I had to uninstall Cisco AnyConnect VPN client, and after I reboot my system and log in, I get a white screen with a mouse cursor. After that, the system is unresponsive. I can reboot into safe mode without issue. The only way to get back to a useable state, is to restore back to previous point.
I am not sure if it a virus or what, but it seems to have some of the earmarks of the ZeroAccess infection.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by Kevin (administrator) on KEVIN-PC on 11-05-2015 20:27:08
Running from C:\Users\Kevin\Downloads
Loaded Profiles: Kevin (Available profiles: Kevin)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Schneider Electric Buildings LLC) C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\S2ConnectAgent\bin\SE.SBO.S2ConnectESAgent.exe
(Schneider Electric Buildings LLC) C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\Enterprise Server\bin\SE.SBO.EnterpriseServer.exe
(Flexera Software LLC.) C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\License Server\lmadmin.exe
() C:\Users\Kevin\AppData\Local\Temp\INSTAL~1.EXE
(Demo Corporation) C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\License Server\taclic.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeterSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
(Echelon Corporation) C:\Program Files\LonWorks\bin\LnsMtsSvc.exe
() C:\niagara\niagara-3.6.406\bin\niagarad.exe
(Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Trane\TracerTU.Service\EvoUSB.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acresso Software Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeter.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Spotify Ltd) C:\Users\Kevin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(MagicISO, Inc.) C:\Program Files\MagicDisc\MagicDisc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [555352 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495708 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [GlobalProtect] => C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe [761648 2014-05-08] (Palo Alto Networks)
HKLM\...\Run: [T-Mobile webConnect Manager] => C:\Program Files\T-Mobile\webConnect Manager\TMobileCM.exe [22296 2009-09-28] (T-Mobile)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2015-02-16] (LogMeIn, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Kevin\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Run: [Spotify Web Helper] => C:\Users\Kevin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-23] (Spotify Ltd)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [1832448 2013-12-28] (Hagel Technologies Ltd.)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Run: [Spotify] => C:\Users\Kevin\AppData\Roaming\Spotify\Spotify.exe [7168568 2015-04-23] (Spotify Ltd)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: I - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {12c34dfc-1702-11e3-84a8-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {1ca6f48b-244b-11e3-9c3d-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {345226d1-d7af-11e4-b5c2-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {34522707-d7af-11e4-b5c2-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {3452270f-d7af-11e4-b5c2-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {3452271a-d7af-11e4-b5c2-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {5300ef06-d7a8-11e4-9ea8-463500000031} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {5300ef11-d7a8-11e4-9ea8-463500000031} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {58981ac2-bc02-11e3-9228-463500000031} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {771f709c-e01a-11e3-8fad-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {771f70a6-e01a-11e3-8fad-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {771f71b7-e01a-11e3-8fad-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {771f755d-e01a-11e3-8fad-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {7a351747-127a-11e4-8d17-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {7a35177b-127a-11e4-8d17-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {7a351788-127a-11e4-8d17-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {7a3517c3-127a-11e4-8d17-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {b19ccc4b-b083-11e4-8b1c-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {b19ccc4e-b083-11e4-8b1c-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {b19ccc5b-b083-11e4-8b1c-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {c14e74c9-3b39-11e3-8b8c-1c659d4e8030} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {cfe0504b-d4ac-11e4-96d6-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {cfe0508f-d4ac-11e4-96d6-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {dad7f502-8a7c-11e3-897c-463500000031} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fa869963-4996-11e4-b7b7-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fa86996c-4996-11e4-b7b7-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fa869994-4996-11e4-b7b7-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fa86999a-4996-11e4-b7b7-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fa8699a3-4996-11e4-b7b7-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\MountPoints2: {fc9de195-cf5f-11e4-8d3a-1c659d4e8030} - G:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-06-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-12-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk [2014-06-19]
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2014-05-19]
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk [2013-09-03]
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-02-01]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000 -> DefaultScope {2D9269D1-BD99-4989-96B2-9C68E1B86482} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000 -> {2D9269D1-BD99-4989-96B2-9C68E1B86482} URL = https://www.google.c...q={searchTerms}
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-04] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-03-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-03-10] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-04] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-09-04] (Adobe Systems Incorporated)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} https://mcvlink.mayo...,2012,1109,1339
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://mcvlink.mayo...,2012,1109,1401
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} https://mcvlink.mayo...,2012,1109,1356
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\Kevin\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB
DPF: {57C76689-F052-487B-A19F-855AFDDF28EE} https://mcvlink.mayo...,2012,1109,1342
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://mcvlink.mayo...,2012,1109,1353
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://mcvlink.mayo...,2012,1109,1409
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yjlvtpwt.default-1428927656432
FF DefaultSearchEngine.US: Google
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-06] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Kevin\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-10-15] (Cisco WebEx LLC)
FF Extension: Bitdefender QuickScan - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yjlvtpwt.default-1428927656432\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-05-11]
FF Extension: NoScript - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yjlvtpwt.default-1428927656432\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-04-13]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yjlvtpwt.default-1428927656432\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-13]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-06-07]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Building Operation 1.6 Connect Agent; C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\S2ConnectAgent\bin\SE.SBO.S2ConnectESAgent.exe [48376 2015-03-27] (Schneider Electric Buildings LLC)
R2 Building Operation 1.6 Enterprise Server; C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\Enterprise Server\bin\SE.SBO.EnterpriseServer.exe [15655672 2015-03-27] (Schneider Electric Buildings LLC)
R2 Building Operation 1.6 License Server; C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\License Server\lmadmin.exe [6975864 2015-01-16] (Flexera Software LLC.)
S3 Building Operation 1.6 Project Configuration Server; C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\Project Configuration Server\bin\SE.SBO.ProjectConfigurationServer.exe [15597304 2015-02-12] (Schneider Electric Buildings LLC)
R2 CiscoVpnInstallService; C:\Users\Kevin\AppData\Local\Temp\INSTAL~1.EXE [221315 2010-09-27] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1846968 2015-04-22] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [73728 2005-09-09] (CrypKey (Canada) Ltd.) [File not signed]
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
R2 dcpsysmgrsvc; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [390000 2011-07-28] (Dell Inc.)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [1062912 2013-12-28] (Hagel Technologies Ltd.) [File not signed]
S3 LdvxBroker; C:\Program Files\LonWorks\bin\LdvxBroker.exe [142664 2011-08-16] (Echelon Corporation)
R2 LnsMtsSvc; C:\Program Files\LonWorks\bin\LnsMtsSvc.exe [70984 2011-08-16] (Echelon Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2014-04-28] (Hewlett-Packard) [File not signed]
R2 Niagara; C:\niagara\niagara-3.6.406\bin\niagarad.exe [246544 2013-08-02] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [33080 2015-03-19] (The OpenVPN Project)
R2 PanGPS; C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe [1112880 2014-05-08] (Palo Alto Networks)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2014-04-28] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2010-07-22] (IDT, Inc.)
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [256800 2013-12-03] (Dell SonicWALL, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH)
S3 TMobileRcAppSvc; C:\Program Files\T-Mobile\webConnect Manager\RcAppSvc.exe [120088 2009-08-13] (SmithMicro Inc.)
R2 Tracer TU Service; C:\Program Files\Trane\TracerTU.Service\EvoUSB.exe [114176 2015-03-05] () [File not signed]
S2 vlonaxSvc; C:\Windows\system32\vlonax.exe [38912 2006-06-28] () [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [555408 2013-03-26] (Cisco Systems, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acceler; C:\Windows\System32\DRIVERS\accelern.sys [44144 2011-07-22] (ST Microelectronics)
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92112 2013-03-26] (Cisco Systems, Inc.)
R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4096 2013-10-04] (Windows ® Codename Longhorn DDK provider)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [300584 2012-12-13] (Broadcom Corporation.)
S3 CpUSB32; C:\Windows\System32\Drivers\CpUSB32.sys [20888 2013-06-07] (YASKAWA ELECTRIC CORPORATION)
S3 cpuz136; C:\Program Files\CPUID\PC Wizard 2013\pcwiz_x32.sys [25320 2013-08-24] (CPUID)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [40296 2012-03-12] (Broadcom Corporation)
R1 DNE; C:\Windows\System32\DRIVERS\dnelwf.sys [108368 2013-10-03] (Citrix Systems, Inc.)
S3 DUMeterDrv; C:\Program Files\DU Meter\DUMETR32.SYS [19720 2014-11-13] (Hagel Technologies Ltd.)
S3 EVOUSB; C:\Windows\System32\Drivers\evousb.sys [36696 2012-05-30] (Trane)
S3 f5ipfw; C:\Windows\system32\drivers\urfltwlh.sys [13984 2012-11-09] (F5 Networks, Inc.)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2010-08-19] (FTDI Ltd.)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R1 MpKslc652c1d8; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E9CC9A5D-CC27-4BA1-9CBF-2180C67C3E93}\MpKslc652c1d8.sys [39464 2015-05-11] (Microsoft Corporation)
S3 nBacES60; C:\Windows\System32\DRIVERS\nBacES60.sys [28160 2012-12-13] (Tridium, Inc.)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [6814720 2010-07-14] (Intel Corporation)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [31654 2004-07-29] () [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 PanGpd; C:\Windows\System32\DRIVERS\pangpd.sys [32256 2014-05-08] (Palo Alto Networks)
S3 pnplon; C:\Windows\System32\drivers\pnplon.sys [21959 2010-08-12] (Echelon Corporation)
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [59904 2010-03-19] (REDC)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [139776 2013-10-25] (Prolific Technology Inc.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 SWIPsec; C:\Windows\system32\Drivers\SWIPsec.sys [95120 2013-12-03] (Dell SonicWALL, Inc.)
S3 SWVNIC; C:\Windows\System32\DRIVERS\swvnic.sys [21016 2013-08-26] (SonicWALL, Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2014-11-05] (The OpenVPN Project)
R3 urvpndrv; C:\Windows\System32\DRIVERS\covpnwlh.sys [37024 2012-11-09] (F5 Networks, Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
S3 vpcuxd; C:\Windows\System32\DRIVERS\vpcuxd.sys [12800 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 20:27 - 2015-05-11 20:27 - 00030905 _____ () C:\Users\Kevin\Downloads\FRST.txt
2015-05-11 20:27 - 2015-05-11 20:27 - 00000000 ____D () C:\FRST
2015-05-11 20:26 - 2015-05-11 20:26 - 01141248 _____ (Farbar) C:\Users\Kevin\Downloads\FRST.exe
2015-05-11 20:08 - 2015-05-11 20:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn
2015-05-11 20:08 - 2015-05-11 20:08 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-05-11 19:10 - 2015-05-11 19:13 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\QuickScan
2015-05-11 19:08 - 2015-05-11 19:08 - 00001090 _____ () C:\Users\Kevin\Desktop\checkup.txt
2015-05-11 19:08 - 2015-05-11 19:08 - 00001046 _____ () C:\Users\Kevin\Desktop\MBAM.txt
2015-05-11 15:12 - 2015-05-11 15:12 - 00147746 _____ () C:\Users\Kevin\Desktop\OTL.Txt
2015-05-11 15:12 - 2015-05-11 15:12 - 00076970 _____ () C:\Users\Kevin\Desktop\Extras.Txt
2015-05-11 15:11 - 2015-05-11 15:11 - 00076970 _____ () C:\Users\Kevin\Downloads\Extras.Txt
2015-05-11 15:09 - 2015-05-11 15:09 - 00147746 _____ () C:\Users\Kevin\Downloads\OTL.Txt
2015-05-11 15:00 - 2015-05-11 15:00 - 00001087 _____ () C:\Users\Kevin\Desktop\AdwCleaner[R2].txt
2015-05-11 14:23 - 2015-05-11 14:23 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-05-11 11:22 - 2015-05-11 13:27 - 00000000 ____D () C:\Windows\pss
2015-05-08 09:53 - 2015-05-11 14:57 - 00000000 ____D () C:\AdwCleaner
2015-05-07 10:25 - 2015-05-07 10:25 - 00000000 ____D () C:\Users\Kevin\Downloads\DualMonitorTools-1.10
2015-05-07 10:21 - 2015-05-07 10:21 - 06484352 _____ (Piriform Ltd) C:\Users\Kevin\Downloads\ccsetup505.exe
2015-05-06 11:16 - 2015-05-11 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2015-05-06 11:16 - 2015-05-11 19:47 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-05-06 11:16 - 2015-05-06 11:16 - 00001065 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2015-05-06 11:15 - 2015-05-11 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-05-06 11:15 - 2015-05-11 19:47 - 00000000 ____D () C:\Program Files\OpenVPN
2015-05-06 11:15 - 2015-05-06 11:15 - 01699584 _____ () C:\Users\Kevin\Downloads\openvpn-install-2.3.6-I603-i686.exe
2015-05-06 10:31 - 2015-05-06 10:31 - 08254766 _____ () C:\Users\Kevin\Downloads\npp.6.7.7.Installer.exe
2015-05-05 10:22 - 2015-05-05 10:22 - 00000173 _____ () C:\Users\Kevin\Documents\DSLMinecraftList.txt
2015-05-05 10:22 - 2015-05-05 10:22 - 00000082 _____ () C:\Users\Kevin\Documents\TMoHotspotKey.txt
2015-05-04 15:10 - 2015-05-04 15:10 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-05-01 15:19 - 2015-05-11 19:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-01 15:19 - 2015-05-01 15:19 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-01 15:17 - 2015-05-01 15:17 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kevin\Downloads\mbar-1.09.1.1004.exe
2015-05-01 15:16 - 2015-05-01 15:16 - 16873560 _____ () C:\Users\Kevin\Downloads\RogueKiller.exe
2015-05-01 15:04 - 2015-05-01 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\IsolatedStorage
2015-05-01 13:37 - 2015-05-01 13:37 - 00000392 _____ () C:\Users\Kevin\Desktop\Yammer Notifier.appref-ms
2015-05-01 13:37 - 2015-05-01 13:37 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Yammer
2015-05-01 13:37 - 2015-05-01 13:37 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2015-05-01 13:37 - 2015-05-01 13:37 - 00000000 ____D () C:\ProgramData\Yammer
2015-05-01 13:36 - 2015-05-01 13:36 - 00483496 _____ () C:\Users\Kevin\Downloads\YammerDesktopSetup.exe
2015-04-29 08:01 - 2015-05-07 10:24 - 00318511 _____ () C:\Users\Kevin\Downloads\DualMonitorTools-1.10.zip
2015-04-28 07:56 - 2015-04-28 07:57 - 00278816 _____ () C:\Windows\Minidump\042815-18610-01.dmp
2015-04-28 07:56 - 2015-04-28 07:56 - 444176998 _____ () C:\Windows\MEMORY.DMP
2015-04-24 10:55 - 2015-04-24 10:57 - 00000000 ____D () C:\Users\Kevin\Downloads\BASRT-B_Firmware_Ver_2.7.2
2015-04-22 11:30 - 2015-04-22 11:30 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Dell SonicWALL
2015-04-22 11:14 - 2015-04-22 11:14 - 00002146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global VPN Client.lnk
2015-04-22 11:14 - 2013-12-03 16:25 - 00095120 _____ (Dell SonicWALL, Inc.) C:\Windows\system32\Drivers\SWIPsec.sys
2015-04-22 11:13 - 2015-04-22 11:13 - 00000000 ____D () C:\Program Files\Dell SonicWALL
2015-04-22 11:12 - 2015-04-22 11:12 - 18484208 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\GVCSetup32_4.9.0.1202_EN.exe
2015-04-22 11:12 - 2015-04-22 11:12 - 15550232 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\GVCSetup64_4.9.0.1202_EN.exe
2015-04-21 14:56 - 2015-04-21 14:56 - 00001814 _____ () C:\Users\Kevin\Documents\K03 Turbos.txt
2015-04-20 14:02 - 2015-04-20 14:02 - 00000974 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-04-20 14:02 - 2015-04-20 14:02 - 00000958 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-04-20 14:02 - 2015-04-20 14:02 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeInIgnition
2015-04-20 14:02 - 2015-02-16 18:10 - 00086912 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-04-20 14:02 - 2015-02-16 18:09 - 00085864 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-04-20 14:02 - 2015-02-16 18:09 - 00031592 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-04-20 14:02 - 2015-02-16 17:59 - 00047640 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-04-20 14:01 - 2015-05-11 19:47 - 00000000 ____D () C:\Program Files\LogMeIn
2015-04-20 14:00 - 2015-04-20 14:00 - 27893760 _____ () C:\Users\Kevin\Downloads\LogMeIn.msi
2015-04-20 08:41 - 2015-04-20 08:41 - 00000000 ____D () C:\Users\Kevin\Downloads\SystemMonitorII
2015-04-20 08:39 - 2015-04-20 08:39 - 00392544 _____ () C:\Users\Kevin\Downloads\SystemMonitorII.zip
2015-04-20 08:25 - 2015-05-11 20:17 - 00000304 _____ () C:\Windows\errord.log
2015-04-17 12:25 - 2015-04-17 13:45 - 00000000 ____D () C:\Program Files\SpeedFan
2015-04-17 12:25 - 2015-04-17 12:25 - 00000969 _____ () C:\Users\Kevin\Desktop\SpeedFan.lnk
2015-04-17 12:25 - 2015-04-17 12:25 - 00000045 _____ () C:\Windows\system32\initdebug.nfo
2015-04-17 12:25 - 2015-04-17 12:25 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-04-17 12:24 - 2015-04-17 12:24 - 02218504 _____ () C:\Users\Kevin\Downloads\instspeedfan451.exe
2015-04-15 13:26 - 2015-04-15 13:26 - 00000000 ____D () C:\Users\Kevin\Downloads\E7752v1.2
2015-04-15 13:25 - 2015-04-15 13:25 - 07758798 _____ () C:\Users\Kevin\Downloads\E7752v1.2.zip
2015-04-15 13:12 - 2015-04-15 13:12 - 70087104 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\NDP451-KB2858728-x86-x64-AllOS-ENU.exe
2015-04-15 12:52 - 2015-05-11 20:18 - 00002708 _____ () C:\Windows\setupact.log
2015-04-15 12:52 - 2015-04-15 12:52 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-15 10:07 - 2015-03-24 23:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 10:07 - 2015-03-24 23:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 10:07 - 2015-03-24 23:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:07 - 2015-03-24 23:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:07 - 2015-03-17 01:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 10:07 - 2015-03-17 01:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:07 - 2015-03-17 01:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 10:07 - 2015-03-17 01:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 10:07 - 2015-03-17 00:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 10:07 - 2015-03-17 00:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 10:07 - 2015-03-17 00:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 10:07 - 2015-03-17 00:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 10:07 - 2015-03-17 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 10:07 - 2015-03-17 00:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 10:07 - 2015-03-17 00:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 10:07 - 2015-03-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 10:07 - 2015-03-17 00:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 10:07 - 2015-03-17 00:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 10:07 - 2015-03-17 00:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 10:07 - 2015-03-17 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 10:07 - 2015-03-05 00:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:06 - 2015-04-01 19:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 10:06 - 2015-03-12 23:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 10:06 - 2015-03-12 23:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 10:06 - 2015-03-12 23:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:06 - 2015-03-12 23:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 10:06 - 2015-03-12 23:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 10:06 - 2015-03-12 23:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 10:06 - 2015-03-12 23:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:06 - 2015-03-12 23:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:06 - 2015-03-12 23:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 10:06 - 2015-03-12 23:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 10:06 - 2015-03-12 23:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 10:06 - 2015-03-12 23:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 10:06 - 2015-03-12 23:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 10:06 - 2015-03-12 23:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:06 - 2015-03-12 23:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 10:06 - 2015-03-12 23:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:06 - 2015-03-12 23:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 10:06 - 2015-03-12 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:06 - 2015-03-12 22:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 10:06 - 2015-03-12 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 10:06 - 2015-03-12 22:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 10:06 - 2015-03-12 22:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 10:06 - 2015-03-12 22:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 10:06 - 2015-03-12 22:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 10:06 - 2015-03-12 22:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 10:06 - 2015-03-12 22:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:06 - 2015-03-12 22:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 10:06 - 2015-03-12 22:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 10:06 - 2015-03-12 22:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 10:06 - 2015-03-12 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:56 - 2015-03-04 00:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:56 - 2015-03-04 00:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:43 - 2015-03-09 23:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:43 - 2015-03-09 23:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:43 - 2015-02-24 23:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 18:54 - 2015-05-07 10:21 - 04532776 _____ (Piriform Ltd) C:\Users\Kevin\Downloads\dfsetup219.exe
2015-04-13 08:52 - 2015-04-27 10:44 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-13 08:52 - 2015-04-27 10:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-13 08:52 - 2015-04-13 08:52 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-13 08:52 - 2015-04-13 08:52 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-13 08:52 - 2015-04-13 08:52 - 00000000 ____D () C:\ProgramData\Mozilla
2015-04-13 08:35 - 2015-04-13 08:36 - 40866864 _____ () C:\Users\Kevin\Downloads\Firefox Setup 37.0.1.exe
2015-04-13 08:35 - 2015-04-13 08:35 - 00243312 _____ () C:\Users\Kevin\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-13 08:33 - 2015-04-13 08:33 - 00018005 _____ () C:\bookmarks-2015-04-13.json
2015-04-13 08:21 - 2015-04-13 08:21 - 00000000 ____D () C:\Users\Kevin\Desktop\Old Firefox Data
2015-04-13 08:19 - 2014-09-17 11:41 - 00000822 _____ () C:\Windows\system32\Drivers\etc\hosts.20150413-081947.backup
2015-04-13 08:13 - 2015-05-11 19:47 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-13 08:13 - 2015-04-13 08:15 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2015-04-13 08:13 - 2015-04-13 08:13 - 00001220 _____ () C:\Users\Kevin\Desktop\Spybot - Search & Destroy.lnk
2015-04-13 08:13 - 2015-04-13 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2015-04-13 08:12 - 2015-04-13 08:12 - 16409960 _____ (Safer Networking Limited ) C:\Users\Kevin\Downloads\spybotsd162.exe
2015-04-13 08:05 - 2015-04-13 08:05 - 00000721 _____ () C:\kvmitremove.bat
2015-04-13 07:58 - 2015-04-13 08:00 - 00000000 ____D () C:\ProgramData\10317275555858018056
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 20:26 - 2009-07-14 00:34 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-11 20:26 - 2009-07-14 00:34 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-11 20:25 - 2012-12-13 18:52 - 00786474 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 20:25 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\tracing
2015-05-11 20:22 - 2014-05-29 14:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Spotify
2015-05-11 20:21 - 2012-12-13 18:49 - 01782753 _____ () C:\Windows\WindowsUpdate.log
2015-05-11 20:19 - 2014-06-03 09:42 - 00058170 _____ () C:\Users\Kevin\PanGPA.log
2015-05-11 20:19 - 2014-05-29 14:49 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Spotify
2015-05-11 20:18 - 2014-04-14 10:15 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-11 20:18 - 2014-01-15 11:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 20:18 - 2013-08-15 09:59 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-11 20:18 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-11 20:10 - 2013-06-06 13:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-11 20:07 - 2012-12-13 18:49 - 00000000 ____D () C:\Users\Kevin
2015-05-11 19:47 - 2015-04-09 09:13 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-11 19:47 - 2014-10-15 10:46 - 00000000 ____D () C:\ProgramData\WebEx
2015-05-11 19:47 - 2014-10-01 14:16 - 00000000 ____D () C:\Windows\Minidump
2015-05-11 19:47 - 2014-06-19 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2015-05-11 19:47 - 2014-06-19 11:11 - 00000000 ____D () C:\Program Files\GoPro
2015-05-11 19:47 - 2014-06-17 11:25 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Equalify
2015-05-11 19:47 - 2014-01-15 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-11 19:47 - 2014-01-15 15:13 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-11 19:47 - 2013-08-01 13:57 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-05-11 19:47 - 2013-02-01 15:19 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mozilla
2015-05-11 19:47 - 2012-12-13 19:46 - 00000000 ____D () C:\Program Files\Cisco
2015-05-11 19:47 - 2012-12-13 19:17 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Akamai
2015-05-11 19:47 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-05-11 19:47 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\registration
2015-05-11 19:46 - 2014-06-19 11:12 - 00000000 ____D () C:\Program Files\CineForm
2015-05-11 19:46 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-05-11 19:35 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Cisco
2015-05-11 12:41 - 2013-02-04 08:20 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TeamViewer
2015-05-11 10:11 - 2013-02-01 14:44 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl
2015-05-11 10:06 - 2015-01-26 17:04 - 00000000 ____D () C:\Users\Kevin\Documents\Email Backup
2015-05-08 07:57 - 2014-05-16 07:30 - 00000514 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1648848259-3717912990-1852430799-1000.job
2015-05-08 07:57 - 2014-01-15 11:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 13:48 - 2013-02-01 23:21 - 00000000 ____D () C:\Users\Kevin\AppData\Local\WorkPlace Tech
2015-05-07 10:23 - 2014-01-15 15:13 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-07 09:38 - 2013-08-02 09:23 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Schneider_Electric_Buildi
2015-05-06 15:16 - 2013-06-07 12:33 - 00000000 ____D () C:\Program Files\Defraggler
2015-05-06 10:32 - 2014-06-20 10:52 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-05-06 10:32 - 2013-08-12 11:36 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Notepad++
2015-05-06 09:11 - 2013-06-25 08:59 - 00002240 ____H () C:\Users\Kevin\Documents\Default.rdp
2015-05-06 07:58 - 2013-07-31 13:52 - 00000000 ____D () C:\Users\Kevin\Downloads\AS Stuff
2015-05-05 20:21 - 2015-02-06 11:12 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-05 09:29 - 2015-03-16 09:41 - 00000000 ____D () C:\Users\Kevin\Documents\Schneider Electric StruxureWare
2015-05-05 08:31 - 2015-03-20 16:24 - 00000122 _____ () C:\Users\Kevin\AppData\Roaming\System Monitor II_UptimeRecord.ini
2015-05-04 15:10 - 2013-11-04 15:37 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-04 15:09 - 2014-10-21 12:28 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-05-04 15:09 - 2014-10-21 12:28 - 00000000 ____D () C:\Program Files\Java
2015-05-01 13:37 - 2012-12-13 19:15 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Deployment
2015-05-01 10:01 - 2013-08-01 13:57 - 00000000 ____D () C:\ProgramData\Schneider Electric StruxureWare
2015-05-01 09:34 - 2014-01-29 15:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Schneider Electric StruxureWare
2015-04-30 09:29 - 2014-05-28 13:15 - 00033015 _____ () C:\Users\Kevin\Documents\PaymentsWorkSheet.xlsx
2015-04-24 11:08 - 2015-03-26 14:59 - 00000000 _____ () C:\Users\Kevin\.sam-ba.historysource
2015-04-24 11:07 - 2015-03-26 14:56 - 00000182 _____ () C:\Users\Kevin\_sam-ba.rc
2015-04-23 08:46 - 2013-06-26 08:45 - 00000000 ____D () C:\Users\Kevin\Desktop\Network Config Shortcuts
2015-04-23 08:45 - 2013-06-11 09:07 - 00000000 ____D () C:\NS
2015-04-22 11:39 - 2015-03-20 16:15 - 00000000 ____D () C:\ProgramData\{fee806fa-2ef4-e4e1-fee8-806fa2ef1be8}
2015-04-22 11:22 - 2013-07-10 17:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-22 11:16 - 2013-06-07 09:26 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-22 11:13 - 2013-09-03 10:19 - 00000000 ____D () C:\Program Files\Common Files\Deterministic Networks
2015-04-22 11:11 - 2014-01-14 15:28 - 00000000 ___RD () C:\Users\Kevin\Dropbox (MC2)
2015-04-22 11:10 - 2014-01-14 15:02 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Dropbox
2015-04-21 15:05 - 2012-12-13 18:49 - 00000000 ____D () C:\Users\Kevin\AppData\Local\VirtualStore
2015-04-21 14:58 - 2013-02-04 08:17 - 00000000 ____D () C:\Program Files\TeamViewer
2015-04-21 09:34 - 2014-06-12 13:20 - 00012022 _____ () C:\Users\Kevin\advanced_ip_scanner_MAC.bin
2015-04-20 14:02 - 2015-02-20 09:18 - 00001024 _____ () C:\.rnd
2015-04-20 11:58 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\rescache
2015-04-20 11:31 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-20 08:21 - 2013-02-01 21:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-20 08:16 - 2013-02-01 22:38 - 00000039 _____ () C:\Windows\vbaddin.ini
2015-04-20 08:13 - 2009-07-13 22:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-04-17 10:10 - 2013-06-06 13:40 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-17 10:10 - 2013-06-06 13:40 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-13 17:31 - 2014-01-14 15:27 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Files in the root of some directories =======
2015-03-20 20:38 - 2015-03-20 20:38 - 0002413 _____ () C:\Users\Kevin\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2015-03-20 16:24 - 2015-05-05 08:31 - 0000122 _____ () C:\Users\Kevin\AppData\Roaming\System Monitor II_UptimeRecord.ini
2015-03-09 19:46 - 2015-03-09 19:46 - 0000643 _____ () C:\Users\Kevin\AppData\Local\CastleLinkProps.dat
2013-06-06 15:48 - 2013-10-22 13:20 - 0007624 _____ () C:\Users\Kevin\AppData\Local\Resmon.ResmonCfg
Files to move or delete:
====================
C:\Users\Kevin\PanPortalCfg.dat
Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2oqose.dll
C:\Users\Kevin\AppData\Local\Temp\installservice.exe
C:\Users\Kevin\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Kevin\AppData\Local\Temp\npp.6.7.5.Installer.exe
C:\Users\Kevin\AppData\Local\Temp\npp.6.7.7.Installer.exe
C:\Users\Kevin\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Kevin\AppData\Local\Temp\sfareca00001.dll
C:\Users\Kevin\AppData\Local\Temp\sfextra.dll
C:\Users\Kevin\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 12:15
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by Kevin at 2015-05-11 20:28:16
Running from C:\Users\Kevin\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1648848259-3717912990-1852430799-500 - Administrator - Disabled)
Guest (S-1-5-21-1648848259-3717912990-1852430799-501 - Limited - Disabled)
Kevin (S-1-5-21-1648848259-3717912990-1852430799-1000 - Administrator - Enabled) => C:\Users\Kevin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 17.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Advanced IP Scanner 2.3 (HKLM\...\{A02F51A7-1982-4B69-8BD3-7D2B86179752}) (Version: 2.3.2161 - Famatech)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.60 - Hulubulu Software)
Akamai NetSession Interface (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AtomTime Pro 3.1d (HKLM\...\AtomTime Pro_is1) (Version: 3.1d - Naissan Innovations, LLC)
BB FlashBack Pro (HKLM\...\BB FlashBack Pro) (Version: 2.8.4.2116 - Blueberry)
BIG-IP Edge Client Components (All Users) (HKLM\...\F5 Networks Client Components) (Version: 70.2012.1109.1344 - F5 Networks, Inc.)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Building Operation WorkPlace Tech Editor 1.6 (Version: 1.6.1780 - Schneider Electric) Hidden
Canon MP210 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series) (Version: - )
Castle Link (HKLM\...\{102EA762-2C73-418C-B7DC-438870E8BCBF}) (Version: 3.57.24 - Castle Creations)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
CPS R01.00 (HKLM\...\Mag One Series Radios) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell System Detect (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Dell System Manager (HKLM\...\{3EC64C00-4BBC-4C0A-9F95-40E3EDA72837}) (Version: 1.7.10000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
DriveWizard HVAC (HKLM\...\DriveWizard HVAC) (Version: 1.1.4.000 - Yaskawa America, Inc.)
DriveWizard HVAC (Version: 1.1.4.000 - Yaskawa America, Inc.) Hidden
Dropbox (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DU Meter (HKLM\...\DUMeter3_is1) (Version: 6.40 - Hagel Technologies Ltd.)
DVDFab 8.1.9.0 (06/07/2012) Qt (HKLM\...\DVDFab 8 Qt RePack TuSoft_is1) (Version: - )
Echelon LNS Server (HKLM\...\{EACDEFA8-8BCD-4E9D-BC41-DF59ACD748BB}) (Version: 3.22.042 - Echelon Corporation)
Echelon LonMaker Turbo Edition (HKLM\...\{D414AB30-37F3-4D22-8040-164713DCD0FB}) (Version: 3.24.12 - Echelon Corporation)
Echelon Multi-Port Router (HKLM\...\{D611F33B-4586-45EE-89A6-D55E0A956292}) (Version: 1.00.16 - Echelon Corporation)
Echelon OpenLDV 4.0 (HKLM\...\{266C3F8F-F098-4731-B82F-E2D60868ADE0}) (Version: 4.00.102 - Echelon Corporation)
EchelonMergeModulesInstaller1.6 (Version: 1.6.0 - Schneider Electric) Hidden
Equalify v2.5.3 (Stable) (HKLM\...\{33EC4F70-9F4B-406F-BB2A-F75A285E927D}) (Version: 2.5.3.0 - Equalify)
Flow Balance 3.0 (HKLM\...\{6A898967-7A26-4EDB-8033-0F7D68B77B85}) (Version: 3.00.0000 - TAC)
Free OGG To MP3 Converter (HKLM\...\{6CD2E731-A707-4B8C-BCFE-CA322B158A75}) (Version: 1.0.0 - Convert Audio Free)
Git version 1.9.5-preview20141217 (HKLM\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Global VPN Client (HKLM\...\{C0EB418B-05EB-425C-BB9C-791A9EE36B3A}) (Version: 4.9.0 - Dell SonicWALL)
GlobalProtect (HKLM\...\{F4551F2B-C4AE-425E-BCDC-660C521C3512}) (Version: 1.2.10 - Palo Alto Networks)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
GRLevel3 version 1.41 (HKLM\...\GRLevel3_is1) (Version: - )
GRLevel3 version 2.17 (HKLM\...\GRLevel3_2_is1) (Version: - )
H8036 Smart Widget (HKLM\...\{13CAFA86-185F-4074-9BF5-B59F948F4019}) (Version: 1.0.0.0 - Schneider Electric)
HP Officejet 7500 E910 Basic Device Software (HKLM\...\{634FA727-B731-4204-AADC-D6F34F41374F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Help (HKLM\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.2.0.001 - HTC Corporation)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
I/A Series Enterprise Server 2.3f (HKLM\...\{428549ED-AFDD-499E-8F48-8F1C623287E3}) (Version: 2.301.529.v1 - TAC LLC)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{4327107B-E95E-415C-9194-458FCED6BF12}) (Version: 13.03.0000 - Intel Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
L-852 Download Tool (HKLM\...\{BDE0ABEC-A808-4E22-B526-E8317EC00282}) (Version: 1.2 - LOYTEC electronics GmbH)
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
LogMeIn (HKLM\...\{A8E20B99-B1A2-4FC0-B38A-A255033D339A}) (Version: 4.1.5022 - LogMeIn, Inc.)
LonMark Resource Files 13.00 (HKLM\...\{D9499ABD-ACC6-4C10-8AA6-7A35700ACFAD}) (Version: 13.00.05 - Echelon Corporation)
LOYTEC LSU-Tool (HKLM\...\{EA78B996-1F3A-44FB-9E3B-F8017FD6E8A4}) (Version: 2.0.1 - LOYTEC electronics GmbH)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marketsplash Shortcuts (HKLM\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 15.0.4711.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Standard 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NaturalReaderFree (HKLM\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
Niagara-3.5.406 (HKLM\...\Niagara-3.5.406) (Version: - )
Niagara-3.6.31 (HKLM\...\Niagara-3.6.31) (Version: - )
Niagara-3.6.406 (HKLM\...\Niagara-3.6.406) (Version: - )
Niagara-3.6.47 (HKLM\...\Niagara-3.6.47) (Version: - )
Niagara-3.7.106 (HKLM\...\Niagara-3.7.106) (Version: - )
Niagara-3.8.37 (HKLM\...\Niagara-3.8.37) (Version: 3.8.37 - NiagaraAX)
NiagaraAX Lon Tunnel (HKLM\...\NiagaraAX Lon Tunnel) (Version: - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4711.1003 - Microsoft Corporation) Hidden
OpenVPN 2.3.6-I603 (HKLM\...\OpenVPN) (Version: 2.3.6-I603 - )
Paint Shop Pro 7 Anniversary Edition (HKLM\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
PC Wizard 2013.2.12 (HKLM\...\PC Wizard 2013_is1) (Version: - CPUID)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QPST 2.7 (HKLM\...\{8035964D-75EB-4463-91DC-3F02EE9CF103}) (Version: 2.7.378 - Qualcomm)
RHINO Connect Software (HKLM\...\{4528FB2C-65B7-4B6E-87CD-D82CAA3529D3}) (Version: 1.3.0.242 - DYMO Corp.)
RICOH Media Driver ver.2.11.01.02 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.11.01.02 - RICOH)
Schneider Electric StruxureWare Building Operation Device Administrator 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Device Administrator) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Enterprise Server 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Enterprise Server) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack da-DK 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack da-DK) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack de-DE 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack de-DE) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack es-ES 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack es-ES) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack fi-FI 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack fi-FI) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack fr-FR 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack fr-FR) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack it-IT 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack it-IT) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack pt-PT 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack pt-PT) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack ru-RU 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack ru-RU) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Language Pack sv-SE 1.6.1.5000 (HKLM\...\StruxureWare 1.6 Language Pack sv-SE) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation License Administrator 1.6.1.5000 (HKLM\...\StruxureWare 1.6 License Administrator) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation License Server 1.6.1.5000 (HKLM\...\StruxureWare 1.6 License Server) (Version: 1.6.1.5000 - Schneider Electric)
Schneider Electric StruxureWare Building Operation Project Configuration Server 1.6.1.35 (HKLM\...\StruxureWare 1.6 Project Configuration Server) (Version: 1.6.1.35 - Schneider Electric)
Schneider Electric StruxureWare Building Operation WorkStation 1.6.1.5000 (HKLM\...\StruxureWare 1.6 WorkStation) (Version: 1.6.1.5000 - Schneider Electric)
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.34998 Beta - TeamViewer)
T-Mobile webConnect Manager (HKLM\...\{10B74F6B-4C40-4DA3-BD03-D362381ABAE1}) (Version: 2.04.0030.0 - T-Mobile) <==== ATTENTION
Tracer BACnet Setup Tool 3.1 (HKLM\...\{7A63521D-3109-4FF8-BFD6-D7B5D11268CC}) (Version: 3.1.82 - Trane)
Trane TechView (HKLM\...\TechView) (Version: 14.0 - Trane, Inc.)
Ulead GIF Animator 2.0 Full Version (HKLM\...\Ulead GIF Animator 2.0 Full Version) (Version: - )
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
U-Tune (micro-lite) (HKLM\...\ST6UNST #1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6900 - Broadcom Corporation)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 beta 5 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.5 - win.rar GmbH)
Wireshark 1.12.0 (32-bit) (HKLM\...\Wireshark) (Version: 1.12.0 - The Wireshark developer community, http://www.wireshark.org)
WorkPlace Tech Dispatcher (Version: 3.0.1782 - Schneider Electric) Hidden
WorkPlace Tech Editor Components 5.8 (Version: 5.8.1781 - Schneider Electric) Hidden
WorkPlaceTech Tool 5.8.6 (HKLM\...\InstallShield_{0B20D1EE-AD9B-496E-902B-C3D241FD2337}) (Version: 5.08.1781 - Schneider Electric Buildings, LLC)
WorkPlaceTech Tool 5.8.6 (Version: 5.08.1781 - Schneider Electric Buildings, LLC) Hidden
Yammer Notifier (HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\...\8c3c8c06fefda92b) (Version: 1.0.0.564 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{0EA8420E-55D0-4BA5-9D19-7C47B66F23A4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{104B7F00-06EE-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{11CCB123-6D12-11CF-A701-00A02437DFA5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{11CCB126-6D12-11CF-A701-00A02437DFA5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{1350104F-06A7-11D4-B9A7-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{13501051-06A7-11D4-B9A7-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{13501053-06A7-11D4-B9A7-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{1FD19C96-2D53-11CF-B5F7-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{1FD19C99-2D53-11CF-B5F7-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2275652C-7730-11D1-81E1-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2275652F-7730-11D1-81E1-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{22756532-7730-11D1-81E1-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2B6A7521-186E-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2B6A7523-186E-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2B6A7525-186E-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2B6A7527-186E-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{2CFAF127-D083-11D1-8253-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{325623A1-117B-11D0-B9B5-00001D01C8C2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D82-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D84-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D86-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D88-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D8A-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D8C-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D8E-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D90-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D92-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{32910D94-9796-11D3-99AB-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{37396BE1-F68F-11CF-8420-02608C3C7386}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{37396BE4-F68F-11CF-8420-02608C3C7386}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{39820A41-9DDC-11D3-99B2-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{39820A43-9DDC-11D3-99B2-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{44EC053A-400F-11D0-9DCD-00A0C90391D3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{463FEC43-CB6A-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{463FEC45-CB6A-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{4A402A69-9228-11CF-B5FA-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{4D92DAE1-0D6D-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{57A93421-2EEC-11CF-B5F7-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{5E3FCDA2-FB94-11CF-8EF8-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{5E3FCDA4-FB94-11CF-8EF8-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{611763F0-9EAC-11D2-BF04-006097C6A872}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{611763F1-9EAC-11D2-BF04-006097C6A872}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{64DD3AFB-71BD-492E-B536-4EB35D23D300}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{6ABD1781-9624-11CF-B5FA-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{6ABD1783-9624-11CF-B5FA-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{77BEC051-DD8E-11D2-B94B-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{7A5B650C-030A-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{826739A1-DF04-11CF-8420-02608C3C7386}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{826739A3-DF04-11CF-8420-02608C3C7386}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53A0-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53A2-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53A4-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53A6-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53A8-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{848B53AA-C4BE-11CF-8EC9-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\2185\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097E2-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097E5-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097E8-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097EB-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097EE-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{858097FD-2365-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{89B89DC1-8635-11CF-B5FA-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{89B89DC3-8635-11CF-B5FA-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{93FD6C5C-5AF6-4879-BDA2-C6ED44A4583B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{9745E501-2D9D-11D0-B9B5-00001D01C8C2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{98B7E7A1-032B-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{A096B74E-2EAA-4E82-846F-30E09EFEF554}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{A2C00AE2-26C5-4240-931A-119ACCB774FB}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{A4414511-09EB-11D0-8F03-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{BCA0AFC1-C9D8-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{BCA0AFC3-C9D8-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{BCA0AFC5-C9D8-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{BCA0AFC7-C9D8-11CF-B5FE-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C6375481-2F14-11CF-B5F7-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C6375483-2F14-11CF-B5F7-101015C10000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C7ACDB52-F06E-11CF-8CB9-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C7ACDB54-F06E-11CF-8CB9-0080C80D2758}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C8C68DC2-7FDD-11D2-BEDD-006097C6A872}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C8C68DC3-7FDD-11D2-BEDD-006097C6A872}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{C8C68DF2-7FDD-11D2-BEDD-006097C6A872}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files\Git\git-cheetah\git_shell_ext.dll ()
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{CDAB5924-EB24-11D3-B9A0-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{D7B44292-2714-11D0-8F0F-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{D7B44294-2714-11D0-8F0F-00A02437DF9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{D962F552-A9C1-44BE-914A-4876299DF9D9}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{DB450008-9764-11D6-819E-005056C00008}\localserver32 -> C:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{DB47EEF8-B757-4E5C-B0A2-D59FEC5B2659}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{E239E317-E701-11D2-B94E-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{EA875321-3875-11CF-B696-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{EA875323-3875-11CF-B696-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{F86C85A7-E6FD-48FA-8CC7-CAD5139B67B3}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FC92A149-E31F-11D2-B94E-00104B210209}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FCCC4BE1-0E30-11CF-9AE0-0020AFD34749}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1648848259-3717912990-1852430799-1000_Classes\CLSID\{FD3E9EF2-DA45-4597-9C6B-3684FE6727A0}\InprocServer32 -> No File Path
==================== Restore Points =========================
01-05-2015 08:27:00 Windows Update
01-05-2015 10:01:07 Installed H8036 Smart Widget.
04-05-2015 08:56:48 Windows Update
06-05-2015 08:01:38 Installed H8036 Smart Widget.
06-05-2015 11:16:06 Device Driver Package Install: TAP-Windows Provider V9 Network adapters
08-05-2015 08:08:44 Windows Update
08-05-2015 09:56:04 Removed LogMeIn
11-05-2015 08:15:42 Windows Update
11-05-2015 10:30:33 Removed Cisco AnyConnect Secure Mobility Client
11-05-2015 10:34:21 Installed Cisco AnyConnect Secure Mobility Client
11-05-2015 10:53:46 Removed Cisco AnyConnect Secure Mobility Client
11-05-2015 14:35:06 Windows Update
11-05-2015 19:34:41 BeforeAnyConnectReinstall
11-05-2015 20:01:47 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2015-05-01 13:02 - 00466232 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1F9E372F-4747-4733-B0F3-D95AABC6A55C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-04-22] (Microsoft Corporation)
Task: {2E53C35C-8171-45D1-88F6-A9A43B27D4D6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Kevin-PC-Kevin Kevin-PC.mc2inc.com => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-03-10] (Microsoft Corporation)
Task: {2F677A3D-EE7D-4467-BB9B-20DE025264A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {318D9D7E-28E4-4A7B-91A3-27EE5A022C21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-15] (Google Inc.)
Task: {48B9CF87-BA14-4F2D-9BFC-DFEB71CE77A6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {66B2A091-50B5-48AB-A141-10F855BB3AAF} - System32\Tasks\G2MUpdateTask-S-1-5-21-1648848259-3717912990-1852430799-1000 => C:\Program Files\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-13] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {8ACBA9C0-0E77-4840-976A-63F2E66B50B2} - System32\Tasks\{8C3AD994-F919-4F0B-B5EA-10D3467602A8} => pcalua.exe -a "C:\Program Files\Notepad++\notepad++.exe"
Task: {8D2AACCC-2621-4E22-95C2-9746DC860C11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {A022D6B2-C214-4685-9699-DDF78707E6E4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B0AF04EC-D041-44EA-9778-E446A777A794} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {BBB969E5-C92E-4D34-A4C6-C8DA204045CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-04-22] (Microsoft Corporation)
Task: {CCA12853-0385-4D30-8096-C49020F50A9E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D679D6D7-ED0F-40E3-8A5F-4EA1D416A59E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {F639D7CD-D729-4B64-88B7-36CA38D12810} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {F92D40B0-F0A9-4CCE-A95E-5BFD3CD715C9} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1648848259-3717912990-1852430799-1000.job => C:\Program Files\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-03-26 11:44 - 2013-03-26 11:44 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-27 12:57 - 2015-03-27 12:57 - 00131072 _____ () C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\Enterprise Server\bin\asn1ber.dll
2015-03-27 12:57 - 2015-03-27 12:57 - 00421376 _____ () C:\Program Files\Schneider Electric StruxureWare\Building Operation 1.6\Enterprise Server\bin\asn1rt.dll
2010-09-27 12:56 - 2010-09-27 12:56 - 00221315 _____ () C:\Users\Kevin\AppData\Local\Temp\INSTAL~1.EXE
2015-02-06 11:12 - 2014-05-20 03:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2013-08-02 12:33 - 2013-08-02 12:33 - 00246544 _____ () C:\niagara\niagara-3.6.406\bin\niagarad.exe
2013-08-02 12:33 - 2013-08-02 12:33 - 00429568 _____ () C:\niagara\niagara-3.6.406\bin\platform.dll
2013-08-02 12:33 - 2013-08-02 12:33 - 00045568 _____ () C:\niagara\niagara-3.6.406\bin\nre.dll
2013-08-02 12:33 - 2013-08-02 12:33 - 00102400 _____ () C:\niagara\niagara-3.6.406\bin\zlibwapi.dll
2013-08-02 12:33 - 2013-08-02 12:33 - 00151552 _____ () C:\niagara\niagara-3.6.406\bin\dialup.dll
2013-08-02 12:33 - 2013-08-02 12:33 - 00035328 _____ () C:\niagara\niagara-3.6.406\bin\ddns.dll
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2015-03-05 16:46 - 2015-03-05 16:46 - 00114176 _____ () C:\Program Files\Trane\TracerTU.Service\EvoUSB.exe
2015-03-18 14:18 - 2015-01-27 10:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-02-16 11:47 - 2014-12-17 22:23 - 00334464 _____ () C:\Program Files\Git\git-cheetah\git_shell_ext.dll
2014-05-12 05:49 - 2014-05-12 05:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2010-10-15 19:14 - 2010-10-15 19:14 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:107902CB
AlternateDataStreams: C:\ProgramData\TEMP:E18B7D31
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1648848259-3717912990-1852430799-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [TCP Query User{32CD9DA5-9E17-432A-B90A-E2A254BD33ED}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4CB6F6E-855F-44CF-AAE4-7049D06EFA52}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E94D615A-6F89-4F01-ABD8-BE9482990E07}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AD43BC8D-B2F3-49F5-8D32-52937C19C654}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{D0ED4C16-E252-48D3-90A1-5B283C02CC60}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{399AC21C-83F9-411C-98E8-12A77D3561C3}C:\users\kevin\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\kevin\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{373C848F-5D97-4BBC-8F64-579AFB33A961}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [UDP Query User{81489398-E514-40D5-8B9C-0062AED07960}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [TCP Query User{F9661A94-2D6C-4583-AA30-F326A4DD635A}C:\niagara\niagara-3.6.47\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.6.47\bin\wb_w.exe
FirewallRules: [UDP Query User{39A932AE-DE94-4CD4-AF8B-5DC8B7CCC614}C:\niagara\niagara-3.6.47\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.6.47\bin\wb_w.exe
FirewallRules: [TCP Query User{E2DE3CBA-B5DF-4A8C-8114-AF0BA5C389F7}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [UDP Query User{B76C0C63-8D37-4A2A-BB08-8267E4844D3B}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [TCP Query User{9F3D4BE4-6976-46B0-AAB3-B8D091C9268F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{89B45FD5-B20E-4C39-9776-BDBE224A70FC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{EDEEEDAD-AE6E-41A8-B8A1-ED11F117732D}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{317C851D-298D-48DD-BE7C-344EA1FBA03A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{24A27615-C79B-4E31-BD54-0777068EB76F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C8E986DA-1A1D-4B37-A796-0F4F0C0F68A2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{C868C606-E6CA-4C37-9212-9BF11775E8CF}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [UDP Query User{3591960B-A6DF-4FB6-A8D9-AF43F866F6A7}C:\program files\workplace tech\rtmonitor.exe] => (Allow) C:\program files\workplace tech\rtmonitor.exe
FirewallRules: [{048DF965-C84C-429A-B2C6-A5386296F2BA}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{316774E1-D642-4ECD-A649-ABC9750F4297}C:\niagara\niagara-3.7.106\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.7.106\bin\wb_w.exe
FirewallRules: [UDP Query User{147B5ECD-7B08-44D9-8675-7B0D9D1DD1EF}C:\niagara\niagara-3.7.106\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.7.106\bin\wb_w.exe
FirewallRules: [{647F9615-5544-4EFF-827A-15203AE232C9}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9AEE00CD-A6CB-4EAD-9504-2963FAA7F254}] => (Allow) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{699680B9-9C0D-4CAA-A735-90B2DB08731F}C:\niagara\niagara-3.7.106\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.7.106\bin\wb_w.exe
FirewallRules: [UDP Query User{BC4C1CA9-1D3E-4478-B407-AD6B7D139913}C:\niagara\niagara-3.7.106\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.7.106\bin\wb_w.exe
FirewallRules: [TCP Query User{A1132308-F96A-4D57-8E1F-098CF98C38FC}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FF45B53E-EE4B-4F11-BC44-0A7FD40992D1}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{075343E6-5726-4F02-A156-356FEE001E53}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe
FirewallRules: [{77B00A00-B079-4238-B9FF-A015F26761B0}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe
FirewallRules: [{EA0F47F1-E693-41B1-B7B8-FAE386D63BC4}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8E9FAFC9-34DC-4423-90C4-32C1002854DB}] => (Allow) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{E886EDC9-3C75-47B3-8C7A-79AEE9D23D52}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{53633EC0-7DBA-4A36-AAE0-FB4C6A34081C}C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kevin\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{57367065-347C-49B9-A13E-71A50AB492A2}] => (Allow) C:\Users\Kevin\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{EEED1B0D-26DE-487B-850C-33E9D1BC8ADF}] => (Allow) C:\Users\Kevin\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{306E6217-527C-458B-B778-5C545B65929E}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D4ADF186-4EFF-44F2-B121-1D17D1C8A98A}C:\users\kevin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kevin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BDDE637F-55EE-4D9C-8AB6-3CB7F0CE9753}] => (Allow) C:\Users\Kevin\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{877BECCC-97B8-45DF-87C4-65D50BDB3A93}] => (Allow) C:\Users\Kevin\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{61AD0C55-E341-431E-AAF3-454451691E38}C:\niagara\niagara-3.6.406\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.6.406\bin\wb_w.exe
FirewallRules: [UDP Query User{49CFCE81-A9D2-4DFA-B314-8BB0FCBB9E8F}C:\niagara\niagara-3.6.406\bin\wb_w.exe] => (Allow) C:\niagara\niagara-3.6.406\bin\wb_w.exe
FirewallRules: [{89B9B57D-76DF-42DC-8F6B-63C6900CB71B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{08D339C2-C52D-4E52-9163-83DC98E87CE9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{94836126-62B5-4A4C-961D-904098B0A8BB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DF72F684-8EF5-4D99-866D-5BD3FEAE0C57}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9AC5A6F2-57DD-4A6A-996A-DCC279E02538}C:\program files\lonworks\bin\ptserv32.exe] => (Allow) C:\program files\lonworks\bin\ptserv32.exe
FirewallRules: [UDP Query User{42BA96EE-7FEB-4669-B4B6-04D69F4FB6BF}C:\program files\lonworks\bin\ptserv32.exe] => (Allow) C:\program files\lonworks\bin\ptserv32.exe
FirewallRules: [TCP Query User{51349BDC-002F-4F01-850F-2536C53BD5A4}C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe] => (Allow) C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe
FirewallRules: [UDP Query User{7BB2ED9E-4890-4673-BD66-D81A5E4489A1}C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe] => (Allow) C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe
FirewallRules: [TCP Query User{BAE5D2B6-5911-4D8D-83E9-F956FCCF5D79}C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe] => (Allow) C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe
FirewallRules: [UDP Query User{39312CEB-E2A6-48EA-8A60-A807F85418B3}C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe] => (Allow) C:\users\kevin\downloads\bacnet_visualtestshell_3.6.2\vts.exe
FirewallRules: [TCP Query User{6D749287-A338-4158-A687-6CC6D5A5E36B}C:\program files\loytec\l852dl\l852dl.exe] => (Allow) C:\program files\loytec\l852dl\l852dl.exe
FirewallRules: [UDP Query User{9B46DA40-1FD6-4FBE-895A-FB7925437AF5}C:\program files\loytec\l852dl\l852dl.exe] => (Allow) C:\program files\loytec\l852dl\l852dl.exe
FirewallRules: [{1E0C4724-6A86-40D4-B34C-A2D5DEAC59D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4A8F3D0C-FECE-443E-B55C-A629BDAC16DE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{41221074-0999-4463-982F-7510418745C7}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [TCP Query User{5281BA0E-E6EC-4404-AC0C-5CB53D42C89D}C:\program files\loytec\l852dl\l852dl.exe] => (Allow) C:\program files\loytec\l852dl\l852dl.exe
FirewallRules: [UDP Query User{B9BC8699-BC31-4BF3-97E7-3307B09827FB}C:\program files\loytec\l852dl\l852dl.exe] => (Allow) C:\program files\loytec\l852dl\l852dl.exe
FirewallRules: [{AB2AB2E0-F142-44DA-8365-747396B4B840}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{E7CD29E0-DD6B-4AB6-9C69-3DF5D41E7375}] => (Allow) C:\Users\Kevin\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [TCP Query User{4045A68A-2C8B-438E-B089-367DC46B10B8}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{845F7C99-CE5E-40B5-969B-3CBB44410728}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{5054248F-A196-48B4-B6DF-E3C399F06F6B}C:\users\kevin\downloads\basrtp-b_firmware_ver_2.7.2\bdt 2.03.00.exe] => (Allow) C:\users\kevin\downloads\basrtp-b_firmware_ver_2.7.2\bdt 2.03.00.exe
FirewallRules: [UDP Query User{071F7118-DBB6-495E-B607-CEACD2903A7F}C:\users\kevin\downloads\basrtp-b_firmware_ver_2.7.2\bdt 2.03.00.exe] => (Allow) C:\users\kevin\downloads\basrtp-b_firmware_ver_2.7.2\bdt 2.03.00.exe
FirewallRules: [{59D1BF41-24E4-4324-8B15-79413ACA12FE}] => (Allow) LPort=49186
FirewallRules: [{38D51726-85C4-4267-88B8-553241D2D01F}] => (Allow) LPort=5000
==================== Faulty Device Manager Devices =============
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/11/2015 08:18:08 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:49:05 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:37:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c67f
Faulting process id: 0x1678
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
Error: (05/11/2015 07:37:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c670
Faulting process id: 0x168c
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
Error: (05/11/2015 07:37:19 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c5df
Faulting process id: 0x210c
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
Error: (05/11/2015 07:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c67f
Faulting process id: 0x122c
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
Error: (05/11/2015 07:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsl04aa69f2.
System Error:
The system cannot find the file specified.
.
Error: (05/11/2015 07:34:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c670
Faulting process id: 0x12e0
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
Error: (05/11/2015 07:33:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vpnagent.exe, version: 3.1.3103.0, time stamp: 0x5151c1c1
Faulting module name: Dbghelp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7bc
Exception code: 0xc0000005
Fault offset: 0x0004c5df
Faulting process id: 0x1d0c
Faulting application start time: 0xvpnagent.exe0
Faulting application path: vpnagent.exe1
Faulting module path: vpnagent.exe2
Report Id: vpnagent.exe3
System errors:
=============
Error: (05/11/2015 08:18:21 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NiagaraAX Lon Tunnel service depends the following service: vlonax. This service might not be installed.
Error: (05/11/2015 08:18:10 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (05/11/2015 08:18:07 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain MC2INC due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (05/11/2015 07:49:09 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The NiagaraAX Lon Tunnel service depends the following service: vlonax. This service might not be installed.
Error: (05/11/2015 07:49:06 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (05/11/2015 07:49:04 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain MC2INC due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (05/11/2015 07:49:01 PM) (Source: Microsoft Antimalware) (EventID: 2004) (User: )
Description: %60 has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: %24
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: %600
Error: (05/11/2015 07:40:47 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (05/11/2015 07:40:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (05/11/2015 07:40:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
Error: (05/11/2015 08:18:08 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:49:05 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:37:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c67f167801d08c437d15a774C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dllbce5aed3-f836-11e4-a52d-1c659d4e8030
Error: (05/11/2015 07:37:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c670168c01d08c437773258eC:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dllb74f13cf-f836-11e4-a52d-1c659d4e8030
Error: (05/11/2015 07:37:19 PM) (Source: CiscoVpnInstallService) (EventID: 0) (User: )
Description: CiscoVpnInstallService error: 0check_run_installer: Failed to find InstallRunOncePath
Error: (05/11/2015 07:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c5df210c01d08c432ecf90bfC:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dll6cf3206d-f836-11e4-bfd6-1c659d4e8030
Error: (05/11/2015 07:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c67f122c01d08c431deaf908C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dll5c2b1939-f836-11e4-bfd6-1c659d4e8030
Error: (05/11/2015 07:34:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsl04aa69f2.
System Error:
The system cannot find the file specified.
Error: (05/11/2015 07:34:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c67012e001d08c42f967aa87C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dll37867774-f836-11e4-bfd6-1c659d4e8030
Error: (05/11/2015 07:33:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vpnagent.exe3.1.3103.05151c1c1Dbghelp.dll6.1.7601.175144ce7b7bcc00000050004c5df1d0c01d08c42ecc4bc72C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exeC:\Windows\system32\Dbghelp.dll2ae38960-f836-11e4-bfd6-1c659d4e8030
CodeIntegrity Errors:
===================================
Date: 2014-06-16 10:49:35.244
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-06-16 10:49:29.182
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-06-16 10:49:15.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3505.85 MB
Available physical RAM: 1749.95 MB
Total Pagefile: 11696.15 MB
Available Pagefile: 9844.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1873.75 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:193.81 GB) NTFS
Drive f: (READYBOOST) (Removable) (Total:14.82 GB) (Free:10.82 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 703A6C88)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Edited by BrianDrab, 21 May 2015 - 09:00 AM.
Removed Code Tags to make it easier to read