NETGEAR A6210 Genie.lnk
2015-10-17 12:48 - 2015-10-17 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6210 Genie
2015-10-17 12:48 - 2015-10-17 12:48 - 00000000 ____D C:\Program Files (x86)\NETGEAR
2015-10-17 12:48 - 2015-10-17 12:47 - 00004512 _____ C:\Windows\system32\Drivers\NtgrPwrTable_5.dat
2015-10-17 12:47 - 2015-10-17 12:47 - 00000000 ____D C:\ProgramData\NETGEAR
2015-10-17 12:46 - 2015-10-17 12:46 - 00000000 ____D C:\Users\Sherrod\Downloads\NETGEAR
2015-10-16 17:46 - 2015-10-16 17:46 - 00000000 ____D C:\Program Files\Broadcom
2015-10-16 17:46 - 2014-02-24 21:31 - 04136960 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-10-16 17:46 - 2014-02-24 21:30 - 03781632 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-10-15 17:21 - 2015-10-15 17:21 - 00003370 _____ C:\Windows\System32\Tasks\{1BE68F56-D3A5-4223-9DC9-843E08EE90F5}
2015-10-15 17:09 - 2015-10-15 17:09 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\AVG
2015-10-15 17:08 - 2015-10-15 17:08 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\TuneUp Software
2015-10-15 16:59 - 2015-11-08 14:23 - 00000000 ____D C:\ProgramData\MFAData
2015-10-15 16:59 - 2015-11-08 14:23 - 00000000 ____D C:\ProgramData\Avg
2015-10-15 16:59 - 2015-10-15 16:59 - 00000000 ____D C:\Users\Sherrod\AppData\Local\MFAData
2015-10-15 16:58 - 2015-11-08 14:23 - 00000000 ____D C:\Users\Sherrod\AppData\Local\Avg
2015-10-15 16:58 - 2015-11-08 14:07 - 00000000 ____D C:\Users\Sherrod\AppData\Local\AvgSetupLog
2015-10-15 16:57 - 2015-10-15 16:57 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-10-15 16:56 - 2015-11-10 07:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-10-15 16:56 - 2015-11-10 07:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-10-14 20:53 - 2015-10-14 20:53 - 00000000 ____D C:\Users\Sherrod\AppData\Local\Dell
2015-10-14 20:12 - 2015-10-14 21:26 - 00000034 _____ C:\Windows\system32\Drivers\etc\hosts_test
2015-10-14 18:34 - 2015-10-14 18:34 - 00000000 ____D C:\ProgramData\Auslogics
2015-10-14 18:31 - 2015-10-17 19:02 - 00001191 _____ C:\Users\Sherrod\Desktop\Auslogics BoostSpeed 8.lnk
2015-10-14 18:31 - 2015-10-14 18:31 - 00000000 ____D C:\Windows\System32\Tasks\Auslogics
2015-10-14 01:11 - 2013-02-06 16:17 - 00544568 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-10-14 01:11 - 2006-01-12 14:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2015-10-14 01:10 - 2015-10-14 01:11 - 00000000 ____D C:\drvrtmp
2015-10-14 01:10 - 2013-02-20 21:31 - 00468240 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c63x64.sys
2015-10-14 01:10 - 2012-12-06 02:21 - 00073032 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2015-10-14 01:10 - 2012-11-14 03:07 - 00101224 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2015-10-14 01:09 - 2015-10-14 01:09 - 00000000 ____D C:\ProgramData\Dell
2015-10-11 21:14 - 2015-09-29 06:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-11 21:14 - 2015-09-28 12:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-11 21:14 - 2015-09-28 12:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-11 21:14 - 2015-09-28 12:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-11 21:14 - 2015-09-28 12:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-11 21:14 - 2015-09-28 12:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-11 21:14 - 2015-09-28 12:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-11 21:14 - 2015-09-28 12:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-11 21:14 - 2015-09-28 12:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-11 21:14 - 2015-09-28 12:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-11 21:14 - 2015-09-28 12:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-11 21:14 - 2015-09-28 12:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-11 00:57 - 2014-04-26 07:10 - 08106280 _____ (Autodesk, Inc.) C:\libfbxsdk.dll
2015-10-11 00:52 - 2015-10-11 00:52 - 00000000 ____D C:\Users\Sherrod\Desktop\New folder
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-10 13:25 - 2013-03-29 17:48 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-10 13:00 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-10 12:42 - 2013-11-17 02:05 - 00000000 ____D C:\AdwCleaner
2015-11-10 12:42 - 2013-03-29 23:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-10 12:29 - 2014-07-26 13:45 - 00000000 __RDO C:\Users\Sherrod\OneDrive
2015-11-10 12:11 - 2014-07-14 11:34 - 01604472 _____ C:\Windows\WindowsUpdate.log
2015-11-10 11:25 - 2014-08-21 21:21 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\FileZilla
2015-11-10 11:25 - 2014-07-14 20:59 - 00000000 ____D C:\ProgramData\Unity
2015-11-10 11:16 - 2015-09-10 09:53 - 00000000 ____D C:\Users\Sherrod\AppData\Local\CrashDumps
2015-11-10 11:10 - 2015-09-04 10:10 - 00001042 _____ C:\Windows\Tasks\DrPcgdOfkhJR8viAN5bLI0.job
2015-11-10 11:10 - 2015-09-04 10:10 - 00001030 _____ C:\Windows\Tasks\gnf3botHAIAKxFRn.job
2015-11-10 10:57 - 2015-08-08 20:44 - 00000000 ____D C:\Users\Sherrod\AppData\Local\Akamai
2015-11-10 10:32 - 2014-07-14 12:00 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579711554-1020547166-143356-1001
2015-11-10 10:22 - 2014-07-14 11:35 - 00913650 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-10 10:19 - 2015-09-04 09:19 - 00001042 _____ C:\Windows\Tasks\P9hbRdO1gHvZjBIpSZg0Ut.job
2015-11-10 10:19 - 2015-09-04 09:19 - 00001038 _____ C:\Windows\Tasks\Mn5U4JBFtRJrAosBQu9Z.job
2015-11-10 10:15 - 2014-07-27 09:32 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\Skype
2015-11-10 10:05 - 2014-07-14 11:37 - 00000000 ____D C:\Program Files\KMSpico
2015-11-10 09:57 - 2015-07-31 05:12 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\Raptr
2015-11-10 09:56 - 2013-08-22 08:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-10 09:56 - 2013-03-29 17:48 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-10 09:54 - 2013-08-22 07:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-10 09:52 - 2014-07-14 11:52 - 00000000 ____D C:\Users\Sherrod
2015-11-10 09:51 - 2015-03-29 08:43 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-11-10 02:00 - 2014-07-14 21:00 - 00000000 ____D C:\Users\Sherrod\AppData\Local\Adobe
2015-11-09 18:07 - 2014-07-14 11:43 - 00559460 _____ C:\Windows\PFRO.log
2015-11-09 10:49 - 2013-04-21 13:06 - 00000000 ____D C:\Users\Sherrod\Documents\Bandicam
2015-11-09 02:17 - 2013-08-22 09:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-08 18:20 - 2015-09-04 22:33 - 00000000 ____D C:\Users\Sherrod\Documents\NC Builds
2015-11-08 14:05 - 2013-08-22 09:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-08 13:55 - 2015-09-04 10:45 - 00000000 ____D C:\Program Files\Reason
2015-11-08 08:43 - 2015-09-15 02:39 - 00000000 ____D C:\Users\Sherrod\Desktop\Packages
2015-11-05 23:30 - 2014-07-18 09:46 - 00000000 ____D C:\Users\Sherrod\AppData\LocalLow\Unity
2015-11-05 00:37 - 2014-05-09 17:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-05 00:33 - 2014-07-14 11:54 - 00001152 _____ C:\Users\Sherrod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet-Explorer.lnk
2015-11-04 20:55 - 2014-07-15 15:09 - 00000000 ____D C:\Users\Sherrod\AppData\Roaming\Unity
2015-11-01 16:31 - 2014-08-17 13:02 - 00000000 ____D C:\Users\Public\Documents\My DAZ 3D Library
2015-11-01 03:32 - 2015-05-24 18:19 - 00000000 ____D C:\Users\Sherrod\Desktop\Animations
2015-11-01 03:05 - 2014-04-14 19:23 - 00229013 ___SH C:\Users\Sherrod\Desktop\contents.obv
2015-10-30 01:16 - 2015-05-29 13:04 - 00000000 ____D C:\Users\Sherrod\Desktop\Notes
2015-10-26 03:23 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\rescache
2015-10-25 03:40 - 2015-08-19 00:45 - 00000000 ____D C:\Windows\Minidump
2015-10-23 06:30 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\AppReadiness
2015-10-23 02:14 - 2015-02-27 00:33 - 00000181 _____ C:\Users\Sherrod\Desktop\New Text Document (2).txt
2015-10-20 23:57 - 2015-01-01 16:59 - 00011188 ___SH C:\Users\Sherrod\contents.obv
2015-10-20 17:36 - 2015-03-29 08:45 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-20 06:14 - 2015-04-16 07:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-20 06:14 - 2015-03-29 08:45 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-20 06:14 - 2015-03-14 10:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-20 06:14 - 2013-08-22 09:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-20 03:44 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\NDF
2015-10-17 12:57 - 2013-07-21 15:26 - 00000000 ____D C:\temp
2015-10-17 12:48 - 2014-07-14 12:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-17 12:47 - 2012-06-21 12:26 - 00000000 ____D C:\Windows\Downloaded Installations
2015-10-16 18:17 - 2015-10-10 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.2.1f1 (64-bit)
2015-10-16 18:17 - 2015-08-21 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.2.0f2 (64-bit)
2015-10-16 18:17 - 2015-08-19 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.2.0f1 (64-bit)
2015-10-16 18:17 - 2015-08-14 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.2f1 (64-bit)
2015-10-16 18:17 - 2015-07-01 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.1f1 (64-bit)
2015-10-16 18:17 - 2015-06-09 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.0f3 (64-bit)
2015-10-16 18:17 - 2015-06-08 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.2p4 (64-bit)
2015-10-16 18:17 - 2015-05-26 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.2f1 (64-bit)
2015-10-16 18:17 - 2015-04-14 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.1f1 (64-bit)
2015-10-16 18:17 - 2015-03-05 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.0f4 (64-bit)
2015-10-16 18:17 - 2015-02-20 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.0f3 (64-bit)
2015-10-16 18:17 - 2015-02-20 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.0f2 (64-bit)
2015-10-16 18:17 - 2014-11-27 22:24 - 00000000 ____D C:\Users\Sherrod\Desktop\Games
2015-10-16 18:17 - 2014-07-18 09:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2015-10-16 18:17 - 2014-07-15 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 3ds Max 2014
2015-10-16 18:17 - 2014-07-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Composite 2014
2015-10-16 17:47 - 2012-06-21 12:17 - 00131544 _____ C:\Windows\DPINST.LOG
2015-10-16 13:26 - 2014-07-14 21:20 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{419D22D9-6B9D-4F1B-A92C-C468E3FB9DDD}
2015-10-15 20:27 - 2015-02-27 06:39 - 00000000 ____D C:\Users\Sherrod\Desktop\New folder (2)
2015-10-15 20:23 - 2015-09-04 10:41 - 00000000 ____D C:\Users\Sherrod\AppData\Local\{5ADB6C87-7E73-003F-13EB-25D73783D94F}
2015-10-14 18:43 - 2013-08-22 05:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\simptcp.dll
2015-10-13 17:26 - 2014-07-14 21:03 - 00000000 ____D C:\ProgramData\Origin
2015-10-11 20:02 - 2014-07-23 23:07 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-10-11 00:53 - 2014-10-01 20:34 - 00000000 ____D C:\Users\Sherrod\AppData\Local\CinematicTools
 
==================== Files in the root of some directories =======
 
2013-05-11 22:41 - 2013-04-23 17:58 - 0000084 _____ () C:\Program Files (x86)\update-DIRiptide.bat
2013-05-11 22:41 - 2012-06-15 19:24 - 0003153 _____ () C:\Program Files (x86)\visit-nosteam.ro.html
2013-03-27 01:41 - 2011-08-09 18:08 - 0193024 _____ () C:\Program Files (x86)\Youtube Account Creator.exe
2014-07-30 11:49 - 2015-09-29 17:05 - 0000132 _____ () C:\Users\Sherrod\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-04-14 10:28 - 2015-04-14 10:28 - 0004387 _____ () C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0
2015-04-19 06:20 - 2015-04-19 06:20 - 0005872 _____ () C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn
2015-04-14 10:28 - 2015-04-14 10:28 - 0004387 _____ () C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z
2015-04-19 06:20 - 2015-04-19 06:20 - 0005872 _____ () C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut
2014-08-26 13:37 - 2014-08-27 23:37 - 0000078 _____ () C:\Users\Sherrod\AppData\Roaming\WB.CFG
2014-11-29 16:29 - 2014-11-29 16:29 - 0000218 _____ () C:\Users\Sherrod\AppData\Local\recently-used.xbel
2015-03-29 00:15 - 2015-03-29 00:15 - 0007602 _____ () C:\Users\Sherrod\AppData\Local\Resmon.ResmonCfg
2015-10-21 14:25 - 2015-10-21 14:25 - 0000000 _____ () C:\Users\Sherrod\AppData\Local\{01BDA95F-1A73-494B-AA36-E373D53EB49F}
2015-09-01 04:10 - 2015-09-01 04:10 - 0000000 _____ () C:\Users\Sherrod\AppData\Local\{42781BE5-E82B-4B4A-91AF-3EEEE1517905}
2015-10-22 14:25 - 2015-10-22 14:25 - 0000000 _____ () C:\Users\Sherrod\AppData\Local\{D5A1AF9B-3B2D-4F4F-A091-3D9CDBFE9ACD}
2015-09-29 09:47 - 2015-09-29 09:47 - 0004024 ___SH () C:\ProgramData\contents.obv
2015-08-02 08:25 - 2015-08-06 09:34 - 0001540 _____ () C:\ProgramData\tempimage.bmp
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
 
Files to move or delete:
====================
C:\Users\Sherrod\license.dat
C:\Users\Sherrod\Unity.exe
 
 
Some files in TEMP:
====================
C:\Users\Sherrod\AppData\Local\Temp\{CAA75EA8-DF92-44FE-9C42-CD821BCE70A3}-46.0.2490.80_45.0.2454.101_chrome_updater.exe
C:\Users\Sherrod\AppData\Local\Temp\{CCC9887E-9A64-4CCA-A6A1-E1C702A94733}-46.0.2490.80_45.0.2454.101_chrome_updater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-06 10:47
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Sherrod (2015-11-10 13:55:10)
Running from J:\
Windows 8.1 Pro (X64) (2014-07-14 17:39:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1579711554-1020547166-143356-500 - Administrator - Disabled)
Guest (S-1-5-21-1579711554-1020547166-143356-501 - Limited - Disabled)
Sherrod (S-1-5-21-1579711554-1020547166-143356-1001 - Administrator - Enabled) => C:\Users\Sherrod
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
.NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd)
.NET Reflector Visual Studio Extension 8.3 (HKLM-x32\...\{78AB5E88-4A49-43FF-9657-37935971F355}) (Version: 8.3.3.115 - Red Gate Software Ltd)
3DBrowser 12.61 (HKLM\...\3DBrowser (x64 bits)) (Version: 12.61 - Mootools)
3d-io Unwrella Max Demo 3.01.00 (HKLM-x32\...\3d-io Unwrella Max Demo) (Version: 3.01.00 - 3d-io GmbH)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Allegorithmic Substance Designer 4.x (HKLM-x32\...\substance_designer_4_x) (Version: 4.6.0 build 14891 (2014-12-09) - Allegorithmic)
Allegorithmic Substance Player 4.2.0 (HKLM-x32\...\substance_player_4_x) (Version: 4.2.0 build 13610 (2014-04-11) - Allegorithmic)
AMD Catalyst Install Manager (HKLM\...\{529C5283-F484-94CA-8D10-3A69FD0776D3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.5 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk FBX Review   (HKLM\...\{F699519D-B53A-4B6B-96B5-1F11161129C4}) (Version: 1.2.3.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk MotionBuilder 2016 (HKLM\...\Autodesk MotionBuilder 2016) (Version: 16.0.0.17 - Autodesk)
Autodesk MotionBuilder 2016 (Version: 16.0.0.17 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (Version: 16.0.394.0 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.3.1.840 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\BitTorrent) (Version: 7.9.4.40912 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BonesPro 4.61 (HKLM-x32\...\BonesPro) (Version: 4.61 - 3d-io GmbH)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Caped Rogue (HKLM-x32\...\Caped Rogue 1.0) (Version: 1.0 - DAZ 3D)
Casual Sexy Poses for Genesis 2 Female (HKLM-x32\...\Casual Sexy Poses for Genesis 2 Female 1.0) (Version: 1.0 - DAZ 3D)
Catalyst Pro Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Centurion Poses (HKLM-x32\...\Centurion Poses ps_mo310_CenturionPoses) (Version: ps_mo310_CenturionPoses - Name of your company)
CINEMA 4D Demo 17.032 (HKLM\...\MAXONADF66B75) (Version: 17.032 - MAXON Computer GmbH)
ClockStone FBX Viewer v1.1a (noncommercial version) (HKLM-x32\...\ClockStone FBX Viewer_is1) (Version:  - ClockStone Software GmbH)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.4.0.0377 - Disc Soft Ltd)
Darkwoods Heroine (HKLM-x32\...\Darkwoods Heroine 1.0) (Version: 1.0 - DAZ 3D)
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.27) (Version: 1.1.0.27 - DAZ 3D)
DAZ Studio 4.6 (64bit) (HKLM-x32\...\DAZ Studio 4.6 (64bit) 4.6.3.52) (Version: 4.6.3.52 - DAZ 3D)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect (HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell)
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.3.90 - Dll-Files.com)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dxtory version 2.0.132 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.132 - ExKode Co. Ltd.)
Dynamic Clothing Control DS4 (64bit) (HKLM-x32\...\Dynamic Clothing Control DS4 (64bit) 1.2.2.40) (Version: 1.2.2.40 - DAZ 3D)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Epic Games Launcher (HKLM\...\{7C8ED4CE-7D28-442D-AD14-C95C18A7CB1A}) (Version: 1.1.35.0 - Epic Games, Inc.)
Fashion Hair (HKLM-x32\...\Fashion Hair 1.0) (Version: 1.0 - DAZ 3D)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Garden Party Dress (HKLM-x32\...\Garden Party Dress 1.0) (Version: 1.0 - DAZ 3D)
Genesis 2 Female Genitalia (HKLM-x32\...\Genesis 2 Female Genitalia 1.0) (Version: 1.0 - DAZ 3D)
Genesis 2 Female Starter Essentials (HKLM-x32\...\Genesis 2 Female Starter Essentials 1.0) (Version: 1.0 - DAZ 3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoZ DS4 (64bit) (HKLM-x32\...\GoZ DS4 (64bit) 1.2.1.6) (Version: 1.2.1.6 - DAZ 3D)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
IKinemaWebAnimatePlugin (HKLM-x32\...\{E4BBD077-FDF5-4D27-9C9F-BA8CCB0E89BA}) (Version: 1.0.0.35 - IKinema Ltd)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Marvelous Designer 4 Personal (HKLM-x32\...\Marvelous Designer 4 Personal) (Version:  - CLO Virtual Fashion Inc.)
Media Player Z (x32 Version: 1.0.0.0 - SurfProtect) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{f9b04b37-35d5-4a19-a51b-fcf4a8734851}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Miro Video Converter (HKLM-x32\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NETGEAR A6210 Genie (HKLM-x32\...\InstallShield_{B37F67D3-ABD1-48E0-B422-E011C355529C}) (Version: 1.0.0.30 - NETGEAR)
NETGEAR A6210 Genie (x32 Version: 1.0.0.30 - NETGEAR) Hidden
NightCrisis(Beta) (HKLM-x32\...\{8818FB9F-033B-4DED-879B-8F13162E8E2D}) (Version: 1.0 - AlteredPlanets)
Nocturne Poses for V6 (HKLM-x32\...\Nocturne Poses for V6 1.0) (Version: 1.0 - DAZ 3D)
Nordic Hair (HKLM-x32\...\Nordic Hair 1.0) (Version: 1.0 - DAZ 3D)
Nordic Hair V4 (HKLM-x32\...\Nordic Hair V4 1.0) (Version: 1.0 - DAZ 3D)
Norma (HKLM-x32\...\Norma 1.0) (Version: 1.0 - DAZ 3D)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Remo Repair Zip (HKLM-x32\...\{C2E9BCE3-56A8-4A85-9944-6FF3DDCCE816}_is1) (Version: 2.0.0.21 - Remo Software)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SpeedTree for Unity 5 version 7.1.0 (HKLM\...\{4991AC40-0913-4982-89EB-5CD7C43CDF70}_is1) (Version: 7.1.0 - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Substance Painter (HKLM-x32\...\Steam App 273390) (Version:  - Allegorithmic)
Substance Utilities version 1.0.3 (HKLM-x32\...\{09972846-FF49-48DE-81B5-438AAD64D00C}_is1) (Version: 1.0.3 - Allegorithmic)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.00 - Ubisoft)
Tom Clancys Ghost Recon Future Soldier version 1.02 (HKLM-x32\...\{75D84EF7-0D8C-4e70-TCGRFS-7B42A5D4E0EB}_is1) (Version: 1.02 - Black_Box)
Triton for Unity Trial version 3.11 (HKLM-x32\...\{AE06970D-757B-4146-9D09-F9DFFE65F321}_is1) (Version: 3.11 - Sundog Software, LLC)
TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
Udane Hair - Genesis (HKLM-x32\...\Udane Hair - Genesis 1.0) (Version: 1.0 - DAZ 3D)
Unity (HKLM-x32\...\Unity) (Version: 5.2.1f1 - Unity Technologies ApS)
Unity 5.3.0b5 (HKLM-x32\...\Unity 5.3.0b5) (Version: 5.3.0b5 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\UnityWebPlayer) (Version: 5.2.1f1 - Unity Technologies ApS)
Unity3d Obfuscator v 1.3.18 (39) (HKLM-x32\...\Unity3d Obfuscator_is1) (Version:  - Tech-Next Software Ltd.)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
V4.2 Creature Morphs (HKLM-x32\...\V4.2 Creature Morphs ps_ac2016_CreatureMsV4) (Version: ps_ac2016_CreatureMsV4 - Name of your company)
Victoria 4.2 Base (HKLM-x32\...\Victoria 4.2 Base ps_pe069_Victoria4) (Version: ps_pe069_Victoria4 - Name of your company)
Victoria 6 (HKLM-x32\...\Victoria 6 1.0) (Version: 1.0 - DAZ 3D)
VideoCopilot Element 3D v2.2.1 CE for After Effects (HKLM\...\Element 3D CE for After Effects_is1) (Version: 2.2.1 - Team V.R)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
World Machine 2.2 Professional Edition (HKLM-x32\...\World Machine2Pro) (Version:  - )
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
10-11-2015 10:03:49 Removed globalupdate Helper
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-14 20:12 - 2015-10-11 20:43 - 00002158 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1   secure.disc-soft.com 
127.0.0.1   secure.disc-soft.com 
127.0.0.1                   bandicam.com
127.0.0.1                   ssl.bandisoft.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
 
There are 8 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09C11E2F-F7A7-4F2B-8288-D2137135BEFD} - System32\Tasks\{322788B9-BDC0-4D9F-B5B7-5FBA50460EA1} => pcalua.exe -a "C:\Users\Sherrod\Downloads\New folder\amd-catalyst-15.7-with-dotnet45-win8.1-64bit.exe" -d "C:\Users\Sherrod\Downloads\New folder"
Task: {0A3D679A-6F38-48D1-876C-FD77F49C36DC} - \HDNINSTSCHD -> No File <==== ATTENTION
Task: {0F07A175-AE0F-43D5-A168-339037CC69A9} - System32\Tasks\AdobeAAMUpdater-1.0-AlteredS-Sherrod => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {116BB8C7-63F5-48D3-870E-97F2BCDCF0C7} - System32\Tasks\Dnatolni => C:\ProgramData\Dnatolni\1.0.5.1\snovseon.exe
Task: {118C5EBC-9A17-49A6-8A79-2DC34DD60C2F} - System32\Tasks\{C00A4E2C-239B-4D8D-8BAB-DDB36D729751} => pcalua.exe -a "C:\Users\Sherrod\AppData\Roaming\Store\WindApp\WindApp Uninstall.exe" -c /cpanel=1
Task: {1B304CD1-3D95-4595-A39C-A949F6C86841} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {1E23E581-4C11-4251-B3AC-E570D3F07DBC} - System32\Tasks\{298FE2C0-4627-464B-9F16-F081D54B523F} => pcalua.exe -a C:\ProgramData\ZombieInvasion\uninstall.exe -c /kb=y /ic=1
Task: {1F82E3A6-3C03-41CE-ADC5-6AB47054CC12} - \OMYQNNDMU1 -> No File <==== ATTENTION
Task: {28FBCD5A-D68A-4626-8EA1-0D62CDCF1211} - \brbrw_2677 -> No File <==== ATTENTION
Task: {2AC80344-D820-4C18-867E-37ACF46DA169} - System32\Tasks\{52EE8772-6804-4E9A-A954-FF7EF3BFF20F} => pcalua.exe -a C:\Users\Sherrod\AppData\Local\{D76C1440-FBA0-4625-B5B4-3F4EF200AE27}\OffersWizard.exe -c -delete-
Task: {38DD0425-66B5-4CF7-B148-8F522097D3DD} - System32\Tasks\{2FE28FF2-E123-4DDD-AA63-BDD2E0160DE8} => pcalua.exe -a "C:\Program Files\shopperz02082015\unins000.exe"
Task: {3F8B8BFF-3489-4E2F-8156-4862090CE4D2} - \EbonmediaUpdater -> No File <==== ATTENTION
Task: {42C59BF4-3509-419A-9485-2C7BF6672D18} - System32\Tasks\Notify Helper => C:\Program Files (x86)\System Cleaner Pro\\NotifyHelper.exe
Task: {4E085D09-FAEB-4F0B-852E-E84C63EF0B37} - \TweakBit\FixMyPC\Start FixMyPC оn logon -> No File <==== ATTENTION
Task: {4FC7CBB5-EFAF-4A9F-A3E7-F1065949FEB0} - System32\Tasks\{1BE68F56-D3A5-4223-9DC9-843E08EE90F5} => pcalua.exe -a C:\Drivers\broadcom_bcm_43xx_wlan_6_30_223_234_driver(1)\broadcom_bcm43xx_6.30.223.234\Setup.exe -d C:\Drivers\broadcom_bcm_43xx_wlan_6_30_223_234_driver(1)\broadcom_bcm43xx_6.30.223.234
Task: {5B5197A2-3378-4077-8A62-FB94618204CB} - System32\Tasks\{10DC2A78-ADD7-430C-A78F-47B61DDE9FCD} => pcalua.exe -a "G:\GameAssets\software and plugins\Daz3d\Daz3D - David\Daz3D - ps_bn023 - David 3 Base.exe" -d "G:\GameAssets\software and plugins\Daz3d\Daz3D - David"
Task: {5B896490-24D2-43C8-9712-838DCE1FDD18} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
Task: {60181A43-73D8-4B38-8525-0F9AE76C5C62} - \Cassiopesa leco -> No File <==== ATTENTION
Task: {6AC6A8A1-F282-4AAE-B2E3-3E034B3AAD43} - System32\Tasks\Tujkh => C:\Program Files\shopperz300820151723\Dainte.bat <==== ATTENTION
Task: {7EA9BCCB-A405-4E38-97DE-7254591F9176} - System32\Tasks\System Cleaner Pro Auto Start => C:\Program Files (x86)\System Cleaner Pro\SystemCleanerPro.exe
Task: {9C6455E5-0FAA-4396-9FDA-01021EDD5F66} - System32\Tasks\P9hbRdO1gHvZjBIpSZg0Ut => C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe <==== ATTENTION
Task: {A849EF2E-BAF6-4453-B17E-4C51E380118C} - System32\Tasks\DrPcgdOfkhJR8viAN5bLI0 => C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe <==== ATTENTION
Task: {AD303ADF-AA2A-4895-98A2-EF34373E2BB1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B29312E0-68BD-4339-88E9-E39215584B83} - System32\Tasks\gnf3botHAIAKxFRn => C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe <==== ATTENTION
Task: {BA71AB38-D247-4AB0-B52F-820BFBCAC937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {D129C1B3-5E13-47B5-880C-21A88596318A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-10] (Google Inc.)
Task: {D5A906AD-E9C9-41E8-A5B9-AE9AB76CF6B6} - \boosterpop -> No File <==== ATTENTION
Task: {D6879A2B-DA2B-4916-A8DE-FCBAF5095A9C} - System32\Tasks\{F844B698-2B89-4EC0-92B1-FA2E7C96CA79} => pcalua.exe -a "C:\Users\Sherrod\Downloads\Victoria 4.2 Pro Bundle\daz ps_bn076 Victoria 4.2 Pro Bundle\ps_ac1806b_ShigiHair2.exe" -d "C:\Users\Sherrod\Downloads\Victoria 4.2 Pro Bundle\daz ps_bn076 Victoria 4.2 Pro Bundle"
Task: {DAE60761-8E01-4201-B4A2-6F63998CA870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DCE5BAA2-27F3-4780-9897-74E86328A6A3} - System32\Tasks\Mn5U4JBFtRJrAosBQu9Z => C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe <==== ATTENTION
Task: {E5C0AD9A-EF4E-4890-A40E-E6786B84E494} - System32\Tasks\Aseraufrefeua => C:\ProgramData\Aseraufrefeua\1.0.4.1\esrajuor.exe
Task: {F270B065-AC6C-4563-AD29-28D6EB2A1344} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
Task: {F94E390B-5444-4F25-99FB-DE7841C479CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {FB3DEE13-8C3C-4940-B91E-61D43E8D9683} - System32\Tasks\RDReminder => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DrPcgdOfkhJR8viAN5bLI0.job => C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718078148-4251506850-4027361749-1000Core.job => C:\Users\Sherrod Fletcher\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718078148-4251506850-4027361749-1000UA.job => C:\Users\Sherrod Fletcher\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\gnf3botHAIAKxFRn.job => C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2718078148-4251506850-4027361749-1000Core.job => C:\Users\Sherrod Fletcher\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2718078148-4251506850-4027361749-1000UA.job => C:\Users\Sherrod Fletcher\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Mn5U4JBFtRJrAosBQu9Z.job => C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe <==== ATTENTION
Task: C:\Windows\Tasks\P9hbRdO1gHvZjBIpSZg0Ut.job => C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-06-18 22:31 - 2011-05-05 14:36 - 00022528 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
2013-06-18 22:31 - 2011-05-05 14:36 - 01479680 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_x64.dll
2013-06-18 22:31 - 2011-05-05 14:36 - 00977408 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x64.dll
2013-06-18 22:31 - 2011-05-05 14:36 - 01053696 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl_x64.dll
2013-06-18 22:31 - 2011-05-05 14:36 - 00155136 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp_x64.dll
2011-09-14 22:19 - 2011-09-14 22:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2014-05-13 15:57 - 2014-05-13 15:57 - 00210648 _____ () C:\Program Files (x86)\NETGEAR\A6210\NetgearSwitchUSB.exe
2014-05-25 08:18 - 2014-05-25 08:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-05-25 08:18 - 2014-05-25 08:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-07-11 05:21 - 2013-07-11 05:21 - 00143752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axutil.dll
2013-04-25 07:43 - 2013-04-25 07:43 - 00472904 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_engine.dll
2013-07-11 05:21 - 2013-07-11 05:21 - 00179592 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axiom.dll
2013-04-25 07:44 - 2013-04-25 07:44 - 00040264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_parser.dll
2013-04-25 07:43 - 2013-04-25 07:43 - 00140104 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\neethi.dll
2013-04-25 07:44 - 2013-04-25 07:44 - 01310024 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\libxml2.dll
2014-12-03 17:15 - 2014-12-03 17:15 - 00564736 _____ () C:\Program Files\Autodesk\3ds Max 2016\DADispatcherService.exe
2014-07-16 17:08 - 2013-02-04 02:05 - 00521216 _____ () C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLock3_5Net_3dio.dll
2015-08-08 23:06 - 2015-09-06 21:33 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-08-08 23:06 - 2015-09-06 21:33 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-11-10 07:55 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-11-10 07:55 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-11-10 09:57 - 2015-09-06 21:33 - 00104328 _____ () C:\Users\Sherrod\AppData\Local\Autodesk\.AdskAppManager\R1\qjson0.dll
2015-11-01 13:25 - 2015-11-01 13:25 - 00904704 _____ () C:\Users\Sherrod\AppData\Local\Temp\{181573c4-a37b-468b-9c8a-cbd9a1fbf4dc}\System.Data.SQLite.dll
2015-02-17 08:26 - 2015-10-05 10:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-17 08:26 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-02-17 08:26 - 2015-10-08 17:02 - 02422864 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-17 08:26 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-17 08:26 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-02-17 08:26 - 2015-09-23 18:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-02-17 08:26 - 2015-09-23 18:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-02-17 08:26 - 2015-09-23 18:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-02-17 08:26 - 2015-09-23 18:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-02-17 08:26 - 2015-09-23 18:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-02-17 08:26 - 2015-10-08 17:02 - 00704592 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-26 09:17 - 2015-09-14 14:20 - 00193536 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-02-17 08:26 - 2015-10-08 16:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-02-17 08:26 - 2015-09-24 17:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\Users\Sherrod\AppData\Local\Temp:DLsUs81W9JFXkHfr8MYK
AlternateDataStreams: C:\Users\Sherrod\AppData\Local\Temp:u5Z13yYuLnz7QWcBWz
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\03568401.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\03568401.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ohudheuodm => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\dell.com -> dell.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1579711554-1020547166-143356-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sherrod\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "NETGEAR A6210 Genie.lnk"
HKLM\...\StartupApproved\Run: => "3D BubbleSound"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "gmsd_us_005010054"
HKLM\...\StartupApproved\Run32: => "gmsd_us_005010055"
HKLM\...\StartupApproved\Run32: => "SmartWeb"
HKLM\...\StartupApproved\Run32: => "YTDownloader"
HKLM\...\StartupApproved\Run32: => "SPDriver"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\StartupFolder: => "3DBrowser.lnk"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\StartupFolder: => "StormAlertsApp.lnk"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "Pinger"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "VoxOx"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "DAEMON Tools Pro Agent"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "YTDownloader"
HKU\S-1-5-21-1579711554-1020547166-143356-1001\...\StartupApproved\Run: => "SPDriver"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{2FD3D646-A109-41BF-BE6C-5550DE2A098C}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{8569259B-7A55-416A-AE1E-0ADDB67AC678}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{F4BD6EBA-F903-47B4-9456-BB516B5DD619}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{E4F0B979-A433-49D8-AAD4-E3B38AF6B3AF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D04BCD8D-B93E-4086-A326-CB4A8402CF5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{21F7618C-474C-4408-A303-F7E30AB2B128}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2BCA34AA-814D-49F5-8C4D-E4ED8C048855}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{06F63C6D-17D1-449F-9B27-5C28326AFDC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{ED25909C-96E7-4EF3-8BA8-B74FB440D1C5}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{084CEC75-B6EC-46F1-9E80-E70D46A773F5}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{32E9CA7D-D2BE-4033-9333-33BA8A70989F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AC4258BB-3D12-4B45-92F8-A427ED541571}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{AF20A6D6-893E-4621-B7A2-C25A6E3BE91A}C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe
FirewallRules: [UDP Query User{0F4A23D6-7494-4685-A9E8-3CBE1FCA1F7B}C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe
FirewallRules: [TCP Query User{890FA64E-18C4-4C1F-B678-DFBEF71B0F9D}C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe] => (Allow) C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe
FirewallRules: [UDP Query User{8C0CE07B-789E-43AE-836B-BF6F9843D0A5}C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe] => (Allow) C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe
FirewallRules: [TCP Query User{B5F6A4FD-3257-4B01-A0D0-7DB888ABE481}C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe] => (Allow) C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe
FirewallRules: [UDP Query User{7352BF88-3661-422B-9F59-746A63A13D15}C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe] => (Allow) C:\program files\allegorithmic\substance\designer\4.x\substance_designer.exe
FirewallRules: [TCP Query User{DE5FDA02-7D50-423B-9F46-F6759FA21C19}C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe
FirewallRules: [UDP Query User{D43FBDDA-203B-4F3C-BE1C-515092BD7D1F}C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\substance painter\substance painter.exe
FirewallRules: [TCP Query User{30981AA5-62F3-4457-84E5-1FE232D309F3}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe
FirewallRules: [UDP Query User{89F15386-83F2-4307-A83A-8850D2AB638A}C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe] => (Allow) C:\program files\autodesk\motionbuilder 2016\bin\x64\motionbuilder.exe
FirewallRules: [TCP Query User{FBA849CD-EEB3-49B5-908C-1A55E264E081}C:\program files\unity 5.3.0b5\editor\unity.exe] => (Block) C:\program files\unity 5.3.0b5\editor\unity.exe
FirewallRules: [UDP Query User{755E28A4-0A55-4B60-863F-82C28B46EE8F}C:\program files\unity 5.3.0b5\editor\unity.exe] => (Block) C:\program files\unity 5.3.0b5\editor\unity.exe
FirewallRules: [TCP Query User{7DFA6E62-4D2A-4EF9-87AD-3834CFED5471}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8C97583D-6D62-42DF-851D-D89790DC4180}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{89C6434B-6FB9-463B-951A-4B80186B0B8A}C:\users\sherrod\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sherrod\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{280E1EE3-4442-4EE6-A43B-C6CA30F1960B}C:\users\sherrod\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\sherrod\appdata\local\akamai\netsession_win.exe
FirewallRules: [{BD28219A-FDE0-48CF-8F5E-157AB6B655C3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{F4842856-27F6-45E5-8E58-8C240BC27E36}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E97B1A79-F0F8-411B-A716-F8406F0A3043}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Mass Storage Controller
Description: Mass Storage Controller


#11 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 11 November 2015 - 05:36 PM

Hello Sherrod,

:step1: I'd like to let you know that programs like DllFixer are not trustworthy to use, as you cannot track where the program gets the missing files from. It is best that you uninstall it with Programs and Features.

===

:step2: Spybot Search & Destroy no longer recommended

Spybot Search & Destroy has very poor performance, and thus is no longer recommended for antimalware protection.

You can remove it via Programs and Features.

===

:step3: Fix with Farbar Recovery Scan Tool

  • Please download the attached fixlist.txt and save it to your Desktop.
    Note: It's important that both FRST/FRST64.exe and fixlist.txt are in the same location or the fix will not work!
    WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system!
  • Run FRST/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log named Fixlog.txt on the Desktop, please post it to your reply

===

:step4: Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).

  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
  • When the scan is completed click Quarantine selected objectsNote, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop and post the contents in your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.

To recap, in your next reply I will need the following:

  • Contents of Fixlog.txt;
  • Scan log from Emsisoft Emergency Kit.

Regards,
Alex 



#12 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 12 November 2015 - 03:49 AM

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Sherrod (2015-11-11 21:37:29) Run:3
Running from J:\
Loaded Profiles: Sherrod (Available Profiles: Sherrod)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-08-18] <==== ATTENTION (Points to *.cfg file)
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=F94zbuzdk00MC1_CF,4f81f5f4-5080-4af1-98fb-a54cb9f1c89b,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Extension: (Searchanger) - C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkmmcpiffbmhaojcffajlagoofcmbob [2015-08-22]
Folder: C:\Windows\system32\sru
2015-04-14 10:28 - 2015-04-14 10:28 - 0004387 _____ () C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0
2015-04-19 06:20 - 2015-04-19 06:20 - 0005872 _____ () C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn
2015-04-14 10:28 - 2015-04-14 10:28 - 0004387 _____ () C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z
2015-04-19 06:20 - 2015-04-19 06:20 - 0005872 _____ () C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut
C:\Program Files (x86)\Google\Desktop\Install
Task: {0A3D679A-6F38-48D1-876C-FD77F49C36DC} - \HDNINSTSCHD -> No File <==== ATTENTION
Task: {116BB8C7-63F5-48D3-870E-97F2BCDCF0C7} - System32\Tasks\Dnatolni => C:\ProgramData\Dnatolni\1.0.5.1\snovseon.exe
C:\ProgramData\Dnatolni\
Task: {1F82E3A6-3C03-41CE-ADC5-6AB47054CC12} - \OMYQNNDMU1 -> No File <==== ATTENTION
Task: {28FBCD5A-D68A-4626-8EA1-0D62CDCF1211} - \brbrw_2677 -> No File <==== ATTENTION
Task: {38DD0425-66B5-4CF7-B148-8F522097D3DD} - System32\Tasks\{2FE28FF2-E123-4DDD-AA63-BDD2E0160DE8} => pcalua.exe -a "C:\Program Files\shopperz02082015\unins000.exe"
C:\Program Files\shopperz02082015
Task: {3F8B8BFF-3489-4E2F-8156-4862090CE4D2} - \EbonmediaUpdater -> No File <==== ATTENTION
Task: {42C59BF4-3509-419A-9485-2C7BF6672D18} - System32\Tasks\Notify Helper => C:\Program Files (x86)\System Cleaner Pro\\NotifyHelper.exe
Task: {4E085D09-FAEB-4F0B-852E-E84C63EF0B37} - \TweakBit\FixMyPC\Start FixMyPC оn logon -> No File <==== ATTENTION
C:\Program Files (x86)\System Cleaner Pro
Task: {60181A43-73D8-4B38-8525-0F9AE76C5C62} - \Cassiopesa leco -> No File <==== ATTENTION
Task: {6AC6A8A1-F282-4AAE-B2E3-3E034B3AAD43} - System32\Tasks\Tujkh => C:\Program Files\shopperz300820151723\Dainte.bat <==== ATTENTION
Task: {7EA9BCCB-A405-4E38-97DE-7254591F9176} - System32\Tasks\System Cleaner Pro Auto Start => C:\Program Files (x86)\System Cleaner Pro\SystemCleanerPro.exe
Task: {9C6455E5-0FAA-4396-9FDA-01021EDD5F66} - System32\Tasks\P9hbRdO1gHvZjBIpSZg0Ut => C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe
Task: {A849EF2E-BAF6-4453-B17E-4C51E380118C} - System32\Tasks\DrPcgdOfkhJR8viAN5bLI0 => C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe
Task: {B29312E0-68BD-4339-88E9-E39215584B83} - System32\Tasks\gnf3botHAIAKxFRn => C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe
Task: {D5A906AD-E9C9-41E8-A5B9-AE9AB76CF6B6} - \boosterpop -> No File <==== ATTENTION
Task: {DCE5BAA2-27F3-4780-9897-74E86328A6A3} - System32\Tasks\Mn5U4JBFtRJrAosBQu9Z => C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe
Task: {E5C0AD9A-EF4E-4890-A40E-E6786B84E494} - System32\Tasks\Aseraufrefeua => C:\ProgramData\Aseraufrefeua\1.0.4.1\esrajuor.exe
C:\ProgramData\Aseraufrefeua
Task: C:\Windows\Tasks\DrPcgdOfkhJR8viAN5bLI0.job => C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe
Task: C:\Windows\Tasks\gnf3botHAIAKxFRn.job => C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe
Task: C:\Windows\Tasks\Mn5U4JBFtRJrAosBQu9Z.job => C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe
Task: C:\Windows\Tasks\P9hbRdO1gHvZjBIpSZg0Ut.job => C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe <==== ATTENTION
C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe
AlternateDataStreams: C:\Users\Sherrod\AppData\Local\Temp:DLsUs81W9JFXkHfr8MYK
AlternateDataStreams: C:\Users\Sherrod\AppData\Local\Temp:u5Z13yYuLnz7QWcBWz
*****************
 
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\Windows\system32\GroupPolicy\Machine" => not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js => moved successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\Users\Sherrod\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfkmmcpiffbmhaojcffajlagoofcmbob => moved successfully
 
========================= Folder: C:\Windows\system32\sru ========================
 
2014-07-14 12:00 - 2015-11-11 21:02 - 0008192 _____ () C:\Windows\system32\sru\SRU.chk
2014-07-14 12:00 - 2015-11-11 21:02 - 0065536 _____ () C:\Windows\system32\sru\SRU.log
2014-07-14 12:00 - 2015-11-11 21:00 - 0065536 _____ () C:\Windows\system32\sru\SRU044E3.log
2014-07-14 12:00 - 2015-11-11 21:02 - 38281216 _____ () C:\Windows\system32\sru\SRUDB.dat
2014-07-14 12:00 - 2014-07-14 12:00 - 0065536 _____ () C:\Windows\system32\sru\SRUres00001.jrs
2014-07-14 12:00 - 2014-07-14 12:00 - 0065536 _____ () C:\Windows\system32\sru\SRUres00002.jrs
2014-07-14 12:00 - 2015-11-11 20:00 - 0065536 _____ () C:\Windows\system32\sru\SRUtmp.log
 
====== End of Folder: ======
 
C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0 => moved successfully
C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn => moved successfully
C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z => moved successfully
C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut => moved successfully
C:\Program Files (x86)\Google\Desktop\Install => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A3D679A-6F38-48D1-876C-FD77F49C36DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A3D679A-6F38-48D1-876C-FD77F49C36DC}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HDNINSTSCHD => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{116BB8C7-63F5-48D3-870E-97F2BCDCF0C7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{116BB8C7-63F5-48D3-870E-97F2BCDCF0C7}" => key removed successfully
C:\Windows\System32\Tasks\Dnatolni => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dnatolni" => key removed successfully
"C:\ProgramData\Dnatolni" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F82E3A6-3C03-41CE-ADC5-6AB47054CC12}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F82E3A6-3C03-41CE-ADC5-6AB47054CC12}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OMYQNNDMU1 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28FBCD5A-D68A-4626-8EA1-0D62CDCF1211}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28FBCD5A-D68A-4626-8EA1-0D62CDCF1211}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\brbrw_2677 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38DD0425-66B5-4CF7-B148-8F522097D3DD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38DD0425-66B5-4CF7-B148-8F522097D3DD}" => key removed successfully
C:\Windows\System32\Tasks\{2FE28FF2-E123-4DDD-AA63-BDD2E0160DE8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2FE28FF2-E123-4DDD-AA63-BDD2E0160DE8}" => key removed successfully
"C:\Program Files\shopperz02082015" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F8B8BFF-3489-4E2F-8156-4862090CE4D2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F8B8BFF-3489-4E2F-8156-4862090CE4D2}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EbonmediaUpdater => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42C59BF4-3509-419A-9485-2C7BF6672D18}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42C59BF4-3509-419A-9485-2C7BF6672D18}" => key removed successfully
C:\Windows\System32\Tasks\Notify Helper => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Notify Helper" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4E085D09-FAEB-4F0B-852E-E84C63EF0B37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E085D09-FAEB-4F0B-852E-E84C63EF0B37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\FixMyPC\Start FixMyPC оn logon" => key removed successfully
"C:\Program Files (x86)\System Cleaner Pro" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60181A43-73D8-4B38-8525-0F9AE76C5C62}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60181A43-73D8-4B38-8525-0F9AE76C5C62}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Cassiopesa leco => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AC6A8A1-F282-4AAE-B2E3-3E034B3AAD43}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AC6A8A1-F282-4AAE-B2E3-3E034B3AAD43}" => key removed successfully
C:\Windows\System32\Tasks\Tujkh => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Tujkh" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7EA9BCCB-A405-4E38-97DE-7254591F9176}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EA9BCCB-A405-4E38-97DE-7254591F9176}" => key removed successfully
C:\Windows\System32\Tasks\System Cleaner Pro Auto Start => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System Cleaner Pro Auto Start" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C6455E5-0FAA-4396-9FDA-01021EDD5F66}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C6455E5-0FAA-4396-9FDA-01021EDD5F66}" => key removed successfully
C:\Windows\System32\Tasks\P9hbRdO1gHvZjBIpSZg0Ut => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\P9hbRdO1gHvZjBIpSZg0Ut" => key removed successfully
"C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A849EF2E-BAF6-4453-B17E-4C51E380118C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A849EF2E-BAF6-4453-B17E-4C51E380118C}" => key removed successfully
C:\Windows\System32\Tasks\DrPcgdOfkhJR8viAN5bLI0 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DrPcgdOfkhJR8viAN5bLI0" => key removed successfully
"C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B29312E0-68BD-4339-88E9-E39215584B83}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B29312E0-68BD-4339-88E9-E39215584B83}" => key removed successfully
C:\Windows\System32\Tasks\gnf3botHAIAKxFRn => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gnf3botHAIAKxFRn" => key removed successfully
"C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5A906AD-E9C9-41E8-A5B9-AE9AB76CF6B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5A906AD-E9C9-41E8-A5B9-AE9AB76CF6B6}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\boosterpop => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCE5BAA2-27F3-4780-9897-74E86328A6A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE5BAA2-27F3-4780-9897-74E86328A6A3}" => key removed successfully
C:\Windows\System32\Tasks\Mn5U4JBFtRJrAosBQu9Z => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mn5U4JBFtRJrAosBQu9Z" => key removed successfully
"C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E5C0AD9A-EF4E-4890-A40E-E6786B84E494}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5C0AD9A-EF4E-4890-A40E-E6786B84E494}" => key removed successfully
C:\Windows\System32\Tasks\Aseraufrefeua => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Aseraufrefeua" => key removed successfully
"C:\ProgramData\Aseraufrefeua" => not found.
C:\Windows\Tasks\DrPcgdOfkhJR8viAN5bLI0.job => moved successfully
"C:\Users\Sherrod\AppData\Roaming\DrPcgdOfkhJR8viAN5bLI0.exe" => not found.
C:\Windows\Tasks\gnf3botHAIAKxFRn.job => moved successfully
"C:\Users\Sherrod\AppData\Roaming\gnf3botHAIAKxFRn.exe" => not found.
C:\Windows\Tasks\Mn5U4JBFtRJrAosBQu9Z.job => moved successfully
"C:\Users\Sherrod\AppData\Roaming\Mn5U4JBFtRJrAosBQu9Z.exe" => not found.
C:\Windows\Tasks\P9hbRdO1gHvZjBIpSZg0Ut.job => moved successfully
"C:\Users\Sherrod\AppData\Roaming\P9hbRdO1gHvZjBIpSZg0Ut.exe" => not found.
C:\Users\Sherrod\AppData\Local\Temp => ":DLsUs81W9JFXkHfr8MYK" ADS removed successfully.
C:\Users\Sherrod\AppData\Local\Temp => ":u5Z13yYuLnz7QWcBWz" ADS removed successfully.
 
 
The system needed a reboot.
 
==== End of Fixlog 21:37:31 ====
 
Emsisoft Emergency Kit - Version 10.0
Last update: N/A
User account: ALTEREDS1\Sherrod
 
Scan settings:
 
Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files
 
Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 11/12/2015 2:28:29 AM
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\WINFIX 10 detected: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFCTRL.ANIGIF detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG.1 detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2 detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2.1 detected: Application.Toolbar (A)
Key: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143E921-7C9A-4D27-AC43-EACCC78CC55A} detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\CONTROL\CLASS\{0014298C-A9BA-440D-AAA8-AD12C7010EE5} detected: Application.AdShopper (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\CONTROL\CLASS\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D} detected: Application.AdShopper (A)
C:\Users\Sherrod\AppData\Local\svchost\ detected: Trojan.Win32.Inject (A)
Value: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
C:\ProgramData\svp\84F9BE63EFC040369C496396AC241DE8\setup.exe detected: Trojan.Generic.14983447 (B)
C:\Users\Sherrod\AppData\Local\Microsoft\Windows\INetCache\IE\G63QT8W8\ChromeSetup.exe.je49mvv.partial detected: Gen:Variant.Application.Bundler.Softpulse.11 (B)
C:\Users\Sherrod\AppData\Roaming\JV Update\SecureWebUpdate.exe detected: Trojan.Generic.15013482 (B)
C:\Users\Sherrod\Downloads\3DBrowser for 3D Users with Polygon Cruncher 12.61\keygen_fix.exe detected: Trojan.Generic.12189748 (B)
 
Scanned 96151
Found 16
 
Scan end: 11/12/2015 2:45:21 AM
Scan time: 0:16:52
 
C:\Users\Sherrod\Downloads\3DBrowser for 3D Users with Polygon Cruncher 12.61\keygen_fix.exe Quarantined Trojan.Generic.12189748 (B)
C:\Users\Sherrod\AppData\Roaming\JV Update\SecureWebUpdate.exe Quarantined Trojan.Generic.15013482 (B)
C:\Users\Sherrod\AppData\Local\Microsoft\Windows\INetCache\IE\G63QT8W8\ChromeSetup.exe.je49mvv.partial Quarantined Gen:Variant.Application.Bundler.Softpulse.11 (B)
C:\ProgramData\svp\84F9BE63EFC040369C496396AC241DE8\setup.exe Quarantined Trojan.Generic.14983447 (B)
Value: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
C:\Users\Sherrod\AppData\Local\svchost\ Quarantined Trojan.Win32.Inject (A)
Key: HKEY_USERS\S-1-5-21-1579711554-1020547166-143356-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9143E921-7C9A-4D27-AC43-EACCC78CC55A} Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2.1 Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2 Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG.1 Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFCTRL.ANIGIF Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\WINFIX 10 Quarantined Application.AppInstall (A)
 
Quarantined 14
 


#13 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 12 November 2015 - 05:39 PM

Hello Sherrod,

How is the computer running now?

#14 Sherrod

Sherrod
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:10:22 AM

Posted 12 November 2015 - 05:54 PM

still cant use browsers, although im connected to internet......



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:22 AM

Posted 13 November 2015 - 06:41 AM

Hello Sherrod,

Which browsers are you using?

Please run these tools to check the status of your services and internet connection.

:step1: Farbar Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
===

:step2: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.

To recap, I will need the following information in your next reply:
  • Which browser(s) are you using?
  • Logs from Farbar Service Scanner and MiniToolbox.
Regards,
Alex 




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users