This topic is locked
Hey guys. The internet at my parents' home is infected. My (work) laptop has had no issues till date. Then I came here and have been using the home wifi. And there's clearly an infection.
Symptoms:
1) Random clicks around the text or while selecting some text or even somewhere in the background (even on sites like Youtube, Huffington Post, Reddit, Facebook and Twitter) result in a new tab opening ads (download flash, some video player, etc. - I immediately close the tab). The links that these tabs open are:
http://www.totaladpe...ay.php?r=425636
http://www.totaladpe...424196767620742
http://ad-type.googl...10345&f=popup-u
http://www.totaladpe...209161370061338
2) Similar behavior for when I use my phone connected to the same wifi network. I can't open any link at all on FB and Twitter because it redirects the landing page to some 3rd party website (which even makes the phone vibrate notification style).
3) My data limit got breached. I do use a lot of data - and I recently downloaded some torrents (kat.ph + utorrent), but I've done that before coming here (and I've been here only for a week) and it's never been a problem. I feel that something else is definitely using up the data.
4) My sister (who lives here) has been facing the same issue for quite some time now on her laptop. No one else uses the wifi except for Dad and that too only for gmail (using our laptops).
5) When I use my telco's internet on my laptop (hotspot from my phone) or just internet on my phone, this problem does not happen. Additionally, when I'm connected to my office's VPN, this problem doesn't happen. This is just with my home wifi. I'm starting to think that my router may be infected (is that possible?)
What I've done so far:
1) I deleted all my unknown cookies and run scans on mine and my sister's laptops (and cleaned all cookies and cache on my phone as well)
2) I downloaded and installed Malwarebytes - scanned and it found nothing
The problem continues. Please help.
===
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-08-2015
Ran by aparekh (administrator) on APAREKH-W7N1 (10-08-2015 17:14:19)
Running from C:\Users\aparekh\Desktop
Loaded Profiles: aparekh (Available Profiles: aparekh & a32421)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\HIPS\LDSecSvc64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(LANDesk Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
(Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE
(LANDesk Software Ltd.) C:\Windows\SysWOW64\cba\pds.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\collector.exe
(Kontiki Inc.) C:\Program Files (x86)\Kontiki\KService.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
(Microsoft Corp.) C:\Program Files\Microsoft\MDOP MBAM\MBAMAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\SoftMon.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\HIPS\VIGUARD.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(© 2015 Microsoft Corporation) C:\Users\aparekh\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Cisco Systems, Inc) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe
(Code 42 Software, Inc.) C:\Program Files\CrashPlan\CrashPlanTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Kontiki Inc.) C:\Program Files (x86)\Kontiki\KHost.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LANDESK Software, Inc. and its affiliates.) C:\Program Files (x86)\LANDesk\LDClient\rcgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [456808 2014-12-04] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [168152 2014-09-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-06] (Synaptics Incorporated)
HKLM\...\Run: [LANDesk Endpoint Security] => C:\Program Files (x86)\LANDesk\LDClient\HIPS\ViGUARD.EXE [3590872 2014-11-12] (LANDESK Software, Inc. and its affiliates.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe [1174816 2015-01-07] (Intel Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [kdx] => C:\Program Files (x86)\Kontiki\KHost.exe [1380472 2015-03-24] (Kontiki Inc.)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [1] => >net time /DOMAIN /SET
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\Run: [GoogleChromeAutoLaunch_E5C0C1F6B45F0D5BC272F63C0DBEC393] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\Run: [BingSvc] => C:\Users\aparekh\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\Run: [Cisco Jabber] => C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe [87040 2015-05-22] (Cisco Systems, Inc)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\Run: [Google Update] => C:\Users\aparekh\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-07-04] (Google Inc.)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan PROe Tray.lnk [2015-06-17]
ShortcutTarget: CrashPlan PROe Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ew...ack/SK2M_FRPage
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2012-04-13] (Cisco WebEx LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL [2014-04-17] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-07-27] (Oracle Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll [2012-04-13] (Cisco WebEx LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-07-27] (Oracle Corporation)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2012-04-13] (Cisco WebEx LLC)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll [2012-04-13] (Cisco WebEx LLC)
Tcpip\Parameters: [DhcpNameServer] 37.220.8.189 31.3.252.73
Tcpip\..\Interfaces\{62A7C5F8-4EA1-47E7-85AA-F7C8771939E1}: [DhcpNameServer] 172.21.195.101 172.21.195.102
Tcpip\..\Interfaces\{780EEA35-E119-495C-9D3E-2A5A4BEC112F}: [DhcpNameServer] 37.220.8.189 31.3.252.73
FireFox:
========
FF ProfilePath: C:\Users\aparekh\AppData\Roaming\Mozilla\Firefox\Profiles\lop2x3j8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-23] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-23] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.85.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.85.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-07-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: @tools.google.com/Google Update;version=3 -> C:\Users\aparekh\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: @tools.google.com/Google Update;version=9 -> C:\Users\aparekh\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: bluejeans.com/bjninstallplugin -> C:\Users\aparekh\AppData\Roaming\Blue Jeans\bjnplugin\2.100.95.8\npbjninstallplugin_2.100.95.8.dll [2015-07-21] (Blue Jeans)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: bluejeans.com/bjnplugin -> C:\Users\aparekh\AppData\Roaming\Blue Jeans\bjnplugin\2.100.95.8\npbjnplugin_2.100.95.8.dll [2015-07-21] (Blue Jeans)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: bluejeans.com/rbjninstallplugin -> C:\Users\aparekh\AppData\Roaming\Blue Jeans\rbjnplugin\2.100.102.8\nprbjninstallplugin_2.100.102.8.dll [2015-07-31] (Blue Jeans)
FF Plugin HKU\S-1-5-21-2812736381-1914932952-2891920474-144118: bluejeans.com/rbjnplugin -> C:\Users\aparekh\AppData\Roaming\Blue Jeans\rbjnplugin\2.100.102.8\nprbjnplugin_2.100.102.8.dll [2015-07-31] (Blue Jeans)
FF user.js: detected! => C:\Users\aparekh\AppData\Roaming\Mozilla\Firefox\Profiles\lop2x3j8.default\user.js [2015-06-17]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-06-25] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\aparekh\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-06-25] (Cisco WebEx LLC)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\WebEx\Productivity Tools
FF Extension: ocplugin - C:\Program Files (x86)\WebEx\Productivity Tools [2015-06-10]
Chrome:
=======
CHR Profile: C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-15]
CHR Extension: (Google Docs) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-15]
CHR Extension: (Google Drive) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-15]
CHR Extension: (YouTube) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-15]
CHR Extension: (Google Cast) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-07-04]
CHR Extension: (Google Search) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-15]
CHR Extension: (Zomato) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpkojgbclmcfkcangfplnaakcmgoambl [2015-06-15]
CHR Extension: (Google Sheets) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-15]
CHR Extension: (AdBlock) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-07-04]
CHR Extension: (Okta Secure Web Authentication Plug-in) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\glnpjglilkicbckjpbgcfkogebgllemb [2015-06-15]
CHR Extension: (Cisco WebEx Extension) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-06-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-15]
CHR Extension: (TabCloud) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2015-06-15]
CHR Extension: (Gmail) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-15]
CHR Profile: C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-17]
CHR Extension: (Google Docs) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-17]
CHR Extension: (Google Drive) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-17]
CHR Extension: (YouTube) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-17]
CHR Extension: (Bing) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmkckgpgekmanipelfidlhmkfcjicion [2015-07-17]
CHR Extension: (Google Search) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-17]
CHR Extension: (Google Sheets) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-17]
CHR Extension: (Google Wallet) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-17]
CHR Extension: (Gmail) - C:\Users\aparekh\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-17]
CHR HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CBA8; C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe [170760 2015-01-15] (LANDesk Software, Inc. and its affiliates.)
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [223232 2014-02-20] (Code 42 Software) [File not signed]
S4 enstart64; C:\Windows\system32\enstart64.exe [1172992 2015-06-10] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-12-04] (Intel Corporation)
R2 Intel Local Scheduler Service; C:\Program Files (x86)\LANDesk\LDClient\LocalSch.EXE [239264 2014-09-26] (LANDESK Software, Inc. and its affiliates.)
R2 Intel PDS; C:\Windows\SysWOW64\CBA\pds.exe [32825 2014-06-20] (LANDesk Software Ltd.) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-14] (Intel® Corporation)
R2 ISSUSER; C:\Program Files (x86)\LANDesk\LDClient\issuser.exe [1600936 2014-12-10] (LANDESK Software, Inc. and its affiliates.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2015-01-07] (Intel Corporation)
R2 KService; C:\Program Files (x86)\Kontiki\KService.exe [5441664 2015-03-24] (Kontiki Inc.)
R2 LANDesk Targeted Multicast; C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe [221736 2014-10-02] (LANDESK Software, Inc. and its affiliates.)
R2 LDSecSvc; C:\Program Files (x86)\LANDesk\LDClient\HIPS\LDSecSvc64.EXE [2439880 2014-11-12] (LANDESK Software, Inc. and its affiliates.)
R2 MBAMAgent; C:\Program Files\Microsoft\MDOP MBAM\MBAMAgent.exe [239528 2011-06-15] (Microsoft Corp.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2014-04-17] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2014-04-17] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2014-04-17] (Symantec Corporation)
R2 Softmon; C:\Program Files (x86)\LANDesk\LDClient\softmon.exe [681128 2015-01-14] (LANDESK Software, Inc. and its affiliates.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20150728.013\BHDrvx64.sys [1650936 2015-08-06] (Symantec Corporation)
R1 ccSettings_{2FF4FBED-F03A-4EE2-AC58-C985811A4FBE}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2014-04-17] (Symantec Corporation)
R2 CISMBIOS; C:\Windows\system32\drivers\cismbios.sys [22016 2014-06-20] (LANDESK Software, Inc. and its affiliates.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
S3 enstart64_; C:\Windows\system32\enstart64_.sys [74472 2015-06-10] (Guidance Software Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20150807.011\IDSvia64.sys [671448 2015-06-08] (Symantec Corporation)
S3 ldblank; C:\Windows\System32\DRIVERS\ldblank.sys [20992 2014-06-20] (LANDesk Software, Inc. and its affiliates.)
R3 ldmirror; C:\Windows\System32\DRIVERS\ldmirror.sys [5120 2014-06-20] (LANDesk Software, Inc. and its affiliates.)
R0 LDSecDrv; C:\Windows\System32\Drivers\LDSecDrv.sys [217152 2014-11-12] (LANDESK Software, Inc. and its affiliates.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-01-07] (Intel Corporation)
R3 mirrorflt; C:\Windows\System32\DRIVERS\mirrorflt.sys [7168 2014-06-20] (LANDesk Software, Inc. and its affiliates.)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150809.022\ENG64.SYS [138488 2015-06-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20150809.022\EX64.SYS [2146040 2015-06-24] (Symantec Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3437848 2014-12-16] (Intel Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [2599128 2014-09-12] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [32424 2015-02-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-11-18] (Synaptics Incorporated)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2014-04-17] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2014-04-17] (Symantec Corporation)
S3 SyDvCtrl; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\SyDvCtrl64.sys [34800 2014-04-17] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2014-04-17] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2014-04-17] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-06-10] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2014-04-17] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2014-04-17] (Symantec Corporation)
R1 SysPlant; C:\Windows\System32\Drivers\SysPlant.sys [155352 2015-06-10] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [92456 2014-04-17] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 17:14 - 2015-08-10 17:14 - 00029320 _____ C:\Users\aparekh\Desktop\FRST.txt
2015-08-10 17:13 - 2015-08-10 17:14 - 00000000 ____D C:\FRST
2015-08-10 17:10 - 2015-08-10 17:11 - 02171392 _____ (Farbar) C:\Users\aparekh\Desktop\FRST64.exe
2015-08-10 11:05 - 2015-08-10 11:05 - 05369407 _____ C:\Users\aparekh\Documents\Campus Hire Deck for Colleges.pptx
2015-08-08 02:43 - 2015-08-08 02:43 - 00017598 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e07.hdtv.x264.define.ettv.torrent
2015-08-07 15:48 - 2015-08-07 15:49 - 00000000 ____D C:\Users\aparekh\Documents\JSA on Google Play
2015-08-07 15:17 - 2015-08-07 15:20 - 04799414 _____ C:\Users\aparekh\Downloads\campushire-pitch-082015.pptx
2015-08-07 15:01 - 2015-08-07 15:02 - 04915340 _____ C:\Users\aparekh\Downloads\15.03.03_LI_JobSearch_Trigger Series-R5-welcome.psd
2015-08-06 22:34 - 2015-08-06 22:34 - 00000000 __SHD C:\Users\aparekh\Documents\cache
2015-08-06 22:33 - 2015-08-06 22:34 - 00300792 _____ (Cisco WebEx LLC) C:\Users\aparekh\Downloads\X19fbWVldGluZ3NfMzkzNDkxNTM1NV9YNDdXM0laWEVLTjNIT0ZKSlVJWEYxM1AwWl9XQlgxMV9TREpUU3dBQUFBSUItM2ZpeUVzS21Kd1ZzYw==_webex.exe
2015-08-05 21:18 - 2015-08-05 21:18 - 00105116 _____ C:\Users\aparekh\Downloads\[kat.cr]inside.out.2015.hd.ts.xvid.ac3.hq.hive.cm8.torrent
2015-08-05 10:36 - 2015-08-05 10:36 - 00097907 _____ C:\Users\aparekh\Downloads\Campus Hire Market Sizing & Resourcing 040815.xlsx
2015-08-05 10:35 - 2015-08-05 10:36 - 03361505 _____ C:\Users\aparekh\Downloads\CampusHire - Market Sizing and Resourcing 150804.pptx
2015-08-04 21:23 - 2015-08-04 21:23 - 00284384 _____ C:\Windows\Minidump\080415-10374-01.dmp
2015-08-04 14:31 - 2015-08-04 14:31 - 00147972 _____ C:\Users\aparekh\Downloads\[kat.cr]minions.2015.720p.hdts.x264.aac.cpg.torrent
2015-08-04 09:02 - 2015-08-04 09:02 - 00015823 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e06.hdtv.x264.asap.ettv.torrent
2015-08-04 09:02 - 2015-08-04 09:02 - 00015385 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e05.hdtv.x264.killers.ettv.torrent
2015-08-04 00:27 - 2015-08-04 00:27 - 00017885 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e04.hdtv.x264.killers.ettv.torrent
2015-08-03 22:37 - 2015-08-03 22:37 - 00015635 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e03.hdtv.x264.asap.ettv.torrent
2015-08-03 22:36 - 2015-08-03 22:36 - 00017925 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e02.hdtv.x264.killers.ettv.torrent
2015-08-03 18:22 - 2015-08-03 18:22 - 00026272 _____ C:\Users\aparekh\Downloads\[kat.cr]mr.robot.s01e01.hdtv.x264.proper.lol.ettv.torrent
2015-08-03 17:11 - 2015-08-03 17:11 - 00016463 _____ C:\Users\aparekh\Downloads\[kat.cr]noobsubs.shingeki.no.kyojin.attack.on.titan.ova.1.5.480p.dvd.8bit.aac.mp4.torrent
2015-08-03 16:23 - 2015-08-03 16:23 - 05463622 _____ C:\Users\aparekh\Downloads\Brand Slides For Deep Dive 2014 12 11 0730.pptx
2015-08-03 11:05 - 2015-08-04 10:39 - 00268856 _____ C:\Users\aparekh\Documents\Campus Hire Pitch Deck Inputs.pptx
2015-08-03 10:50 - 2015-08-03 10:50 - 02120728 _____ C:\Users\aparekh\Downloads\Product Review - Campus Hiring - 12 May 2015 - Pre-Readv1.0 (1).pptx
2015-08-03 10:47 - 2015-08-10 00:18 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 10:47 - 2015-08-03 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-03 10:47 - 2015-08-03 10:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-03 10:47 - 2015-08-03 10:47 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-03 10:47 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-03 10:47 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-03 10:47 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-03 10:41 - 2015-08-03 10:42 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\aparekh\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-02 22:31 - 2015-08-02 22:31 - 00026028 _____ C:\Users\aparekh\Downloads\[kat.cr]shingeki.no.kyojin.1.25.attack.on.titan.season.1.720p.torrent
2015-07-31 18:52 - 2015-07-31 18:52 - 00000000 ____D C:\Users\aparekh\Tracing
2015-07-31 18:49 - 2015-08-01 19:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-31 18:49 - 2015-07-31 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-31 18:48 - 2015-07-31 18:52 - 40660096 _____ (Skype Technologies S.A.) C:\Users\aparekh\Downloads\SkypeSetupFull (1).exe
2015-07-29 01:32 - 2015-07-30 12:44 - 00034329 _____ C:\Users\aparekh\Documents\Mash-Pilot-Colleges.xlsx
2015-07-27 11:52 - 2015-07-27 11:51 - 00273504 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-07-27 11:51 - 2015-07-27 11:51 - 00175712 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-07-27 11:51 - 2015-07-27 11:51 - 00175712 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-07-27 11:51 - 2015-07-27 11:51 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-27 11:51 - 2015-07-27 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-27 11:51 - 2015-07-27 11:51 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-24 15:10 - 2015-07-24 15:10 - 00000000 ____D C:\Users\aparekh\AppData\Local\CEF
2015-07-24 10:42 - 2015-07-15 08:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-24 10:42 - 2015-07-15 08:49 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-24 10:42 - 2015-07-15 08:49 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-24 10:42 - 2015-07-15 08:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-24 10:42 - 2015-07-15 08:25 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-24 10:42 - 2015-07-15 08:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-24 10:42 - 2015-07-15 08:25 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-24 10:42 - 2015-07-15 08:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-24 10:42 - 2015-07-15 07:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-24 10:42 - 2015-07-15 07:22 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-24 10:42 - 2015-06-27 08:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-24 10:42 - 2015-06-27 08:13 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-24 10:42 - 2015-06-27 07:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-24 10:42 - 2015-06-27 07:09 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-24 10:41 - 2015-07-03 02:51 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-24 10:41 - 2015-07-03 02:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-24 10:41 - 2015-07-03 02:20 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-24 10:41 - 2015-07-03 02:19 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-24 10:41 - 2015-07-03 02:16 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-24 10:41 - 2015-07-03 02:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-24 10:41 - 2015-07-03 01:53 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-24 10:41 - 2015-07-03 01:49 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-24 10:41 - 2015-07-03 01:42 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-24 10:41 - 2015-07-03 01:25 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-24 10:41 - 2015-07-03 00:50 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-24 10:41 - 2015-07-03 00:29 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-24 01:30 - 2015-07-24 01:30 - 00012679 _____ C:\Users\aparekh\Downloads\[kat.cr]silicon.valley.season.2.720p.hdtv.x264.shaanig.torrent
2015-07-23 15:40 - 2015-07-23 15:40 - 00953220 _____ C:\Users\aparekh\Downloads\Dumbledore_Update.pptx
2015-07-23 11:24 - 2015-07-24 12:22 - 00621056 _____ C:\Users\aparekh\Downloads\ready-reckoner-2015.xls
2015-07-23 10:42 - 2015-06-11 23:26 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-23 10:42 - 2015-06-11 22:46 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-23 10:42 - 2015-06-11 22:45 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-23 10:42 - 2015-06-02 05:37 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-23 10:42 - 2015-06-02 05:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-23 10:41 - 2015-07-23 10:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-23 10:41 - 2015-06-25 23:39 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-23 10:41 - 2015-06-25 23:13 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-23 10:41 - 2015-06-21 01:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-23 10:41 - 2015-06-21 01:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-23 10:41 - 2015-06-21 01:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-23 10:41 - 2015-06-21 01:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-23 10:41 - 2015-06-21 01:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-23 10:41 - 2015-06-21 01:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-23 10:41 - 2015-06-21 01:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-23 10:41 - 2015-06-21 01:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-23 10:41 - 2015-06-21 01:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-23 10:41 - 2015-06-21 01:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-23 10:41 - 2015-06-21 01:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-23 10:41 - 2015-06-21 00:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-23 10:41 - 2015-06-21 00:51 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-23 10:41 - 2015-06-21 00:43 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-23 10:41 - 2015-06-21 00:38 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-23 10:41 - 2015-06-21 00:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-23 10:41 - 2015-06-21 00:35 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-23 10:41 - 2015-06-21 00:18 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-23 10:41 - 2015-06-21 00:18 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-23 10:41 - 2015-06-21 00:16 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-23 10:41 - 2015-06-21 00:16 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-23 10:41 - 2015-06-20 23:56 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-23 10:41 - 2015-06-20 23:32 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-23 10:41 - 2015-06-19 23:55 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-23 10:41 - 2015-06-19 23:55 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-23 10:41 - 2015-06-19 23:54 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-23 10:41 - 2015-06-19 23:54 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-23 10:41 - 2015-06-19 23:53 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-23 10:41 - 2015-06-19 23:47 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-23 10:41 - 2015-06-19 23:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-23 10:41 - 2015-06-19 23:43 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-23 10:41 - 2015-06-19 23:43 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-23 10:41 - 2015-06-19 23:33 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-23 10:41 - 2015-06-19 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-23 10:41 - 2015-06-19 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-23 10:41 - 2015-06-19 23:22 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-23 10:41 - 2015-06-19 23:21 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-23 10:41 - 2015-06-19 23:10 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-23 10:41 - 2015-06-19 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-23 10:41 - 2015-06-19 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-23 10:41 - 2015-06-19 22:45 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-23 10:41 - 2015-06-19 22:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-23 10:32 - 2015-07-23 18:37 - 00114688 _____ C:\Users\aparekh\Downloads\ready-reckoner-2014.xls
2015-07-22 15:19 - 2015-07-22 15:20 - 00242712 _____ C:\Users\aparekh\Downloads\Firefox Setup Stub 39.0.exe
2015-07-21 16:40 - 2015-07-21 16:40 - 02704896 _____ C:\Users\aparekh\Downloads\Reealty Buff 6-4-15.ppt
2015-07-16 20:45 - 2015-07-16 20:45 - 00016454 _____ C:\Users\aparekh\Downloads\[kat.cr]louie.s05e08.hdtv.x264.lol.ettv.torrent
2015-07-16 20:45 - 2015-07-16 20:45 - 00012418 _____ C:\Users\aparekh\Downloads\[kat.cr]louie.s05e07.hdtv.x264.lol.ettv.torrent
2015-07-15 21:31 - 2015-08-04 21:23 - 830602922 _____ C:\Windows\MEMORY.DMP
2015-07-15 21:31 - 2015-08-04 21:23 - 00000000 ____D C:\Windows\Minidump
2015-07-15 21:31 - 2015-07-15 21:31 - 00292096 _____ C:\Windows\Minidump\071515-17035-01.dmp
2015-07-14 12:22 - 2015-07-14 13:12 - 00872497 _____ C:\Users\aparekh\Documents\The_Big_Idea - SKILLING IT.pptx
2015-07-14 12:05 - 2015-07-14 12:05 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1
2015-07-14 12:05 - 2015-07-14 12:05 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\BalsamiqMockups3
2015-07-14 12:04 - 2015-07-14 12:04 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Balsamiq Mockups 3.lnk
2015-07-14 12:04 - 2015-07-14 12:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-07-14 12:04 - 2015-07-14 12:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-07-14 12:04 - 2015-07-14 12:04 - 00000000 ____D C:\Program Files (x86)\Balsamiq Mockups 3
2015-07-14 12:01 - 2015-07-14 12:01 - 03858200 _____ C:\Users\aparekh\Downloads\Balsamiq_Mockups_3.1.6.exe
2015-07-14 09:09 - 2015-07-14 09:09 - 02120728 _____ C:\Users\aparekh\Downloads\Product Review - Campus Hiring - 12 May 2015 - Pre-Readv1.0.pptx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-10 17:14 - 2015-07-10 09:48 - 00000000 ____D C:\ProgramData\Kontiki
2015-08-10 17:14 - 2015-06-10 05:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-10 16:47 - 2015-07-02 11:59 - 00000000 ____D C:\Amazon Backup
2015-08-10 16:47 - 2015-06-10 05:09 - 00472590 _____ C:\Windows\SysWOW64\Gms.log
2015-08-10 16:34 - 2015-07-04 14:22 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118UA.job
2015-08-10 16:20 - 2015-06-10 05:30 - 00000448 _____ C:\Windows\system32\config\netlogon.ftl
2015-08-10 16:17 - 2015-06-10 05:17 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-10 11:26 - 2015-06-10 04:57 - 00000000 ____D C:\ProgramData\vulScan
2015-08-10 09:34 - 2015-06-10 05:17 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-10 00:34 - 2015-07-04 14:22 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118Core.job
2015-08-09 23:57 - 2009-07-14 10:15 - 00019328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-09 23:57 - 2009-07-14 10:15 - 00019328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-09 23:52 - 2009-07-14 10:43 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-09 23:46 - 2015-06-15 20:03 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\Skype
2015-08-09 23:46 - 2015-06-09 13:38 - 00006372 _____ C:\Windows\SysWOW64\ldcpu.data
2015-08-09 23:45 - 2015-06-09 13:39 - 00000000 ____D C:\ProgramData\LdSec
2015-08-09 23:45 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-09 23:45 - 2009-07-14 10:21 - 00061455 _____ C:\Windows\setupact.log
2015-08-09 03:51 - 2015-06-10 04:55 - 00309842 _____ C:\Windows\WindowsUpdate.log
2015-08-09 00:28 - 2015-07-04 18:58 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\uTorrent
2015-08-08 03:31 - 2015-06-15 19:57 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\vlc
2015-08-08 02:44 - 2015-07-04 19:07 - 00000000 ____D C:\PirateBooty
2015-08-07 14:52 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 10:36 - 2015-06-09 14:11 - 00052332 __RSH C:\ProgramData\ntuser.pol
2015-08-06 22:35 - 2015-06-25 13:59 - 00000000 ____D C:\ProgramData\WebEx
2015-08-06 22:34 - 2015-06-09 14:33 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\Webex
2015-08-06 10:12 - 2015-06-09 14:06 - 00000009 _____ C:\Windows\liamowner.txt
2015-08-04 14:04 - 2015-06-24 11:50 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\Blue Jeans
2015-08-01 19:12 - 2015-06-16 14:07 - 00000000 ____D C:\Users\aparekh\AppData\Local\JabberWerxCPP
2015-08-01 19:12 - 2015-06-15 20:02 - 00000000 ____D C:\ProgramData\Skype
2015-07-31 18:52 - 2015-06-09 14:33 - 00000000 ____D C:\Users\aparekh
2015-07-27 20:58 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
2015-07-24 22:58 - 2009-07-14 10:15 - 00410248 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-24 15:10 - 2015-06-15 16:43 - 00000000 ____D C:\Users\aparekh\AppData\Local\Adobe
2015-07-24 13:18 - 2015-06-10 05:30 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-23 10:43 - 2015-06-10 05:15 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-23 10:43 - 2015-06-10 05:15 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-23 10:43 - 2015-06-10 05:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-23 10:43 - 2012-11-17 06:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-23 10:41 - 2015-06-10 05:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-23 10:41 - 2015-06-10 05:17 - 00000000 ____D C:\ProgramData\Adobe
2015-07-22 21:46 - 2015-06-10 05:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-22 15:23 - 2015-06-10 05:16 - 00001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-22 15:23 - 2015-06-10 05:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-16 09:12 - 2015-06-10 05:17 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 09:12 - 2015-06-10 05:17 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 00:29 - 2015-07-04 14:22 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118UA
2015-07-16 00:29 - 2015-07-04 14:22 - 00003498 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118Core
2015-07-14 12:03 - 2015-06-09 14:33 - 00000000 ____D C:\Users\aparekh\AppData\Roaming\Adobe
==================== Files in the root of some directories =======
2015-06-10 04:49 - 2015-06-10 04:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\aparekh\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\aparekh\AppData\Local\Temp\BSvcUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-02 01:46
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-08-2015
Ran by aparekh (2015-08-10 17:14:39)
Running from C:\Users\aparekh\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
a32421 (S-1-5-21-4218860331-2946997274-1409398923-500 - Administrator - Disabled) => C:\Users\Administrator
g32421 (S-1-5-21-4218860331-2946997274-1409398923-501 - Limited - Disabled)
liadmin (S-1-5-21-4218860331-2946997274-1409398923-1001 - Administrator - Enabled)
liuser (S-1-5-21-4218860331-2946997274-1409398923-1000 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.1.6 - Balsamiq SRL)
Balsamiq Mockups 3 (x32 Version: 3.1.6 - Balsamiq SRL) Hidden
bjnplugin (HKLM-x32\...\{D14784B7-700E-4B29-AAC7-60DA86D1D67D}) (Version: 2.100.95.8 - Blue Jeans)
ChromecastApp (HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Cisco AnyConnect Start Before Login Module (HKLM-x32\...\{231563BB-B062-4173-8C3F-FF109BEB1C54}) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco Jabber (HKLM-x32\...\{AEE363B0-7E60-43B7-8CB9-111ED29E68CD}) (Version: 10.6.4.63238 - Cisco Systems, Inc)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CrashPlan PROe (HKLM\...\{19C5E720-AA4F-4AF5-8AD0-EB7FF7E15D2D}) (Version: 3.6.3 - Code 42 Software)
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - )
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\{32E600A5-C6F1-38A2-A8CC-B7DEF699D3F1}) (Version: 66.65.49304 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 18.7 - Intel)
Java 7 Update 85 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217085FF}) (Version: 7.0.850 - Oracle)
Kontiki ECDN Client (HKLM-x32\...\{F262A5F6-630C-4059-95C5-8CABC3031822}) (Version: 9.1.212.2 - Kontiki)
LANDESK Advance Agent (x32 Version: 1.0.0 - LANDesk Software) Hidden
LANDesk® Common Base Agent 8 (x32 Version: 9.60.0.225 - LANDesk Software, Ltd) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MDOP MBAM (HKLM\...\{1669699B-087D-4B5A-841D-78D386080A30}) (Version: 1.0.1237.1 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.51.01 - )
rbjnplugin (HKLM-x32\...\{7942A69A-528A-4CC3-9A0C-AB2916F3F727}) (Version: 2.100.102.8 - Blue Jeans)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7329 - Realtek Semiconductor Corp.)
SAFE Servlet (x32 Version: 7.09.06.03 - Guidance Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Symantec Endpoint Protection (HKLM\...\{B53661DC-CD94-4B14-B15F-D9DDCFF72558}) (Version: 12.1.4013.4013 - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.103 - Synaptics Incorporated)
TUGZip 3.5 (HKLM-x32\...\TUGZip_is1) (Version: - Christian Kindahl)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebEx Productivity Tools (HKLM-x32\...\{6883C052-5EE4-45F7-9409-F77AEA9EF1E1}) (Version: 2.29.3207 - Cisco WebEx LLC)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2812736381-1914932952-2891920474-144118_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\aparekh\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2812736381-1914932952-2891920474-144118_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\aparekh\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2812736381-1914932952-2891920474-144118_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\aparekh\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
23-07-2015 10:41:32 Windows Update
23-07-2015 10:42:22 Windows Update
23-07-2015 10:42:39 Windows Update
24-07-2015 10:41:47 Windows Update
24-07-2015 10:42:12 Windows Update
24-07-2015 10:42:27 Windows Update
05-08-2015 19:09:43 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007D89C8-37C8-4E03-9AC6-BDDB97A142F8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-10] (Google Inc.)
Task: {0C0CBEEA-A5F4-4C42-B50A-96D3390A4616} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-04] (Realtek Semiconductor)
Task: {1B2A847F-E4C8-48AB-AB93-A3250D1E9403} - System32\Tasks\{02ABEB50-76F9-4288-9992-B91222D38916} => Chrome.exe http://www.skype.com...LastError=12002
Task: {1C35810D-E336-4C75-84B3-D9977C8230AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {2C286D02-B8F1-4702-941A-C0098C9B2653} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-04] (Realtek Semiconductor)
Task: {59EBC86D-15DB-4528-9414-E2A9498AEF50} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118Core => C:\Users\aparekh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-04] (Google Inc.)
Task: {5EE263F3-0AFC-43C4-BAB8-78CF1894C734} - System32\Tasks\LANDESK Agent Health Bootstrap Task => C:\Program Files (x86)\LANDesk\LDClient\LANDESKAgentBootStrap.exe [2014-09-26] (LANDESK Software, Inc. and its affiliates.)
Task: {6254D7CC-D3F4-4339-B4E4-DFEC61305A86} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-23] (Adobe Systems Incorporated)
Task: {9DFF5355-5F88-4037-85D1-5CC857EECA74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118UA => C:\Users\aparekh\AppData\Local\Google\Update\GoogleUpdate.exe [2015-07-04] (Google Inc.)
Task: {D7307673-F27D-406F-B80A-C6AA952447D1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-09-04] (Realtek Semiconductor)
Task: {E8A39FB8-F544-4334-883A-2FD75241AB71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-10] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118Core.job => C:\Users\aparekh\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2812736381-1914932952-2891920474-144118UA.job => C:\Users\aparekh\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-09 13:38 - 2014-06-20 11:52 - 00028624 _____ () C:\Program Files (x86)\LANDesk\LDClient\HIPS\ENUHipsClient64.dll
2015-06-09 13:38 - 2014-10-10 17:17 - 00123904 _____ () C:\Program Files (x86)\LANDesk\LDClient\HIPS\ENUENCARCHIVE.DLL
2015-06-10 05:22 - 2012-03-12 03:26 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2014-02-20 04:55 - 2014-02-20 04:55 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2015-06-17 10:36 - 2015-06-17 10:36 - 00230400 _____ () C:\Program Files\CrashPlan\cpnative64.dll
2013-09-05 13:47 - 2013-09-05 13:47 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 04:53 - 2010-10-21 04:53 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-06-11 12:05 - 2014-06-11 12:05 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-06-10 04:57 - 2014-07-24 18:59 - 00107008 _____ () C:\Program Files (x86)\LANDesk\LDClient\RollingLog.dll
2015-06-09 13:38 - 2014-10-19 02:49 - 00164352 _____ () C:\Program Files (x86)\LANDesk\LDClient\httprequest.dll
2015-06-09 13:38 - 2014-11-13 05:02 - 00801280 _____ () C:\Program Files (x86)\LANDesk\LDClient\tmcdll.dll
2015-06-09 13:38 - 2014-06-20 09:55 - 00106567 _____ () C:\Program Files (x86)\LANDesk\LDClient\ThinstallManageApi.dll
2015-06-09 13:38 - 2014-07-25 19:36 - 00726520 _____ () C:\Program Files (x86)\LANDesk\LDClient\HIPS\BVDC.DLL
2015-06-09 13:38 - 2014-06-20 11:52 - 00028624 _____ () C:\Program Files (x86)\LANDesk\LDClient\HIPS\ENUHipsClient.dll
2013-09-05 13:44 - 2013-09-05 13:44 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 05:15 - 2010-10-21 05:15 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00271872 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\JCFCoreUtils.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00030720 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\csflogger.dll
2015-03-18 21:29 - 2015-03-18 21:29 - 01241088 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libxml2.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00101888 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\HttpDownloader.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 01208832 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\csfnetutils.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00064000 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\dnsutils.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00158208 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\htmlcxx.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00678400 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\wcl_dll.DLL
2015-05-22 07:25 - 2015-05-22 07:25 - 00690688 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\PluginRuntime.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00449536 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\servicesframework.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00010240 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\PluginResources.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00283136 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\ceb.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00560640 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\ConfigService\ConfigService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00118784 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\SystemMonitor.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 03319296 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\SystemService\SystemService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00513024 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\TelemetryService\TelemetryService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00553472 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\DesktopShareService\DesktopShareService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 02718720 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\TelephonyService\TelephonyService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00892416 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libcxypmp.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00785920 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libcxypme.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 08141824 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libpme.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00027136 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libtaah264codecbase.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00638976 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstreamer-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00010240 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\logitech-vt3fix.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00181248 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstaudio-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00051200 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstinterfaces-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00103424 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstpbutils-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00272896 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstbase-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00049664 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\srtp.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00067072 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstvideo-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00071168 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstrtp-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00037888 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libgstapp-0.10-0.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00010752 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libcxybase.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00919552 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libcxytaf.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 01954816 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libtaf.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00023040 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CDMWrapper.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00258048 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CommunicationsDeviceManager.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00232960 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\accessories_manager.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 05414400 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\IMPresenceServices\IMPresenceServices.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00953856 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\csfcommunicationhistory.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00242688 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\ConversationService\ConversationService.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00024064 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\outlook-recordsource-sink.dll
2015-03-18 21:22 - 2015-03-18 21:22 - 00134656 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libexpatw.dll
2015-05-22 07:16 - 2015-05-22 07:16 - 00200192 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\JabberUpgradePlugin\JabberUpgradePlugin.dll
2015-05-22 07:17 - 2015-05-22 07:17 - 00368640 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\ConversationWindowPlugin\ConversationWindowPlugin.dll
2015-05-22 07:18 - 2015-05-22 07:18 - 00044544 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\PresenceConnectorPlugin\PresenceConnectorPlugin.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00081920 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\ScreenCapture.dll
2015-05-22 07:17 - 2015-05-22 07:17 - 01577984 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\TelephonyPlugin\TelephonyPlugin.dll
2015-05-22 07:17 - 2015-05-22 07:17 - 00194560 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\TelephonyRuntime\TelephonyRuntime.dll
2015-05-22 07:17 - 2015-05-22 07:17 - 00422400 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\TelephonyDeviceSelectionPlugin\TelephonyDeviceSelectionPlugin.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 01863168 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\VoicemailService\VoicemailService.dll
2015-05-22 07:15 - 2015-05-22 07:15 - 00544768 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\PresenceAreaPlugin\PresenceAreaPlugin.dll
2015-05-22 07:16 - 2015-05-22 07:16 - 00147968 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\SoundTab\SoundTab.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00389632 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\services\CommunicationHistoryService\CommunicationHistoryService.dll
2015-05-22 07:16 - 2015-05-22 07:16 - 00209408 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\HuntGroupCallPickupPlugin\HuntGroupCallPickupPlugin.dll
2015-05-22 07:19 - 2015-05-22 07:19 - 01902080 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\JabberMeetingPlugin\JabberMeetingPlugin.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00347648 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\JabberMeeting.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00032768 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Mat_dll.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00052224 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\MExpatWrapper.dll
2015-05-22 07:25 - 2015-05-22 07:25 - 00079872 _____ () C:\Program Files (x86)\Cisco Systems\Cisco Jabber\TriSMD.dll
2015-08-05 22:31 - 2015-07-31 11:49 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-05 22:31 - 2015-07-31 11:49 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2015-01-07 04:10 - 2015-01-07 04:10 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2013-09-05 13:44 - 2013-09-05 13:44 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 05:16 - 2013-02-15 05:16 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-07-03 10:39 - 2015-07-03 10:39 - 20930744 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00322208 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2015-07-03 10:39 - 2015-07-03 10:39 - 45080248 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2015-08-05 22:31 - 2015-07-31 11:49 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2812736381-1914932952-2891920474-144118\Control Panel\Desktop\\Wallpaper -> C:\Users\aparekh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 37.220.8.189 - 31.3.252.73
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E44FEE45-5E29-484F-B362-B8562E820C60}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{96329B16-C23B-43C1-86BF-F3AFA08133D1}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{446C306F-D27E-43A9-87BD-2841AC7F7060}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{3DFB3B4D-B00E-40D4-9943-28A43FB4A311}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{2BD035A7-21EF-4311-9271-EBFD8BB6C901}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{C77E8882-6654-45AE-9568-8D5DAB32ADC6}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{62166C94-5485-4210-A52E-D95156F2E760}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{3E69B55F-9424-4E8A-9252-DC655C3AB321}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{5EDA954C-7CEE-42E1-923C-5796BE1F5E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D9BD9D82-68F1-4F72-A443-086673D94274}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2EE7A5AC-CBA9-4BC3-BB2F-AB464A6B35CA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
FirewallRules: [{4E51CEF8-A2C0-4E4A-9601-80D6F7252176}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
FirewallRules: [{F38788DB-F656-49B7-9BE9-73891CA82288}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
FirewallRules: [{15FF8F12-E9C3-4E2C-9B3E-775E1AC1D3AC}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
FirewallRules: [{7B870B03-F185-4A66-A216-D71C441E2D2B}] => (Allow) C:\Windows\system32\enstart64.exe
FirewallRules: [{0E049A19-CA28-47BF-B59F-618BB09D23B1}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{1B2EBDDD-866D-4F2C-97B2-4608AF7A2F8C}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{3BEB88BD-8CB2-4A72-A2CE-ADB0BA7101E2}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{F3D6F7B6-D450-45FF-A0A3-764126600F49}] => (Allow) C:\Windows\SysWOW64\cba\pds.exe
FirewallRules: [{134D446A-ED9A-4A54-9FF0-B3182352A2B0}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{1F793204-A054-4F42-821D-307413B788C1}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{87780F83-249A-4086-97AA-D4E370BFB321}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{9BD31361-F07F-422D-9935-E024242D3895}] => (Allow) C:\Windows\SysWOW64\msgsys.exe
FirewallRules: [{C82F775D-D332-4AE4-8EAB-B726B87A5767}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{280F0F9E-84FA-4244-8F15-B6116375DB0E}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{1CB84E39-30A1-4102-8F32-7A70E13D9F26}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{8A8258B2-BABD-44D5-B425-280F222B76FF}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\issuser.exe
FirewallRules: [{1BE9B8A0-FB24-4C8E-BCF9-5135AC68CEF3}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{2904E5B7-CC1C-4516-A4F7-C319EBE62228}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{A7A46BF4-5605-49FF-B884-B0CAA25D050B}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{E55BAB79-6305-4F58-91D5-743FD1B70904}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{8642B917-0190-4504-9680-18A5AE9E71B7}] => (Allow) C:\PROGRA~2\LANDesk\LDClient\issuser.exe
FirewallRules: [{EE7C3E5C-E0C0-4BF6-B73F-8B1ACE34304E}] => (Allow) C:\Program Files (x86)\LANDesk\LDClient\tmcsvc.exe
FirewallRules: [{0DF91739-0D3A-416D-9CF9-7D0FFA552530}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentagent.exe
FirewallRules: [{FAB6565F-B027-440E-82B7-E9AEB5AA2DDC}] => (Allow) C:\Windows\system32\CBA\pds.exe
FirewallRules: [{31CE62CB-1EC7-4015-8127-FD1AE76A9574}] => (Allow) %windir%\system32\msgsys.exe
FirewallRules: [{3B1000FB-BB1B-4243-8D98-0A543AFC97B8}] => (Allow) LPort=137
FirewallRules: [{B806E054-B05D-4613-87BB-1DA0051E816D}] => (Allow) LPort=138
FirewallRules: [{D73138B4-F341-42DA-9D36-6036B1E09C48}] => (Allow) LPort=139
FirewallRules: [{88946477-01EF-4B7D-968D-061864D3FC99}] => (Allow) LPort=445
FirewallRules: [{6AAA436E-9C94-4FFB-9C33-A1A60F384059}] => (Allow) LPort=67
FirewallRules: [{D37CA42E-7FB4-41D2-94FB-56256CADE22E}] => (Allow) LPort=67
FirewallRules: [{78CAD8AC-23BB-45C7-B38E-52C8FE9B18FB}] => (Allow) LPort=9535
FirewallRules: [{8A228E79-83F9-4D23-80F3-AF62CE28C088}] => (Allow) LPort=9535
FirewallRules: [{B3A386DA-7248-4951-881D-1F4938FB93B2}] => (Allow) LPort=4343
FirewallRules: [{6C871479-5A48-4FC6-B8FA-EFB7561C0DB0}] => (Allow) LPort=4343
FirewallRules: [{647E6971-64A0-4E5A-B210-17C312ECD85C}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\CiscoJabber.exe
FirewallRules: [{89C1C848-F132-41F8-82E9-972614B111CF}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\wbxcOIEx.exe
FirewallRules: [{DED9198C-C8D1-46F3-BA5B-14D73148FC59}] => (Allow) C:\Program Files (x86)\Cisco Systems\Cisco Jabber\x64\wbxcOIEx64.exe
FirewallRules: [{006A93DF-6DE5-4EF4-9525-C615116CACA5}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{49EC0EC4-16A2-42F1-AF42-B16BF9A4B3C9}] => (Allow) C:\Program Files\CrashPlan\CrashPlanService.exe
FirewallRules: [{BD736BA0-25F8-448A-940B-F081CAF4C0BC}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{27447CFE-DEB7-4660-84D5-8105EFD594E4}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E85316BF-3DF6-4387-835B-14A6A3D9B778}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EFE8C7DC-4FED-4CC2-A8DB-442BB7592426}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4E6E85F9-3A82-4A3E-A52E-02BD7CA8E7EF}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E1D2610C-186A-49C8-B0E4-EE87CB5E15A6}] => (Allow) C:\Users\aparekh\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{60B3313C-9A44-4A5F-B35A-588AA53E63D6}] => (Allow) C:\Program Files (x86)\Kontiki\KService.exe
FirewallRules: [{D9E951C6-2926-4F8B-BD7E-6D88BE3609C5}] => (Allow) C:\Program Files (x86)\Kontiki\KService.exe
FirewallRules: [{6B44A640-DEF7-422A-B500-20BF30540438}] => (Allow) C:\Program Files (x86)\Kontiki\KService.exe
FirewallRules: [{4710EB3B-FBE3-49E9-A821-A608EFE74A98}] => (Allow) C:\Program Files (x86)\Kontiki\KService.exe
FirewallRules: [{C13C15A2-CD02-4634-AA33-690062ADFA6F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5BE2D133-F04C-4CAF-BE6D-417730D981BE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{70D041E5-D808-4FA5-8049-43A37A549A99}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{7FA316A5-C898-4754-93B9-7D1F2B149395}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{52A1F279-2197-4D38-A999-F44BBA4993BD}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{BB0F455C-5684-42AA-ACA8-CDD4901665DB}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{7358A5B5-03C8-41E6-8B56-3913575D57F7}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
FirewallRules: [{33E3E52E-FF6A-41D8-9119-A559FA4FCD96}] => (Allow) C:\Program Files (x86)\LANDesk\Shared Files\residentAgent.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/10/2015 04:32:32 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
Error: (08/10/2015 03:49:36 PM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32: Failed to resolve the Host Name.
Error: (08/10/2015 01:11:35 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
Error: (08/10/2015 01:01:25 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
Error: (08/10/2015 12:33:28 PM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32: Failed to resolve the Host Name.
Error: (08/10/2015 11:26:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: issuser.exe, version: 9.60.2.118, time stamp: 0x54875f2b
Faulting module name: SSLEAY32MT.dll, version: 1.0.1.8, time stamp: 0x53907f75
Exception code: 0xc0000005
Fault offset: 0x0000ebe0
Faulting process id: 0x7d8
Faulting application start time: 0xissuser.exe0
Faulting application path: issuser.exe1
Faulting module path: issuser.exe2
Report Id: issuser.exe3
Error: (08/10/2015 10:58:10 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
Error: (08/10/2015 10:55:48 AM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32: Failed to resolve the Host Name.
Error: (08/10/2015 09:28:49 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
Error: (08/10/2015 09:26:44 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32: The inventory server NSG7-LDESK02.linkedin.biz did not respond.
System errors:
=============
Error: (08/10/2015 04:32:37 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (08/10/2015 03:50:04 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LINKEDIN due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (08/10/2015 02:33:30 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LINKEDIN due to the following:
%%1722
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (08/10/2015 02:30:04 PM) (Source: NETLOGON) (EventID: 5783) (User: )
Description: The session setup to the Windows NT or Windows 2000 Domain Controller \\MPR3-ADC02.linkedin.biz for the domain LINKEDIN
is not responsive. The current RPC call from Netlogon on \\APAREKH-W7N1 to \\MPR3-ADC02.linkedin.biz has been cancelled.
Error: (08/10/2015 02:28:34 PM) (Source: NETLOGON) (EventID: 5783) (User: )
Description: The session setup to the Windows NT or Windows 2000 Domain Controller \\ABG3-ADC02.linkedin.biz for the domain LINKEDIN
is not responsive. The current RPC call from Netlogon on \\APAREKH-W7N1 to \\ABG3-ADC02.linkedin.biz has been cancelled.
Error: (08/10/2015 11:26:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The LANDESK Remote Control Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (08/10/2015 09:26:18 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LINKEDIN due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (08/09/2015 11:46:13 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: LINKEDIN)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (08/09/2015 11:45:34 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (08/09/2015 11:45:22 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LINKEDIN due to the following:
%%1311
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Microsoft Office:
=========================
Error: (08/10/2015 04:32:32 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
Error: (08/10/2015 03:49:36 PM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32
Error: (08/10/2015 01:11:35 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
Error: (08/10/2015 01:01:25 PM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
Error: (08/10/2015 12:33:28 PM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32
Error: (08/10/2015 11:26:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: issuser.exe9.60.2.11854875f2bSSLEAY32MT.dll1.0.1.853907f75c00000050000ebe07d801d0d2cf5b862f8dC:\PROGRA~2\LANDesk\LDClient\issuser.exeC:\PROGRA~2\LANDesk\LDClient\SSLEAY32MT.dll7a8f6048-3f24-11e5-93ba-54ee754729bc
Error: (08/10/2015 10:58:10 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
Error: (08/10/2015 10:55:48 AM) (Source: Inventory Scanner) (EventID: 25) (User: )
Description: ldiscn32
Error: (08/10/2015 09:28:49 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
Error: (08/10/2015 09:26:44 AM) (Source: Inventory Scanner) (EventID: 14) (User: )
Description: ldiscn32NSG7-LDESK02.linkedin.biz
==================== Memory info ===========================
Processor: Intel® Core™ i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 74%
Total physical RAM: 7872.26 MB
Available physical RAM: 2004.41 MB
Total Virtual: 15742.71 MB
Available Virtual: 9709.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.38 GB) (Free:132.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 3C2C7561)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)
==================== End of log ============================
Sign In
Create Account
