Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

reimageplus popups [Closed]

Started by schreineradam , Jun 27 2016 08:53 AM

  • This topic is locked This topic is locked

#1
schreineradam
Posted 27 June 2016 - 08:53 AM

schreineradam

    Member

  • Member
  • PipPip
  • 49 posts

I am getting reimageplus.com popups semi-randomly. It seems to happen when I first open a Chrome windows but I haven't been able to determine a pattern after that.

 

I ran a Malwarebytes scan and here is the log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/25/2016
Scan Time: 9:42 AM
Logfile: Malwarebytes1.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.25.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: aschreiner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 575549
Time Elapsed: 30 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Quarantined, [e93ec839fd9d3105b8208e48e41fd42c], 
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Quarantined, [3fe86e934a50b2848c4c5d790201cd33], 

Registry Values: 2
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 0, Quarantined, [e93ec839fd9d3105b8208e48e41fd42c]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 0, Quarantined, [3fe86e934a50b2848c4c5d790201cd33]

Registry Data: 4
PUM.Optional.ConnectionControlRestriction, HKLM\SOFTWARE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|ConnectionsTab, 1, Good: (0), Bad: (1),Replaced,[d05745bc0793092d2ea3df96b3512cd4]
PUM.Optional.WindowsToolDisabled, HKLM\SOFTWARE\POLICIES\MICROSOFT\WINDOWS NT\SYSTEMRESTORE|DisableConfig, 1, Good: (0), Bad: (1),Replaced,[9f880cf54a50999d57490075f11314ec]
PUM.Optional.ConnectionControlRestriction, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\INTERNET EXPLORER\CONTROL PANEL|ConnectionsTab, 1, Good: (0), Bad: (1),Replaced,[091e05fcf8a2d5612ca5a7ce07fdb44c]
PUM.Optional.WindowsToolDisabled, HKLM\SOFTWARE\WOW6432NODE\POLICIES\MICROSOFT\WINDOWS NT\SYSTEMRESTORE|DisableConfig, 1, Good: (0), Bad: (1),Replaced,[fe29e31ea7f30333c1df6411da2ab050]

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

I then ran a second Malwarebytes scan that came back clear:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/25/2016
Scan Time: 2:56 PM
Logfile: Malwarebytes2.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.25.04
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: aschreiner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 575763
Time Elapsed: 23 min, 59 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

I thought this may have solved the issue but it appears it hasn't. Here is my FRST scan log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02
Ran by aschreiner (administrator) on B705875 (27-06-2016 09:37:49)
Running from C:\Users\aschreiner\Desktop
Loaded Profiles: UpdatusUser & aschreiner (Available Profiles: UpdatusUser & Administrator & altdspcsvc & aschreiner & DefaultAppPool)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Softex Inc.) C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
(Algorithmic Research Ltd.) C:\Program Files\ARX\ARX CryptoKit\utils\ARcltsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Algorithmic Research Ltd.) C:\Program Files\ARX\ARX CryptoKit\utils\ARcltsrv.exe
(Sepialine) C:\Program Files (x86)\Sepialine\Argos7\Agent\Agent.Hosts.AgentService.exe
(Ultimate Net Tools) C:\Program Files (x86)\Common Files\Ultimate Net Tools\Auto Close Idle Updater\ACIUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\cyserver.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\CyveraService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Avaya Inc.) C:\Program Files (x86)\Common Files\Avaya\QoS\QosServM.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
(www.printerlogic.com) C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\bin\PrinterInstallerClientLauncher.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\ramkMsgKernelSvc.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
(Rockwell Automation Inc.) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
(Intergraph PPM) C:\Win32App\INGR\SPLM\Bin\pdlice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tda.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\tdawork.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(www.printerlogic.com) C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\PrinterInstallerClient.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Altiris, Inc.) C:\Program Files\Altiris\Dagent\dagent.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Flexera Software LLC) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Apache Software Foundation) C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\raOSGi.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo) C:\Program Files (x86)\Lenovo\ThinkPad WiFi Radio Control\WiFiRadioControl.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\daq.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RNADirMultiplexor.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Palo Alto Networks, Inc.) C:\Program Files\Palo Alto Networks\Traps\cytray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
(Sepialine) C:\Program Files (x86)\Sepialine\Argos7\Agent\Agent.DesktopClient.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\CmRcService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Igor Nys) C:\Users\aschreiner\AppData\trayit_4_6_5_5\TrayIt!.exe
(www.printerlogic.com) C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\bin\PrinterInstallerClientInterface.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\V-locity Endpoint\VService.exe
(Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Rockwell Automation, Inc.) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\AbtSvcHost_.exe
() C:\ProgramData\Rpcnet\Bin\rpcld.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-05-27] (LogMeIn, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810096 2014-03-16] (Synaptics Incorporated)
HKLM\...\Run: [Cyvera] => C:\Program Files\Palo Alto Networks\Traps\cytray.exe [536928 2015-11-10] (Palo Alto Networks, Inc.)
HKLM-x32\...\Run: [CitrixReceiver] => [X]
HKLM-x32\...\Run: [ConnectionCenter] => [X]
HKLM-x32\...\Run: [Redirector] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Malwarebytes Anti-Malware] => C:\Program Files (x86)\Malwarebytes Anti-Malware\BusinessMessaging.exe [3219456 2016-06-25] (Malwarebytes)
HKLM Group Policy restriction on software: %UserProfile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %UserProfile%\*\fax*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %UserProfile%\fax*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %UserProfile%\*\*\fax*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\*\fax*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\system32\fgdump.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\system32\servpw.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\system32\ncc.dat <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\system32\PWdump.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\system32\nc.dat <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\windows\Psexesvc.exe <====== ATTENTION
HKLM Group Policy restriction on software: %UserProfile%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\fax*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %UserProfile%\*\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %Temp%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4340992 2016-03-22] (Unified Intents AB)
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\Run: [GoogleChromeAutoLaunch_87A70C93CE94F8995F990262CEA6D1BC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {08ff1e90-09d5-11e6-92de-5cc5d404e155} - H:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {5821b02b-1aab-11e5-95ce-54ee753fdd77} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {6b71a0ae-0902-11e6-8116-5cc5d404e155} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {6d97aa78-4d70-11e5-b61f-54ee753fdd77} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {784a56ae-742d-11e5-bc6d-54ee753fdd77} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {86ca6cea-3fa9-11e5-a1d3-54ee753fdd77} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {b350dcc6-c154-11e4-bd83-5cc5d404e155} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {b4477812-03fb-11e6-a3ba-5cc5d404e155} - G:\win\setup.exe -phs
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {e798efe6-c77f-11e5-8ac6-5cc5d404e155} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MountPoints2: {eaacad6b-c5ad-11e4-a356-00059a3c7a00} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\GPhotos.scr [4587520 2015-10-13] (Google Inc.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKU\S-1-5-18\...\Policies\Explorer: [] 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SYSWOW64\NVINIT.DLL => C:\WINDOWS\SYSWOW64\NVINIT.DLL [201576 2013-10-28] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [AccellionHandler1] -> {D927FA16-4560-4EBA-B534-127CF823B89E} => C:\Program Files\Accellion\kitedrive\AccellionIconOverlays.dll [2014-11-17] (Accellion)
ShellIconOverlayIdentifiers: [AccellionHandler2] -> {3652A8BF-9A09-4663-975B-C413B10977BE} => C:\Program Files\Accellion\kitedrive\AccellionIconOverlays.dll [2014-11-17] (Accellion)
ShellIconOverlayIdentifiers: [AccellionHandler3] -> {BE298E1F-8884-4E8E-A125-42ACC47A092F} => C:\Program Files\Accellion\kitedrive\AccellionIconOverlays.dll [2014-11-17] (Accellion)
ShellIconOverlayIdentifiers: [AccellionHandler4] -> {9BDB2FD0-BC0F-4134-AF93-A18C11694E59} => C:\Program Files\Accellion\kitedrive\AccellionIconOverlays.dll [2014-11-17] (Accellion)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
Startup: C:\Users\aschreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk [2016-06-20]
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\aschreiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TrayIt!.lnk [2016-04-04]
ShortcutTarget: TrayIt!.lnk -> C:\Users\aschreiner\AppData\trayit_4_6_5_5\TrayIt!.exe (Igor Nys)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.3.35.120 10.8.35.120
Tcpip\..\Interfaces\{1EB45DD6-BB51-4EA7-91ED-6E75443A2637}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{2E4026C3-4397-46F8-A2DD-43DB8C6DBA73}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{782B81D3-6CD1-488D-AF7F-E06D6D2ADEC8}: [DhcpNameServer] 10.3.35.120 10.8.35.120

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://intranet/
HKU\S-1-5-21-1277301177-2924182014-3333776039-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet/
HKU\S-1-5-21-1277301177-2924182014-3333776039-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://intranet/
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet/
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://intranet/
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-433564024-1784799946-3432143216-187969 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-06-13] (Oracle Corporation)
BHO: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2015-07-06] (Cisco WebEx LLC)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-03-02] (LastPass)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-06-13] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-06-13] (Oracle Corporation)
BHO-x32: WebEx Productivity Tools -> {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} -> C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll [2015-07-06] (Cisco WebEx LLC)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-03-02] (LastPass)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-06-13] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-03-02] (LastPass)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli64.dll [2015-07-06] (Cisco WebEx LLC)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - DL Toolbar - {5E954256-9B33-430F-BB20-77AC5B30533B} - C:\Program Files (x86)\ColumbiaSoft\Document Locator\Client\64BIT\CSSLocatorSearch.dll [2015-04-21] (ColumbiaSoft Corporation)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-03-02] (LastPass)
Toolbar: HKLM-x32 - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files (x86)\WebEx\Productivity Tools\ptonecli.dll [2015-07-06] (Cisco WebEx LLC)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - DL Toolbar - {5E954256-9B33-430F-BB20-77AC5B30533B} - C:\Program Files (x86)\ColumbiaSoft\Document Locator\Client\CSSLocatorSearch.dll [2015-04-21] (ColumbiaSoft Corporation)
Toolbar: HKU\S-1-5-21-433564024-1784799946-3432143216-187969 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {529D447D-B36F-448F-A7D8-FB50EF58CA87} hxxp://brava.burnsmcd.com:8080/BravaSDK/ActiveX/viewer/client/BravaClientXWrapper.cab
DPF: HKLM-x32 {A644122F-80E1-4AD1-B2E9-4F267FC58517} hxxp://brava.burnsmcd.com:8080/IGC/BravaClientXWrapper.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1753
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-23] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-04-08] (Citrix Systems, Inc.)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-06-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-06-13] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-02] (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin: printerlogic.com/PrinterInstallerClientPlugin_x86_64 -> C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\bin\npPrinterInstallerClientPlugin64.dll [2014-01-10] (PrinterLogic)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-04-08] (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-06-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-06-13] (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-03-02] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-12-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: printerlogic.com/PrinterInstallerClientPlugin -> C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\bin\npPrinterInstallerClientPlugin32.dll [2014-01-09] (PrinterLogic)
FF Plugin HKU\S-1-5-21-433564024-1784799946-3432143216-187969: @tools.google.com/Google Update;version=3 -> C:\Users\aschreiner\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-433564024-1784799946-3432143216-187969: @tools.google.com/Google Update;version=9 -> C:\Users\aschreiner\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-06-15]

Chrome: 
=======
CHR Profile: C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2016-03-01]
CHR Extension: (Google Slides) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-02]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-06-25]
CHR Extension: (Google Docs) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-02]
CHR Extension: (Google Drive) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfgjjammlemhdcocpejaompfoojnjjfn [2016-06-23]
CHR Extension: (YouTube) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-06-27]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-01]
CHR Extension: (Google Search) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2015-03-02]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-01-21]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-02]
CHR Extension: (Google Sheets) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-02]
CHR Extension: (Plex) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2016-04-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-06-04]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-04]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-06-24]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-06-23]
CHR Extension: (Google Play Music) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-07]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmmhhijggcmbeejedibpdcahpkneegg [2016-03-04]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-02]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppkddfmnlpjbojooindbmcokchjgbib [2016-05-11]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-11]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikomkkhhpfoeamojhhgpfkpkdlfhfii [2015-03-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojohjpgmcfnholboljmkbcchbipcbci [2016-01-17]
CHR Extension: (Late Night) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2015-03-02]
CHR Extension: (Gmail) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Easy Auto Refresh) - C:\Users\aschreiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKLM\...\Chrome\Extension: [bfgjjammlemhdcocpejaompfoojnjjfn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bfgjjammlemhdcocpejaompfoojnjjfn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-433564024-1784799946-3432143216-187969\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bfgjjammlemhdcocpejaompfoojnjjfn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1784-PCIDS DeviceNet; C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe [116952 2015-11-10] (Rockwell Automation)
R2 AbtSvcHost; C:\Windows\SysWOW64\AbtSvcHost_.exe [84888 2015-10-09] (Absolute Software Corp.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021056 2016-03-03] (Adobe Systems, Incorporated)
R2 Altiris Deployment Agent; C:\Program Files\Altiris\Dagent\dagent.exe [2044416 2013-11-22] (Altiris, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ARcltsrv; C:\Program Files\ARX\ARX CryptoKit\utils\ARcltsrv.exe [117856 2010-12-12] (Algorithmic Research Ltd.)
R2 ArgosAgentSvc; C:\Program Files (x86)\Sepialine\Argos7\Agent\Agent.Hosts.AgentService.exe [26120 2016-01-15] (Sepialine)
R2 AutoCloseIdleUpdater; C:\Program Files (x86)\Common Files\Ultimate Net Tools\Auto Close Idle Updater\ACIUpdater.exe [456816 2013-07-10] (Ultimate Net Tools)
R2 CcmExec; C:\Windows\CCM\CcmExec.exe [1775288 2015-10-27] (Microsoft Corporation)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe [68488 2016-04-14] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [672440 2015-10-27] (Microsoft Corporation)
R2 CyServer; C:\Program Files\Palo Alto Networks\Traps\cyserver.exe [162144 2015-11-10] (Palo Alto Networks, Inc.)
R2 CyveraService; C:\Program Files\Palo Alto Networks\Traps\CyveraService.exe [570720 2015-11-10] (Palo Alto Networks, Inc.)
S3 EmuLogix 5868 Slot2; C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\\V24\EmuLogix5868.exe [3269848 2015-11-10] (Rockwell Automation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 FactoryTalk Activation Service; C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe [1443632 2014-03-10] (Flexera Software LLC)
R2 FTActivationBoost; C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe [157184 2015-12-01] (Rockwell Automation, Inc.)
R2 FTAE_Archiver; C:\Program Files (x86)\Common Files\Rockwell\FTAEArchiver.exe [72920 2015-10-21] (Rockwell Automation, Inc.)
R2 FTAE_HistServ; C:\Program Files (x86)\Common Files\Rockwell\FTAE_HistServ.exe [158936 2015-10-21] (Rockwell Automation, Inc.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
R2 FTSysDiagSvcHost; C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe [76504 2015-07-06] (Rockwell Automation, Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [795664 2016-05-25] (Garmin Ltd. or its subsidiaries)
R2 hasplms; C:\Windows\system32\hasplms.exe [4412872 2012-08-23] (SafeNet Inc.)
R2 iClarityQoSService; C:\Program Files (x86)\Common Files\Avaya\QoS\QosServM.exe [1660416 2015-02-12] (Avaya Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2016-06-10] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2016-06-10] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-05-27] (LogMeIn, Inc.)
S3 LogReceiver; C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\LogReceiver.exe [82648 2015-10-25] (Rockwell Automation, Inc.)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50352 2015-09-25] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50352 2015-09-25] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-03-25] (Microsoft Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$FTVIEWX64TAGDB; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374336 2016-03-25] (Microsoft Corporation)
R2 omniserv; C:\Program Files\Lenovo\Fingerprint Manager Pro\OmniServ.exe [94208 2014-06-25] (Softex Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PrinterInstallerLauncher; C:\Program Files (x86)\Printer Properties Pro\Printer Installer Client\bin\PrinterInstallerClientLauncher.exe [736984 2016-05-19] (www.printerlogic.com)
R2 radaq; C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\daq.exe [5337576 2015-11-03] (Rockwell Automation, Inc.)
R2 ramkMsgKernelSvc; C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\ramkMsgKernelSvc.exe [51176 2015-11-03] (Rockwell Automation, Inc.)
R2 raOSGi; C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\raOSGi.exe [86528 2015-11-03] (Apache Software Foundation) [File not signed]
R2 RemoteServerWin; C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [4340992 2016-03-22] (Unified Intents AB)
R2 RnaAeServer; C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe [165592 2015-10-21] (Rockwell Automation, Inc.)
R2 RnaAlarmMux; C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe [736472 2015-10-21] (Rockwell Automation, Inc.)
R2 Rockwell HMI Diagnostics; C:\Program Files (x86)\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe [112128 2015-08-15] (Rockwell Automation, Inc.)
R2 Rockwell Tag Server; C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe [209920 2015-08-15] (Rockwell Automation, Inc.)
S3 RSLinx; C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE [3319000 2015-10-30] (Rockwell Automation, Inc.)
R2 RSLinxNG; C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe [308440 2015-10-25] (Rockwell Automation, Inc.)
S3 SimModuleService; C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe [102616 2015-11-10] ()
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [317624 2015-10-27] (Microsoft Corporation)
R2 SPLM - SmartPlant Licensing Manager; C:\Win32App\INGR\SPLM\bin\pdlice.exe [450641 2010-06-23] (Intergraph PPM) [File not signed]
S4 SQLAgent$FTVIEWX64TAGDB; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [747800 2015-12-14] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R2 TrapsDumpAnalyzer; C:\Program Files\Palo Alto Networks\Traps\tda.exe [209760 2015-11-10] (Palo Alto Networks, Inc.)
R2 V-locity; C:\Program Files\Condusiv Technologies\V-locity Endpoint\VService.exe [2683152 2014-05-28] (Condusiv Technologies)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [47504 2014-06-13] (Synaptics Incorporated)
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-07-31] (VMware, Inc.)
R2 WiFiRadioControl; C:\Program Files (x86)\Lenovo\ThinkPad WiFi Radio Control\WiFiRadioControl.exe [48192 2011-12-01] (Lenovo)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-08-19] (VMware, Inc.)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [203088 2011-10-11] (X-Rite Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
S3 EmuLogix 5868 Slot0; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /0 [X]
S3 EmuLogix 5868 Slot1; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /1 [X]
S3 EmuLogix 5868 Slot10; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /10 [X]
S3 EmuLogix 5868 Slot11; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /11 [X]
S3 EmuLogix 5868 Slot12; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /12 [X]
S3 EmuLogix 5868 Slot13; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /13 [X]
S3 EmuLogix 5868 Slot14; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /14 [X]
S3 EmuLogix 5868 Slot15; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /15 [X]
S3 EmuLogix 5868 Slot16; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /16 [X]
S3 EmuLogix 5868 Slot3; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /3 [X]
S3 EmuLogix 5868 Slot4; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /4 [X]
S3 EmuLogix 5868 Slot5; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /5 [X]
S3 EmuLogix 5868 Slot6; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /6 [X]
S3 EmuLogix 5868 Slot7; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /7 [X]
S3 EmuLogix 5868 Slot8; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /8 [X]
S3 EmuLogix 5868 Slot9; "C:\Program Files (x86)\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe" /9 [X]
R2 rpcld; C:\ProgramData\Rpcnet\Bin\rpcld.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKSIFDH; C:\Windows\System32\DRIVERS\aksifdh.sys [62632 2008-07-30] (Aladdin Knowledge Systems, Ltd.)
R3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [88376 2013-03-18] (Motorola Solutions, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
R1 CyveraK; C:\Program Files\Palo Alto Networks\Traps\cyverak.sys [193280 2015-11-10] (Palo Alto Networks, Inc.)
R1 Cyvrfsfd; C:\Program Files\Palo Alto Networks\Traps\cyvrfsfd.sys [27392 2015-11-10] (Palo Alto Networks, Inc.)
R1 cyvrmtgn; C:\Program Files\Palo Alto Networks\Traps\cyvrmtgn.sys [167168 2015-11-10] (Palo Alto Networks, Inc.)
R0 DKDFM; C:\Windows\System32\drivers\DKDFM.sys [41712 2014-01-16] (Condusiv Technologies)
R3 DKRtWrt; C:\Windows\system32\drivers\DKRtWrt.sys [53520 2014-05-20] (Condusiv Technologies)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495888 2013-05-06] (Intel Corporation)
S3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-01] (Intel Corporation)
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [142280 2013-10-19] (Intel Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-05-27] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R2 mgdrv; C:\Windows\system32\drivers\mgdrv.sys [62712 2013-04-10] (Moxa Inc. )
R2 mgdrvfilter; C:\Windows\system32\drivers\mgdrvfilter.sys [43768 2013-04-10] (Moxa Inc. )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3603424 2014-01-28] (Intel Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-10-28] (NVIDIA Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [195768 2013-08-16] (O2Micro )
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2014-06-24] ()
R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2013-09-11] (Microsoft Corporation)
S3 radpms; C:\Windows\System32\DRIVERS\radpms.sys [14944 2015-05-27] (LogMeIn, Inc.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-16] (Synaptics Incorporated)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-05-27] (SafeNet, Inc.)
R1 soldisk5; C:\Windows\system32\drivers\soldisk5.sys [230592 2013-12-12] (EldoS Corporation)
R1 solfs5; C:\Windows\system32\drivers\solfs5.sys [418496 2013-12-12] (EldoS Corporation)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [42112 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp64.sys [91008 2010-05-27] (Magic Control Technology Corp.)
R3 uvhid; C:\Windows\System32\DRIVERS\uvhid.sys [25592 2015-11-11] (Windows (R) Win 7 DDK provider)
R1 vintmfs; C:\Windows\system32\drivers\vintmfs.sys [27376 2013-11-21] (Condusiv Technologies)
R0 vintmsd; C:\Windows\System32\drivers\vintmsd.sys [145136 2013-11-21] (Condusiv Technologies)
R1 VirtualBackplane; C:\Windows\System32\Drivers\VirtualBackplane.sys [51200 2015-02-26] (Rockwell Automation)
S3 XRNBO; c:\windows\SysWOW64\drivers\XRNBO.sys [177152 2016-05-21] () [File not signed]
S3 pcidnt; \SystemRoot\System32\Drivers\pcidnt.sys [X]
S3 RSSERIAL; \SystemRoot\SYSTEM32\RSSERIAL.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-27 09:37 - 2016-06-27 09:38 - 00057621 _____ C:\Users\aschreiner\Desktop\FRST.txt
2016-06-27 09:37 - 2016-06-27 09:37 - 02389504 _____ (Farbar) C:\Users\aschreiner\Desktop\FRST64.exe
2016-06-27 09:37 - 2016-06-27 09:37 - 00000000 ____D C:\Users\aschreiner\Desktop\FRST-OlderVersion
2016-06-27 09:37 - 2016-06-27 09:37 - 00000000 ____D C:\FRST
2016-06-27 09:36 - 2016-06-27 09:37 - 02388992 _____ (Farbar) C:\Users\aschreiner\Downloads\FRST64.exe
2016-06-27 09:13 - 2016-06-27 09:20 - 00002043 _____ C:\ProgramData\SCCMHealthCheck.xml
2016-06-27 09:12 - 2016-06-27 09:12 - 00000000 ___SH C:\DkHyperbootSync
2016-06-25 09:40 - 2016-06-25 15:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-25 09:40 - 2016-06-25 14:56 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-25 09:40 - 2016-06-25 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-25 09:40 - 2016-06-25 09:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-25 09:40 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-25 09:40 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-25 09:40 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-25 09:12 - 2016-06-25 09:12 - 00000004 ____H C:\ProgramData\cm-lock
2016-06-24 14:59 - 2016-01-21 11:14 - 00003330 _____ C:\Users\aschreiner\Desktop\KCPLHWTH_Update.lnk
2016-06-24 14:59 - 2014-10-14 10:07 - 00001831 _____ C:\Users\aschreiner\Desktop\KCPLHWTH_ICDB.lnk
2016-06-23 17:02 - 2016-06-27 09:16 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-23 17:02 - 2016-06-23 17:02 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-23 17:01 - 2016-06-27 09:13 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-23 17:01 - 2016-06-23 17:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-23 17:01 - 2016-06-23 17:02 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-23 17:01 - 2016-06-23 17:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 12:48 - 2016-06-17 12:48 - 00314880 _____ C:\Users\aschreiner\Desktop\CableSchedule_Rev_X.xls
2016-06-16 12:15 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2016-06-14 10:12 - 2016-06-14 10:12 - 00000000 ____D C:\Users\aschreiner\Desktop\mint
2016-06-13 13:24 - 2016-06-13 13:24 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-06-13 13:24 - 2016-06-13 13:24 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2016-06-13 13:24 - 2016-06-13 13:24 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2016-06-13 08:03 - 2016-06-13 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-13 08:03 - 2016-06-13 08:03 - 00000000 ____D C:\Program Files\iTunes
2016-06-13 08:03 - 2016-06-13 08:03 - 00000000 ____D C:\Program Files\iPod
2016-06-13 08:03 - 2016-06-13 08:03 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-13 07:55 - 2016-06-13 07:52 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-06-10 13:31 - 2016-06-10 13:32 - 00000000 ____D C:\Users\aschreiner\AppData\Local\Garmin_Ltd._or_its_subsid
2016-06-10 13:31 - 2016-06-10 13:31 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\Garmin
2016-06-10 13:31 - 2016-06-10 13:31 - 00000000 ____D C:\Program Files\DIFX
2016-06-10 13:30 - 2016-06-10 13:31 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-06-10 13:30 - 2016-06-10 13:30 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2016-06-10 13:30 - 2016-06-10 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-06-10 13:30 - 2016-06-10 13:30 - 00000000 ____D C:\ProgramData\Garmin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-27 09:31 - 2015-03-02 14:59 - 00000000 ____D C:\Users\aschreiner\AppData\LocalLow\LastPass
2016-06-27 09:24 - 2016-05-20 08:24 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E}.job
2016-06-27 09:24 - 2016-05-20 08:24 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E}.job
2016-06-27 09:24 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-27 09:23 - 2009-07-13 23:45 - 00017952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-27 09:23 - 2009-07-13 23:45 - 00017952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-27 09:20 - 2015-11-02 00:29 - 00002043 _____ C:\ProgramData\SCCMHealthCheck.xml.lst
2016-06-27 09:20 - 2015-11-02 00:29 - 00002043 _____ C:\ProgramData\SCCMHealthCheck.xml.before.repair
2016-06-27 09:20 - 2015-10-27 19:36 - 00000272 _____ C:\ProgramData\2013.par
2016-06-27 09:20 - 2015-02-19 19:25 - 00000152 __RSH C:\ProgramData\3002.xml
2016-06-27 09:19 - 2016-02-22 16:19 - 00000911 _____ C:\Windows\Tasks\EPSON WF-7620 Series Update {98294E8F-C703-42B2-B61A-42C92F168558}.job
2016-06-27 09:19 - 2016-02-22 16:19 - 00000725 _____ C:\Windows\Tasks\EPSON WF-7620 Series Invitation {98294E8F-C703-42B2-B61A-42C92F168558}.job
2016-06-27 09:14 - 2015-12-15 12:39 - 00000068 __RSH C:\Windows\system32\Drivers\ws2ifsl.winsecurity
2016-06-27 09:14 - 2015-03-05 15:14 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969UA.job
2016-06-27 09:14 - 2015-03-02 10:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-27 09:13 - 2015-12-15 12:39 - 00000068 __RSH C:\Windows\system32\Drivers\WdfLdr.winsecurity
2016-06-27 09:12 - 2012-06-20 10:02 - 00000464 _____ C:\Windows\system32\config\netlogon.ftl
2016-06-27 09:11 - 2015-06-23 11:08 - 00000000 ____D C:\ProgramData\LogMeIn
2016-06-27 09:11 - 2015-02-19 19:26 - 00017408 _____ C:\Windows\system32\rpcnetp.exe
2016-06-25 11:26 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-06-25 09:41 - 2015-03-24 08:05 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-25 09:41 - 2015-03-02 17:21 - 00000000 ____D C:\Users\aschreiner\AppData\Local\CrashDumps
2016-06-25 09:37 - 2015-08-25 15:06 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\vlc
2016-06-25 09:19 - 2009-07-14 00:13 - 00963484 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-25 09:17 - 2015-02-19 18:56 - 00000540 _____ C:\Windows\SMSCFG.ini
2016-06-25 09:16 - 2015-03-02 12:09 - 00000000 ___RD C:\Users\aschreiner\Google Drive
2016-06-25 09:15 - 2016-02-28 14:28 - 00000000 ____D C:\ProgramData\Unified Remote
2016-06-25 09:14 - 2015-03-02 10:33 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-25 09:12 - 2015-06-23 11:08 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2016-06-25 09:11 - 2015-02-19 19:22 - 00078032 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2016-06-25 09:09 - 2015-02-19 19:12 - 00000000 ____D C:\ProgramData\Validity
2016-06-25 09:09 - 2015-02-06 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-25 09:09 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-24 16:28 - 2015-08-14 10:04 - 00000000 ____D C:\Windows\ccmcache
2016-06-24 15:01 - 2015-03-02 16:02 - 00000902 _____ C:\Windows\ODBC.INI
2016-06-24 13:39 - 2015-03-02 10:26 - 00000000 ____D C:\Users\aschreiner\Documents\My Received Files
2016-06-24 12:57 - 2012-06-20 10:04 - 00107656 __RSH C:\ProgramData\ntuser.pol
2016-06-24 09:02 - 2015-03-05 15:14 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969Core.job
2016-06-23 16:53 - 2016-04-01 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Printer Installer
2016-06-23 12:46 - 2015-03-02 23:07 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\Notepad++
2016-06-22 13:03 - 2015-03-05 16:43 - 00000000 ___RD C:\Users\aschreiner\Virtual Machines
2016-06-22 10:54 - 2015-03-02 10:27 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\ColumbiaSoft
2016-06-18 13:00 - 2015-03-02 10:34 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 13:01 - 2015-12-18 17:26 - 00000277 _____ C:\Windows\SlRegEDS.ini
2016-06-16 15:24 - 2015-03-02 10:26 - 00020602 __RSH C:\Users\aschreiner\ntuser.pol
2016-06-16 15:24 - 2015-03-02 10:26 - 00000000 ____D C:\Users\aschreiner
2016-06-16 15:16 - 2015-03-24 08:05 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\TeamViewer
2016-06-15 23:06 - 2012-06-20 10:20 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 10:02 - 2016-01-21 12:59 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Standard.lnk
2016-06-15 10:02 - 2016-01-21 12:59 - 00002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-06-13 13:24 - 2016-03-04 08:33 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-13 13:24 - 2015-12-18 17:33 - 00001764 _____ C:\Windows\.mif
2016-06-13 13:24 - 2015-04-07 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-13 08:30 - 2016-01-05 14:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-06-13 08:03 - 2015-07-02 09:35 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-13 07:55 - 2015-04-07 16:38 - 00000000 ____D C:\Program Files\Java
2016-06-13 07:53 - 2015-08-24 08:44 - 00000000 ____D C:\Users\aschreiner\.oracle_jre_usage
2016-06-13 07:52 - 2015-08-24 08:44 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-06-13 07:43 - 2015-03-02 16:00 - 00007660 _____ C:\Users\aschreiner\AppData\Local\Resmon.ResmonCfg
2016-06-10 13:30 - 2015-02-19 19:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-10 13:24 - 2015-06-23 11:08 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2016-06-10 13:23 - 2015-06-23 11:08 - 00122400 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2016-06-10 13:23 - 2015-06-23 11:08 - 00107520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2016-06-08 15:35 - 2016-03-09 10:09 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\VMware
2016-06-07 14:55 - 2015-03-02 11:01 - 00000000 ____D C:\Users\aschreiner\AppData\Local\IE Tab
2016-06-02 23:01 - 2015-03-02 10:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-01 08:34 - 2016-02-23 14:32 - 00000000 ____D C:\Program Files\7-Zip
2016-06-01 08:26 - 2015-03-02 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-29 21:21 - 2016-04-25 22:51 - 00000000 ____D C:\Users\aschreiner\AppData\Roaming\uTorrent
2016-05-28 21:11 - 2015-02-19 18:56 - 00000000 ____D C:\Windows\CCM

==================== Files in the root of some directories =======

2015-12-07 09:12 - 2015-12-07 09:12 - 6420480 _____ () C:\Program Files (x86)\GUTB0AC.tmp
2015-12-07 09:12 - 2015-12-07 09:15 - 6420480 _____ () C:\Program Files (x86)\GUTB0BB.tmp
2016-02-25 10:00 - 2009-10-27 13:38 - 0186464 _____ (Symantec, Inc.) C:\Program Files (x86)\UNWISE.EXE
2015-03-02 15:00 - 2015-03-02 15:00 - 14242360 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-03-03 09:37 - 2015-03-03 09:41 - 0026975 _____ () C:\Users\aschreiner\AppData\Roaming\Comma Separated Values (Windows).ADR
2015-05-13 12:46 - 2015-05-13 12:47 - 0140637 _____ () C:\Users\aschreiner\AppData\Roaming\redline2stapler.tmp
2015-03-02 16:00 - 2016-06-13 07:43 - 0007660 _____ () C:\Users\aschreiner\AppData\Local\Resmon.ResmonCfg
2015-10-05 12:17 - 2015-10-05 12:17 - 0000000 _____ () C:\Users\aschreiner\AppData\Local\{0302AB34-1CB7-4BE0-81CA-1A4B02B76856}
2015-09-28 10:27 - 2015-09-28 10:27 - 0000000 _____ () C:\Users\aschreiner\AppData\Local\{781D3D05-8D4B-4765-8CDD-D2FF8BC5D41F}
2015-10-27 19:36 - 2016-06-27 09:20 - 0000272 _____ () C:\ProgramData\2013.par
2015-02-19 19:25 - 2016-05-26 14:17 - 0032432 __RSH () C:\ProgramData\3002.abs
2015-02-19 19:25 - 2016-06-27 09:20 - 0000152 __RSH () C:\ProgramData\3002.xml
2015-05-02 14:59 - 2015-05-02 14:59 - 0015568 __RSH () C:\ProgramData\3029.abs
2015-09-18 17:01 - 2015-10-24 17:36 - 0001856 __RSH () C:\ProgramData\3031.abs
2016-06-25 09:12 - 2016-06-25 09:12 - 0000004 ____H () C:\ProgramData\cm-lock
2015-02-20 09:06 - 2015-02-20 09:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-21 17:00 - 2015-04-21 17:00 - 0010304 _____ () C:\ProgramData\regid.1998-09.com.columbiasoft_CB7DABE8-4CB1-4D01-90EB-F46578B0EC22.swidtag
2016-06-27 09:13 - 2016-06-27 09:20 - 0002043 _____ () C:\ProgramData\SCCMHealthCheck.xml
2015-11-02 00:29 - 2016-06-27 09:20 - 0002043 _____ () C:\ProgramData\SCCMHealthCheck.xml.before.repair
2015-11-02 00:29 - 2016-06-27 09:20 - 0002043 _____ () C:\ProgramData\SCCMHealthCheck.xml.lst

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-17 00:53

==================== End of FRST.txt ============================

And my addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02
Ran by aschreiner (2016-06-27 09:38:47)
Running from C:\Users\aschreiner\Desktop
Windows 7 Enterprise Service Pack 1 (X64) (2015-02-20 14:14:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1277301177-2924182014-3333776039-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-1277301177-2924182014-3333776039-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-1277301177-2924182014-3333776039-1005 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: System Center Endpoint Protection (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: System Center Endpoint Protection (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
1734 IO-Link Module Profiles (x32 Version: 1.41.80.0 - Rockwell Automation, Inc.) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.9 - Hewlett-Packard) Hidden
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat XI Standard (HKLM-x32\...\{AC76BA86-1033-FFFF-BA7E-000000000006}) (Version: 11.0.16 - Adobe Systems)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\{42E870AA-8C2E-4764-9340-31A693D2E033}) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\{385454BE-576E-4FC8-A828-4C81F0485A7C}) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Advanced Micro Controls 1734 Specialty Module Profiles (x32 Version: 1.04.1.0 - Advanced Micro Controls, Inc.) Hidden
Advanced Micro Controls 1756 Specialty Module Profiles (x32 Version: 1.03.1.0 - Advanced Micro Controls, Inc.) Hidden
Advanced Micro Controls 1769 Specialty Module Profiles (x32 Version: 1.10.1.0 - Advanced Micro Controls, Inc.) Hidden
Altiris Deployment Agent (HKLM\...\{6C8D5E56-CA12-42B2-9075-044B4C7067A9}) (Version: 1.0.0 - Altiris)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arellia Local Security Agent (HKLM\...\{207895FB-47DE-48BB-960E-72D316895EC7}) (Version: 7.1.1437.0 - Arellia Corporation)
Argos Agent (HKLM-x32\...\{F76995E8-77C5-4294-869C-1B50ECA52573}) (Version: 7.6.4 - Sepialine, Inc.)
ARX CoSign Client (HKLM\...\{6002A187-B49D-4364-ADE3-FF42C8F17A9F}) (Version: 5.64 - Algorithmic Research Ltd.)
ARX CryptoKit (HKLM\...\{F75D2B1D-5309-41DF-BC96-DFC3C3568C1D}) (Version: 4.5.5 - Algorithmic Research Ltd.)
ARX Signature API (HKLM\...\{E92CC64E-046E-47D3-A701-1F593D1FBDC3}) (Version: 5.64 - Algorithmic Research Ltd.)
Auto Close Idle Client (HKLM-x32\...\{501C2F0A-AC90-4b28-8474-BA7F104152AC}_is1) (Version:  - Ultimate Net Tools)
AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 VBA Enabler (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD 2016 VBA Enabler (HKLM\...\AutoCAD 2016 VBA Enabler) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Civil 3D 2016 64 Bit Object Enabler on A360 Desktop - Language Neutral (HKLM\...\{41B3A965-BA83-4FB7-9045-6368832F0B78}) (Version: 604.0 - Autodesk, Inc.)
Autodesk AutoCAD Civil 3D 2016 64 Bit Object Enabler on AutoCAD 2016 - English - English (United States) (HKLM\...\{F3C77302-A12F-4DDE-8E51-C93B287B8CA0}) (Version: 604.0 - Autodesk, Inc.)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk AutoCAD Plant 3D 2016 Object Enabler (HKLM\...\Autodesk AutoCAD Plant 3D 2016 Object Enabler) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Plant 3D 2016 Object Enabler (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Avaya Microsoft Lync 2013 Integration (HKLM-x32\...\{5EC62C97-5B0B-40E7-B691-B02BFEF35A2F}) (Version: 6.3.3 - Avaya)
BbeXtreme (x32 Version: 15.6.0 - Bluebeam Software) Hidden
Bentley DGN IFilter (HKLM\...\{2E873893-A883-4C06-8308-7B491D58F3D6}) (Version: 1.0.1.11 - Bentley Systems, Incorporated)
Bentley DGN Navigator Control 2.0 x64 (HKLM\...\{1E8A88EA-DB9A-4F36-A918-9C4AE266C1B8}) (Version: 02.00.01250.0 - Bentley Systems, Incorporated)
Bentley DGN Thumbnail Provider (HKLM\...\{74A8C1AF-75E5-4653-95AF-222725B7D877}) (Version: 8.11.7.411 - Bentley Systems, Incorporated)
Bentley Software Prerequisites (x32 Version:  - Bentley) Hidden
Bluebeam Revu eXtreme x64 2015.6 (HKLM\...\{AF002E58-F25F-4AC2-A360-651F10858F45}) (Version: 15.6.0 - Bluebeam Software, Inc.)
BMcD 2016 Templates (April) (HKLM-x32\...\{463496AD-64C3-401C-A5B1-0F9B91A02BF9}) (Version: 1.1 - Burns & McDonnell)
BMcD_Microsoft_Office_Templates_2_0 (HKLM-x32\...\BMcD_Microsoft_Office_Templates_2_0) (Version: 2.0 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{95EB2FCC-AE0B-40E9-B804-347C6358923B}) (Version: 51.0.2704.7 - Google Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.01065 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.01065 - Cisco Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.100.14 - Citrix Systems, Inc.)
Citrix XenApp Web Plugin (HKLM-x32\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
CodeMeter Runtime Kit v5.21 (HKLM\...\{05CA69B3-6699-425F-8223-39E4E00B6581}) (Version: 5.21.1478.500 - WIBU-SYSTEMS AG)
ColumbiaSoft PDF Render (novaPDF 7.7 printer) (HKLM\...\ColumbiaSoft PDF Render_is1) (Version: 7.7.3987 - Softland)
Computrace (HKLM-x32\...\{8DA5754C-34B4-47B6-BDD9-4F13D183C155}) (Version: 8.0.932 - Absolute Software Inc.)
Configuration Manager Client (Version: 5.00.8325.1000 - Microsoft Corporation) Hidden
ControlFLASH (HKLM-x32\...\{795AF8A6-FA19-4F66-9B9E-3847A286F73D}) (Version: 13.00.00 - Rockwell Automation, Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Document Locator Client 7.1 x64 (HKLM\...\{293B5719-A484-46EB-9166-05F6392EBB9C}) (Version: 7.1.0018 - ColumbiaSoft Corporation)
Document Locator Print Import (novaPDF OEM 7.7 printer) (HKLM\...\Document Locator Print Import_is1) (Version: 7.7.3987 - Softland)
Elevated Installer (x32 Version: 4.1.22.0 - Garmin Ltd or its subsidiaries) Hidden
Endress+Hauser EtherNet/IP Analysis Module Profiles (x32 Version: 1.20.1.0 - Endress+Hauser, Inc.) Hidden
Endress+Hauser EtherNet/IP Comm Module Profiles (x32 Version: 1.61.1.0 - Endress+Hauser, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-7620 Series Printer Uninstall (HKLM\...\EPSON WF-7620 Series) (Version:  - SEIKO EPSON Corporation)
ETAP 14.0.0 (HKLM\...\{1DCFC9AC-12CD-4148-9DE4-C171A395C2D2}) (Version: 14.0.0 - ETAP)
ETAP License Manager 12.5.0 for 64-bit Machine (HKLM\...\{3B9DCBCC-E42F-40F1-AD10-0B297FF2F75A}) (Version: 12.5.0 - Operation Technology, Inc.)
ETAP_12_5_0 (HKLM-x32\...\ETAP_12_5_0) (Version: 12.5.0 - )
FactoryTalk Activation Manager 4.00.00 (HKLM-x32\...\{70715E78-DF4E-42F2-AF99-010C6F3E4D6D}) (Version: 4.00.00 - Rockwell Automation, Inc.)
FactoryTalk Alarms and Events 2.80.00 (CPR 9 SR 8) (HKLM-x32\...\{FE3F6465-84E3-45AF-9955-276ECB70EF21}) (Version: 2.80.00 - Rockwell Automation, Inc.)
FactoryTalk Diagnostics 2.80.00 (CPR 9 SR 8) (HKLM-x32\...\{B444F81B-2493-463B-901A-32940BBA24B6}) (Version: 2.80.00 - Rockwell Automation, Inc.)
FactoryTalk Services Platform 2.80.00 (CPR 9 SR 8) (HKLM-x32\...\{9B60089F-1A20-4088-9F8E-AE6040269C72}) (Version: 2.80.00 - Rockwell Automation, Inc.)
FactoryTalk View Studio for Machine Edition 8.10.00 (HKLM-x32\...\RSView Studio) (Version:  - )
FactoryTalk® View Studio for Machine Edition 8.10.00 (CPR 9 SR 7.4) (HKLM-x32\...\{3BA3172A-ADC0-4BE4-A805-E11020A7659A}) (Version: 8.10.00 - Rockwell Automation, Inc.)
FANUC CNC EtherNet/IP Specialty Module Profiles (x32 Version: 1.09.1.0 - Rockwell Automation, Inc.) Hidden
FANUC Robotics EtherNet/IP Specialty Module Profiles (x32 Version: 1.34.1.0 - Rockwell Automation, Inc.) Hidden
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Garmin Express (HKLM-x32\...\{54b8854c-ad14-42fe-9dfb-bffd1a23fcf6}) (Version: 4.1.22.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.22.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.22.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\{878B9925-1C43-3AED-87F6-2C2A79678CD8}) (Version: 51.0.2704.103 - Google, Inc.)
Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - )
Hardy Instruments 1756 Specialty Module Profiles (x32 Version: 1.42.1.0 - Hardy Instruments, Inc.) Hidden
Hardy Instruments 1769 Specialty Module Profiles (x32 Version: 2.09.1.0 - Hardy Instruments, Inc.) Hidden
HDR Preview (HKLM\...\{9F7815C9-A323-4215-905C-73137D21BCC0}) (Version: 1.0.0.2 - Bentley Systems, Incorporated)
Hoffman 1756 Comm Module Profiles (x32 Version: 1.03.1.0 - Hoffman Enclosures) Hidden
Hyperview Kit (HKLM-x32\...\{43DF7D54-F174-4F07-9865-976105E7E0A1}) (Version: 5.31.1001 - G. Michaels Consulting Ltd.)
i-model ODBC Driver for Windows 7 (x64) (HKLM\...\{454AD0FD-21D2-4E73-99E9-A40CAC75A636}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
Inst5676 (Version: 8.01.18 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3272 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1342.2) (HKLM\...\{302600C1-6BDF-4FD1-1311-148929CC1385}) (Version: 3.1.1311.0402 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
Intergraph SmartPlant License Manager (HKLM-x32\...\{94676089-B640-4038-90DC-03EFAE980CEB}) (Version: 11.00.17.00 - Intergraph)
Intergraph SmartPlant Review (HKLM-x32\...\{7C76E944-C44F-48A0-9339-91FC80B1012A}) (Version: 10.0.0.340 - Intergraph)
Internet Explorer 11 (x32 Version: 11.0 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java_8_Update_77 (HKLM-x32\...\Java_8_Update_77) (Version: 1.8.0.77 - )
Java_BMcD_Certs_1_0 (HKLM-x32\...\Java_BMcD_Certs_1_0) (Version: 1.0 - )
Java_Exception_Sites_1_0 (HKLM-x32\...\Java_Exception_Sites_1_0) (Version: 1.0 - )
kitedrive (HKLM\...\{854ED2A4-376D-4A4B-A686-90154EA3D1DD}) (Version: 1.5.9 - Accellion)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lenovo Fingerprint Manager Pro (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.18(x64) - Lenovo)
Lenovo Fingerprint Manager Pro (Version: 8.01.18(x64) - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Local Administrator Password Solution (HKLM\...\{F53D26E0-94E5-456F-AC72-C7676C9CE813}) (Version: 6.0.1.0 - Microsoft Corporation)
Logix Designer Motion Database (x32 Version: 30.2.3875.0 - Rockwell Automation, Inc.) Hidden
Logix Designer System Updates (x32 Version: 22.13.1007 - Rockwell Automation, Inc.) Hidden
Logix Designer Uninstaller (x32 Version: 7.0.3875.0 - Rockwell Automation, Inc.) Hidden
LogMeIn (HKLM-x32\...\{D8FDCAEB-351D-4FFF-B1FD-B8C3564C1CAD}) (Version: 4.1.5208 - LogMeIn, Inc.)
LogMeIn Client (HKLM-x32\...\{D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB}) (Version: 1.3.1675 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ME Device Status and Diagnostic Faceplates (HKLM-x32\...\{A5EDA81D-0703-44D6-BD7B-6D2E9D6078EE}) (Version: 8.10.00 - Rockwell Automation, Inc.)
Mettler-Toledo 1756 Comm Module Profiles (x32 Version: 1.17.1.0 - Mettler-Toledo Corporation) Hidden
MGate Manager 1.11 (HKLM\...\MGate Manager_is1) (Version:  - Moxa Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Lync 2010 SDK Runtime (HKLM-x32\...\{8AF10E19-4330-4077-A1B5-491ACDC24B08}) (Version: 4.0.7577.124 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Office Lync Software Development Kit Runtime (HKLM-x32\...\{90150000-008E-0409-0000-0000000FF1CE}) (Version: 15.0.4603.1000 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - en-us (HKLM\...\GrooveRetail - en-us) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Online Services Sign-in Assistant (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft Project Standard 2010 (HKLM-x32\...\Office14.PRJSTD) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Policies (HKLM-x32\...\{01C5A10F-AD9B-405B-853A-6659841A1242}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{056E5A6F-BEF6-4094-8724-D45F0F564312}) (Version: 10.0.1794.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Query Tools English (HKLM-x32\...\{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2012 Shell (Isolated) (HKLM-x32\...\{d2e0df0f-bf0a-4a89-9530-ebf93842c393}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
MicroStation V8i (SELECTseries 3) 08.11.09.459 (HKLM-x32\...\{B234DC00-1003-47E7-8111-230AA9E6BF10}) (Version: 08.11.09.459 - Bentley Systems, Incorporated)
Modbus Poll 6.4.2 (HKLM\...\Modbus Poll) (Version: 6.4.2 - Witte Software)
Modbus Slave 6.1.2 (HKLM\...\Modbus Slave) (Version: 6.1.2 - Witte Software)
Molex Corporation 1756 Comm Module Profiles (x32 Version: 1.26.1.0 - Molex Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-433564024-1784799946-3432143216-187969\...\MusicManager) (Version:  - Google, Inc.)
Notepad++ (HKLM\...\{07BAE073-B1C9-48A9-BD60-C7F61A0C9F02}) (Version: 6.8.3 - Notepad++)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 312.69 - NVIDIA Corporation)
NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden
Office_2013_updates_Disable (HKLM-x32\...\Office_2013_updates_Disable) (Version: 1.0 - )
OLDI PCIx ETAP Comm Module Profiles (x32 Version: 1.07.0.0 - Online Development, Inc.) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.33.00 - )
Online Development 1756 Comm Module Profiles (x32 Version: 1.03.1.0 - Online Development, Inc.) Hidden
Online Plug-in (x32 Version: 14.2.100.14 - Citrix Systems, Inc.) Hidden
OPC Core Components Redistributable (x64) 105.0 (HKLM\...\{725FFCF9-5D38-4249-8697-9BDB415E6B00}) (Version: 3.00.10501 - OPC Foundation)
Parker Isysnet Analog Module Profiles (x32 Version: 6.02.2.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet ASCII Module Profile (x32 Version: 2.02.1.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet ControlNet Adapter Module Profile (x32 Version: 3.00.0.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles (x32 Version: 6.02.2.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles 2 (x32 Version: 2.02.1.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Discrete Module Profiles 3 (x32 Version: 2.02.1.0 - Parker Hannifin Corporation) Hidden
Parker Isysnet Ethernet Adapter Module Profile (x32 Version: 3.03.1.0 - Parker Hannifin Corporation) Hidden
PDF Writer (HKLM\...\PDF Writer) (Version:  3.0 - )
Pepperl+Fuchs EtherNet/IP WirelessHART Gateway Module Profiles (x32 Version: 1.09.1.0 - Pepperl+Fuchs GmbH) Hidden
Phoenix Digital 1756 Communication Module Profiles (x32 Version: 1.06.1.0 - Phoenix Digital, Inc.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PicPick (HKLM-x32\...\PicPick) (Version: 4.1.2 - NGWIN)
Plex Home Theater (HKLM-x32\...\Plex Home Theater) (Version: 1.4.1 - Plex inc)
PPS (HKLM-x32\...\{AA1A1D5D-FFAD-48FF-8977-97B2B1D5EC47}) (Version: 5.07.110 - Project Partners, LLC)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Printer Installer Client (HKLM-x32\...\{A9DE0858-9DDD-4E1B-B041-C2AA90DCBF74}) (Version: 16.1.3.13 - PrinterLogic)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
ProjectWise Explorer V8i (SELECTseries 4) (HKLM\...\{26B92846-6804-531E-938C-88630F43A7AD}) (Version: 08.11.11574 - Bentley Systems, Incorporated)
ProjectWise Export/Import (HKLM-x32\...\{103EA99C-0293-45AC-84C0-6DA4D8FEB235}) (Version: 08.11.11.11 - Bentley Systems)
ProjectWise i-model Packager (HKLM-x32\...\{D5686C0F-55EF-11E0-8D64-002655409553}) (Version: 08.11.11.574 - Bentley Systems, Incorporated)
ProSoft Configuration Builder (HKLM-x32\...\InstallShield_{2E265714-812E-492E-9CC9-E0E341FF02AC}) (Version: 4.4.3.4 - ProSoft Technology Inc.)
ProSoft Configuration Builder (x32 Version: 4.4.3.4 - ProSoft Technology Inc.) Hidden
ProSoft Technology 1734 Ethernet Adapter Module Profile (x32 Version: 1.14.1.0 - ProSoft Technology, Inc.) Hidden
ProSoft Technology 1756 MVI Comm Module Profiles (x32 Version: 1.11.1.0 - ProSoft Technology, Inc.) Hidden
Prosoft Technology 1769 Comm Module Profiles (x32 Version: 1.13.1.0 - Prosoft Technology, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7005 - Realtek Semiconductor Corp.)
Rockwell Automation 1440 XM Dynamic Measurement Module Profile (x32 Version: 2.02.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1715 Ethernet Adapter Module Profile (x32 Version: 1.04.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1715 Redundant I/O Module Profiles (x32 Version: 2.04.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1732 Discrete Module Profiles (x32 Version: 2.02.1.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1732 Discrete Module Profiles 2 (x32 Version: 2.02.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1732 EtherNet Safety Module Profiles (x32 Version: 6.01.19.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Analog Module Profiles (x32 Version: 7.01.14.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Analog Module Profiles 2 (x32 Version: 7.01.14.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 ASCII Module Profiles (x32 Version: 3.01.6.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 ControlNet Adapter Module Profile (x32 Version: 4.00.2577.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profile, DeviceLogix (x32 Version: 4.01.6.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profiles (x32 Version: 8.02.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profiles 2 (x32 Version: 4.01.9.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Discrete Module Profiles 4 (x32 Version: 4.01.8.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Ethernet Adapter Module Profile (x32 Version: 6.01.9.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Ethernet Adapter,2-Port,Module Profile (x32 Version: 6.01.9.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Point Guard Safety Module Profile (x32 Version: 1.01.21.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1734 Specialty Module Profiles (x32 Version: 3.01.5.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Analog Module Profiles (x32 Version: 7.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Analog Module Profiles 2 (x32 Version: 6.03.7.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 ASCII Module Profiles (x32 Version: 3.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 ControlNet Adapter Module Profile (x32 Version: 4.00.2577.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profile, DeviceLogix (x32 Version: 3.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles (x32 Version: 7.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles 2 (x32 Version: 3.00.2579.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles 3 (x32 Version: 2.02.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Discrete Module Profiles 4 (x32 Version: 3.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Ethernet Adapter Module Profile (x32 Version: 5.03.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Ethernet Adapter,2-Port,Module Profile (x32 Version: 5.02.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1738 Specialty Module Profiles (x32 Version: 3.00.2578.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1747 Module Profiles (x32 Version: 14.00.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 Apex2 Isolated Analog Module Profiles (x32 Version: 1.01.24.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 CNet Comms Module Profiles (x32 Version: 1.02.572.0 - Rockwell Software, Inc.) Hidden
Rockwell Automation 1756 ENet Comms Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 Ethernet Bridge Module Profile (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 HART Module Profiles (x32 Version: 4.01.12.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 Historian Module Profiles (x32 Version: 1.07.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 Next Gen Apex2 Digital Module Profiles (x32 Version: 3.02.7.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1756 Remote I/O Interface Module Profile (x32 Version: 2.03.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Analog Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Analog Module Profiles (x32 Version: 7.02.8.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 ASCII Module Profiles (x32 Version: 2.04.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Boolean Module Profiles (x32 Version: 2.02.5.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Controller Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Discrete Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Discrete Module Profiles (x32 Version: 2.02.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Embedded Module Profiles (x32 Version: 2.02.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1769 Specialty Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1783 Ethernet Managed Switch Module Profile (x32 Version: 3.02.3442.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1788 Ethernet to DeviceNet Module Profile (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1791DS Discrete Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 1799 Embedded Discrete Module Profile (x32 Version: 1.01.6.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 2094 Kinetix IPIM Module Profile (x32 Version: 2.03.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 2097 Kinetix Module Profiles (x32 Version: 2.01.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 280 ArmorStart Ethernet Module Profiles (x32 Version: 1.04.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 2-Port CIP Sync ENetIP Module Profiles (x32 Version: 2.02.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 2-Port ENetIP Analog Module Profiles (x32 Version: 1.02.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 2-Port Quick Connect ENetIP Module Profiles (x32 Version: 2.01.3.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 440C-CR30 configured safety relay (x32 Version: 1.01.12.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 48MS Vision Sensor Module Profiles (x32 Version: 1.01.19.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5069 Adapter Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5069 Analog Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5069 ARM Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5069 Discrete Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5069 Specialty Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 56RF-IN-IPD22 Module Profiles (x32 Version: 1.03.0.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 56RF-IN-IPD22A Module Profiles (x32 Version: 1.03.0.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 56RF-IN-IPS12 Module Profiles (x32 Version: 1.03.0.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 5XRF RFID Reader Module Profiles (x32 Version: 1.02.24.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation 842E EtherNet/IP Encoder Module Profiles (x32 Version: 2.01.26.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation ArmorStart LT Module Profiles (x32 Version: 2.01.20.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Catalog Services (x32 Version: 2.3.3875.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CIP Motion Feedback Device Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CM Runtime (HKLM-x32\...\{7B5F3FE7-1276-41A7-BAAA-0CECA3730CA9}) (Version: 5.21.3875.0 - Rockwell Automation, Inc.)
Rockwell Automation Compact Adapter Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Compact GuardLogix 5370 L3S Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CompactLogix 5370 L1 Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CompactLogix 5370 L2 Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CompactLogix 5370 L3 Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation CompactLogix 5380 Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation ControlLogix 5580 Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation DIO DeviceNet Safety Module Profile (x32 Version: 5.04.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation DIO DeviceNet Safety Module Profiles (x32 Version: 5.01.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation DIO DeviceNet Safety Module Profiles (x32 Version: 5.04.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation DIO DeviceNet Safety Module Profiles (x32 Version: 5.04.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation DIO EtherNet Safety Module Profiles (x32 Version: 5.03.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Driver Package x64 (HKLM-x32\...\{C90BD8D9-A4B6-473C-A1B2-37D289F0B0C9}) (Version: 1.1.18 - Rockwell Automation.)
Rockwell Automation Drives Peripheral Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 4 Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 5 Module Profiles (x32 Version: 1.04.33.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 2 Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 3 Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 4 Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives PowerFlex 7 Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Drives SCANport Module Profiles (x32 Version: 4.07.10.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation E1 Plus Module Profiles (x32 Version: 1.01.0.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation E3 Plus Comms Auxiliary Module Profiles (x32 Version: 1.01.0.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation E3 Plus via 2100-ENET Module Profiles (x32 Version: 1.01.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation E300 Ethernet Module Profiles (x32 Version: 5.01.1.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation EtherNet/IP Tap Family Module Profiles (x32 Version: 2.06.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Flex Adapter Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Generic Safety Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Kinetix CIP Motion Drive Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Kinetix350 CIP Motion Drive Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Kinetix5500 CIP Motion Drive Modules (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Kinetix5700 CIP Motion Modules (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation PanelView Module Profile (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Point Safety Discrete Module Profiles (x32 Version: 3.01.2.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation PowerFlex CIP Motion Drive Module Profiles (x32 Version: 16.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation PowerFlex5 CIP Motion Drive Module Profiles (x32 Version: 1.01.12.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation SLC Adapter Module Profiles (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Stratix 5100 Module Profiles (x32 Version: 2.01.6.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Stratix 5400 Module Profiles (x32 Version: 9.01.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Stratix 5410 Module Profiles (x32 Version: 9.01.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Stratix 5700 Module Profiles (x32 Version: 9.01.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Automation Stratix 8000/8300 Module Profiles (x32 Version: 9.01.4.0 - Rockwell Automation, Inc.) Hidden
Rockwell Windows Firewall Configuration Utility 1.00.07 (HKLM-x32\...\{0B326F7E-CDA7-4164-95F0-7FBA92DCD2D3}) (Version: 1.00.07.0001 - Rockwell Automation, Inc.)
RSLinx Classic 3.80.00 CPR 9 SR 8 (HKLM-x32\...\{34540622-805E-4CC7-98CF-65A43E99CF4D}) (Version: 3.80.00 CPR 9 SR 8 - Rockwell Automation, Inc.)
RSLinx Enterprise 5.80.00 (CPR 9 SR 8) (HKLM-x32\...\{339EA7CF-CAD9-44FE-A3D4-43C7FF0A4D0D}) (Version: 5.80.00 - Rockwell Automation, Inc.)
RSLogix 5000 Module Profile Core (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 Module Profile Core EDS Support (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 Module Profile Core System Updates (x32 Version: 6.00.1769.0 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 Module Profile Core System Updates 1 (x32 Version: 11.00.3704.0 - Rockwell Automation, Inc.) Hidden
RSLogix 5000 Module Profile Setup Utility (x32 Version: 14.00.4058.0 - Rockwell Automation, Inc.) Hidden
RSLogix Architect Compatible Tool (x32 Version: 1.00.0000 - Your Company Name) Hidden
RSLogix Emulate 5000 24.01.00 (CPR 9 SR 7.1) (HKLM-x32\...\{07E955C7-F9E2-4056-A1A7-B60EC367A4AC}) (Version: 24.01.00 - Rockwell Automation, Inc.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.3.0.92 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{4A10D640-13F1-4A13-BAD1-3E3790511B17}) (Version: 13.0.10.1385 - SAP)
SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM\...\{9EFF1F10-990C-4DE8-A4C7-7EEE1952F159}) (Version: 13.0.10.1385 - SAP)
ScriptPro 2.0 (HKLM-x32\...\{60A033B4-7FB9-4028-9942-0A6117348E43}) (Version: 3.0.2 - Autodesk)
Self-service Plug-in (x32 Version: 4.2.100.5943 - Citrix Systems, Inc.) Hidden
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
SMC 1756 Comm Module Profiles (x32 Version: 1.17.1.0 - SMC Corporation) Hidden
Spectrum Controls 1734 Analog Module Profiles (x32 Version: 1.21.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1756 Analog Module Profiles (x32 Version: 1.10.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1756 Discrete Module Profiles (x32 Version: 1.04.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1756 Specialty Module Profiles (x32 Version: 1.04.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1769 Analog HART Module Profiles (x32 Version: 1.07.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1769 Analog Module Profiles (x32 Version: 1.08.1.0 - Spectrum Controls, Inc.) Hidden
Spectrum Controls 1769 Analog2 Module Profiles (x32 Version: 2.07.1.0 - Spectrum Controls, Inc.) Hidden
SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Studio 5000 Architect v1.01.00 (CPR 9 SR 8) (HKLM-x32\...\{0A98A2EA-DD41-4A54-9E2C-DE390AD223B1}) (Version: 1.01.00 - Rockwell Automation, Inc.)
Studio 5000 Launcher (HKLM-x32\...\{EE06EC93-0505-4AA5-BFBF-76E578AB2244}) (Version: 3.6.3804.37271 - Rockwell Automation, Inc.)
Studio 5000 Logix Designer Online Books v28.0.0 (HKLM-x32\...\{11010028-B129-11DF-A296-000C296D58C5}) (Version: 28.0.0 - Rockwell Automation, Inc.)
Studio 5000 Logix Designer Start Page Media v28.00.00 (HKLM-x32\...\{10000028-D5FD-11DA-A128-000C29473C90}) (Version: 28.00.00 - Rockwell Automation, Inc.)
Studio 5000 Logix Designer v24.01.00 (CPR 9 SR 7.4) (HKLM-x32\...\{31000124-EC33-11D6-A408-F6139379CBFB}) (Version: 24.01.00 - Rockwell Automation, Inc.)
Studio 5000 Logix Designer v28.00.00 (CPR 9 SR 8) (HKLM-x32\...\{31000028-EC33-11D6-A408-F6139379CBFB}) (Version: 28.00.00 - Rockwell Automation, Inc.)
Studio 5000 View Designer (HKLM-x32\...\{09FF21B7-5E63-49C2-8DB4-53FB19F873A5}) (Version: 2.02.00000.00006 - Rockwell Automation, Inc.)
Symantec Enterprise Vault Outlook Add-In 10.0.4.1354 (HKLM-x32\...\{FF7E9EA9-25E6-423C-BD5F-03378E43837C}) (Version: 10.0.17738 - Symantec Corporation)
Synaptics WBF DDK 5011 (HKLM\...\{491728AE-BFF0-44F2-A9F1-9AE218E36E2D}) (Version: 4.5.263.0 - Synaptics)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.263.0 - )
System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.9.219.0 - Microsoft Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Text Finding (HKLM-x32\...\Text Finding_is1) (Version:  - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.7.37 - Synaptics Incorporated)
ThinkPad WiFi Radio Control (HKLM-x32\...\{DF3A1970-C5E2-45E7-B032-228F20389D8B}) (Version: 1.11 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo)
Traps 3.3.0.6169 (HKLM\...\{0E5B27C6-E477-4BD1-A85A-345F54BA9A42}) (Version: 3.3.0.6169 - Palo Alto Networks, Inc.)
Traps_3_3_0_6169 (x32 Version: 3.3.0.6169 - ) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
U232 P9/P25 10.2.98 (HKLM-x32\...\{DA7113AA-E3D0-48C6-BE31-E1F11BB9D18E}) (Version: 10.2.98 - MCT)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.3.5 - Unified Intents AB)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visualization Content (HKLM-x32\...\{0D41BCFC-B16D-479F-8347-4F68F6CD34CE}) (Version: 8.11.9.454 - Bentley Systems, Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
V-locity Endpoint (HKLM\...\{A984D90B-192D-4D73-B5A0-18768EDC83E6}) (Version: 1.0.50.64 - Condusiv Technologies)
VMware Horizon Client (HKLM\...\{783A7221-AF59-4F7D-8D88-FBE4266BC8F6}) (Version: 3.5.0.29526 - VMware, Inc.)
WebEx Productivity Tools (HKLM-x32\...\{5A8D2895-7A57-41FF-9A39-035BA024B80F}) (Version: 2.36.13032.10011 - Cisco WebEx LLC)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Firewall Configuration Provider (HKLM\...\{109A5A16-E09E-4B82-A784-D1780F1190D6}) (Version: 1.2.3412.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
X-Rite Device Services Manager (HKLM-x32\...\{CE795482-FBF6-41B4-BE6D-3C5EE90444E2}) (Version: 2.1.14 - X-Rite)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\aschreiner\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-433564024-1784799946-3432143216-187969_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\aschreiner\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01AFF8E5-32CA-4C58-8C66-19134B839EEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {03E2C8C7-EE5F-4C8B-B927-D4E08189D70D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-18] (Microsoft Corporation)
Task: {101F59A3-1464-4175-B8CC-599738D5CA5E} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-05-25] ()
Task: {19762B39-2A25-456C-A541-1F5060A87F70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {27416E75-4BB5-4170-86F5-26C3EA0DE93A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-02] (Google Inc.)
Task: {2C763483-A605-427D-B88B-EFFDA225E1F8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-23] (Adobe Systems Incorporated)
Task: {2CEAD152-8934-4F3D-8F60-71D6A2CF8639} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969UA => C:\Users\aschreiner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-05] (Google Inc.)
Task: {428E69D2-1478-4BB1-9B2F-3D2802FD0C28} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {660FFF1D-AE86-4623-BA63-00B364D0D38A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969Core => C:\Users\aschreiner\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-05] (Google Inc.)
Task: {666A81EA-0041-488F-ABC6-D0FF3C69988D} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2015-04-12] ()
Task: {6696A643-0FBF-46CB-8B90-537D0E461A1D} - System32\Tasks\{6BBD36D3-AE96-4F12-88EF-E510BDFB5548} => pcalua.exe -a C:\Windows\Logs\ETAP_12_5_0\UNWISE.EXE -c /u C:\Windows\Logs\ETAP_12_5_0\ETAP_12_5_0.LOG
Task: {6C12B8EC-043C-4AF7-8DBB-CBBFE077486E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {79AC2DF8-61B7-4BB4-B382-9195C0B50408} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {843426CF-7B16-4724-8095-49C38607CC72} - System32\Tasks\EPSON WF-7620 Series Invitation {98294E8F-C703-42B2-B61A-42C92F168558} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8C5E9C28-9F7B-41B4-B337-650416BC0A9A} - System32\Tasks\EPSON WF-7620 Series Update {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {92F4204E-D4E5-4DF3-8789-9F515FA401C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-12-15] (Microsoft Corporation)
Task: {A5C67A7B-4474-4D61-96C8-F74692473997} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-07-26] (Realtek Semiconductor)
Task: {BD9C851C-89FA-4684-B813-7A174C00A967} - System32\Tasks\{841E92C8-98C5-477C-8B87-8431E55A9E86} => pcalua.exe -a C:\Users\aschreiner\AppData\Local\Temp\7zS5708.tmp\MicroInstallerNative.exe -d C:\Users\ASCHRE~1\AppData\Local\Temp\7zS5708.tmp
Task: {BF5A55DA-193E-41F2-9F98-D55ABE72C0BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-12-18] (Microsoft Corporation)
Task: {C088A2B3-10B4-4A76-B704-24092F787E94} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2015-10-27] (Microsoft Corporation)
Task: {CE788783-47C1-4E8F-A55C-8543247FAF5B} - System32\Tasks\EPSON WF-7620 Series Invitation {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {D0D6DE9A-53AA-45EC-AD18-1ED79AD69ACC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-23] (Adobe Systems Incorporated)
Task: {D2443CE9-10C2-4829-B5E1-3696F7A8B59B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-02] (Google Inc.)
Task: {D2CA7877-FEA4-4503-A020-90A45D6599A2} - System32\Tasks\EPSON WF-7620 Series Update {98294E8F-C703-42B2-B61A-42C92F168558} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {EAC0D5B4-9692-46BB-9B3F-C35A3DA65B52} - System32\Tasks\{490ACA4F-EE20-4D2D-A895-599223565897} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {F2289EAD-00C5-4CFB-A0CD-5853E9070616} - System32\Tasks\Rumination => C:\Users\aschreiner\Google Drive\Rumination.xls
Task: {FCA79523-F6EE-4B55-A64A-A3563016A593} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-07-31] (Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON WF-7620 Series Invitation {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\Windows\Tasks\EPSON WF-7620 Series Invitation {98294E8F-C703-42B2-B61A-42C92F168558}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\Windows\Tasks\EPSON WF-7620 Series Update {8DE4FDFA-1352-4B99-8066-DDCE2F8A488E}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{8DE4FDFA-1352-4B99-8066-DDCE2F8A488E} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON WF-7620 Series Update {98294E8F-C703-42B2-B61A-42C92F168558}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{98294E8F-C703-42B2-B61A-42C92F168558} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969Core.job => C:\Users\aschreiner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-433564024-1784799946-3432143216-187969UA.job => C:\Users\aschreiner\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-04-04 11:25 - 2012-04-04 11:25 - 02171264 _____ () C:\Program Files\ARX\ARX CoSign Client\CoSign64.dll
2014-06-25 14:35 - 2014-06-25 14:35 - 00035328 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\ssplogon.dll
2014-06-25 14:35 - 2014-06-25 14:35 - 00055296 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\RandomPass.dll
2014-06-25 14:35 - 2014-06-25 14:35 - 00021504 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\cryptodll.dll
2014-06-25 14:49 - 2014-06-25 14:49 - 00288656 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\mstrpwd.dll
2015-02-06 16:17 - 2013-10-28 19:53 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-19 19:01 - 2013-04-11 11:01 - 00089600 _____ () C:\Windows\System32\custmon64i.dll
2015-08-02 10:26 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2016-05-19 09:33 - 2016-05-19 09:33 - 02254040 _____ () C:\Windows\pl64_tcpmon_k.dll
2015-02-19 19:04 - 2014-03-08 12:15 - 04004352 _____ () C:\Windows\system32\spool\PRTPROCS\x64\spPrProc6.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-05 08:39 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-11-10 08:58 - 2015-11-10 08:58 - 00019456 _____ () C:\Program Files\Palo Alto Networks\Traps\CyveraService.XmlSerializers.dll
2015-06-16 12:10 - 2015-06-16 12:10 - 00226240 _____ () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
2015-07-31 16:42 - 2015-07-31 16:42 - 06363792 _____ () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
2014-06-25 14:41 - 2014-06-25 14:41 - 00065024 _____ () C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
2013-10-28 19:17 - 2013-10-28 19:17 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-10-28 10:07 - 2015-09-01 11:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-03-28 13:07 - 2016-03-28 13:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-04-04 11:25 - 2012-04-04 11:25 - 01903488 _____ () C:\Program Files\ARX\ARX CoSign Client\CoSign.dll
2012-10-17 12:30 - 2012-10-17 12:30 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-06-16 12:04 - 2015-06-16 12:04 - 00239552 _____ () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
2015-07-06 11:53 - 2015-07-06 11:53 - 00021208 _____ () C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagServerPS.dll
2015-10-02 14:02 - 2015-10-02 14:02 - 01798144 _____ () C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\botan.dll
2015-10-19 19:59 - 2015-10-19 19:59 - 00063192 _____ () C:\Program Files (x86)\Common Files\Rockwell\FTDiagnosticsODBCENU.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 01588560 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2011-10-11 15:45 - 2011-10-11 15:45 - 00902992 _____ () C:\Program Files (x86)\X-Rite\Devices\i1pro\i1Fun.dll
2011-10-11 15:46 - 2011-10-11 15:46 - 02639696 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2015-10-02 14:02 - 2015-10-02 14:02 - 00048640 _____ () C:\Program Files (x86)\Rockwell Software\Studio 5000\Common\V2\bin\boost_thread.dll
2015-08-05 08:39 - 2015-08-23 22:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-10-28 10:07 - 2015-09-01 07:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
2016-06-25 09:15 - 2016-06-25 09:15 - 00098816 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32api.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00110080 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\pywintypes27.dll
2016-06-25 09:15 - 2016-06-25 09:15 - 00364544 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\pythoncom27.dll
2016-06-25 09:15 - 2016-06-25 09:15 - 00320512 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32com.shell.shell.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00776704 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_hashlib.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 01176576 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._core_.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00806400 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._gdi_.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00816128 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._windows_.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 01067008 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._controls_.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00733184 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._misc_.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00682496 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\pysqlite2._sqlite.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00088064 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_ctypes.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00119808 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32file.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00108544 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32security.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00007168 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\hashobjs_ext.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00017920 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\thumbnails_ext.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00088064 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\usb_ext.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00012288 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\common.time34.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00018432 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32event.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00167936 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32gui.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00046080 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_socket.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 01208320 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_ssl.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00128512 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_elementtree.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00127488 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\pyexpat.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00038912 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32inet.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00036864 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_psutil_windows.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00525208 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\windows._lib_cacheinvalidation.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00011264 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32crypt.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00077312 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._html2.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00027136 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_multiprocessing.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00020480 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\_yappi.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00035840 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32process.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00686080 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\unicodedata.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00078848 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._animate.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00123392 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\wx._wizard.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00024064 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32pipe.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00010240 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\select.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00025600 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32pdh.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00017408 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32profile.pyd
2016-06-25 09:15 - 2016-06-25 09:15 - 00022528 ____N () C:\Users\aschreiner\AppData\Local\Temp\_MEI106162\win32ts.pyd
2015-12-18 17:23 - 2015-12-18 17:25 - 01032360 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2015-10-28 10:07 - 2015-09-01 07:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\1033\GrooveIntlResource.dll
2015-12-18 17:21 - 2015-12-18 17:24 - 01754296 _____ () C:\Program Files\Microsoft Office 15\root\office15\tmpod.dll
2015-12-18 17:21 - 2015-12-18 17:23 - 00022696 _____ () C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconvpxy.dll
2015-08-05 08:39 - 2015-08-23 22:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2015-10-28 10:07 - 2015-09-01 07:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2016-06-18 13:00 - 2016-06-15 04:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 13:00 - 2016-06-15 04:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-18 13:00 - 2016-06-15 04:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_89c07002dadf5991f79468c90f37e2533d020b70e8e1912a4856e84326c08211 [74]
AlternateDataStreams: C:\Windows:CM_9857127c368ba16c1f274bd4bf1d16fff75f690c8aae941604d58b4b7d00c937 [74]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\.DEFAULT\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1277301177-2924182014-3333776039-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-433564024-1784799946-3432143216-187969\Control Panel\Desktop\\Wallpaper -> C:\Users\aschreiner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.3.35.120 - 10.8.35.120
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Document Locator Common Dialog.lnk => C:\Windows\pss\Document Locator Common Dialog.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Document Locator Service Manager.lnk => C:\Windows\pss\Document Locator Service Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^aschreiner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneDrive for Business.lnk => C:\Windows\pss\OneDrive for Business.lnk.Startup
MSCONFIG\startupfolder: C:^Users^aschreiner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: ACIClient => C:\Program Files (x86)\Auto Close Idle Client\ACIClient.exe
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: ActivationNotifier => "C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\Tools\ActivationNotifier.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BbInstallUser => C:\Program Files\Bluebeam Software\Bluebeam Revu\Pushbutton PDF\Bluebeam Admin User.exe
MSCONFIG\startupreg: BbPrintMonitor => C:\Program Files\Common Files\Bluebeam Software\Bluebeam Revu\Brewery\V45\Printer Support\BBPrint.exe
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Cyvera => C:\Program Files\Palo Alto Networks\Traps\cytray.exe
MSCONFIG\startupreg: DagentUI => C:\Program Files\Altiris\Dagent\dagentui.exe
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FactoryTalk Directory Information => "C:\PROGRA~2\COMMON~1\Rockwell\FTLOGI~1.EXE" -s
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\aschreiner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_87A70C93CE94F8995F990262CEA6D1BC => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Lync2013Addin => C:\Program Files (x86)\Avaya\Avaya Microsoft Lync 2013 Integration\Lync2013Addin.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MusicManager => "C:\Users\aschreiner\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: nwiz => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: PicPick Start => "C:\Program Files (x86)\PicPick\picpick.exe" /startup
MSCONFIG\startupreg: SideSync => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TpShocks => TpShocks.exe
MSCONFIG\startupreg: UsbCipHelper => C:\Program Files (x86)\Rockwell Automation\UsbCipDriver\UsbCipHelper\UsbCipHelper.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VMware Netlink 3 HV Install Utility => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe
MSCONFIG\startupreg: Workflow => "C:\Program Files (x86)\Common Files\Technesis\Tracking\spwkflow.exe" /monitor

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) %systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
FirewallRules: [{0E6526D8-E7AC-4DDA-840E-D8566E986C57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{60DF61D8-19FF-435A-B445-04A357B25432}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{022B13C8-DD59-4712-9231-EBE1D5A5AE0A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{99BDCFA6-1B6E-4F6A-B38E-8184BCE7C6FF}] => (Allow) LPort=5454
FirewallRules: [{BE5A31FF-0D5F-4C7F-BC0C-36CF7671D3B2}] => (Allow) C:\Program Files\Condusiv Technologies\V-locity Endpoint\VService.exe
FirewallRules: [{04840CF2-8102-4BD7-B6E1-EEF62EC951A4}] => (Allow) C:\Program Files\Condusiv Technologies\V-locity Endpoint\VService.exe
FirewallRules: [TCP Query User{E2D7A1FE-B55D-441B-A682-28818B213907}C:\dbdoc\hyperview\programs\hyperview_winsock.exe] => (Block) C:\dbdoc\hyperview\programs\hyperview_winsock.exe
FirewallRules: [UDP Query User{E2F1428D-1D64-4180-A086-0786BD66E0B5}C:\dbdoc\hyperview\programs\hyperview_winsock.exe] => (Block) C:\dbdoc\hyperview\programs\hyperview_winsock.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{F3BB520B-A38B-44AC-A945-17FD866FDC44}] => (Allow) LPort=135
FirewallRules: [{F71D2D04-7595-4859-97FA-9C434178A8B3}] => (Allow) LPort=135
FirewallRules: [TCP Query User{B98CE0E5-2673-4A3E-829C-D4E752461ED5}C:\program files (x86)\plex home theater\plex home theater.exe] => (Block) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [UDP Query User{5BA53E90-7F9D-46DD-8006-A28B03DCB961}C:\program files (x86)\plex home theater\plex home theater.exe] => (Block) C:\program files (x86)\plex home theater\plex home theater.exe
FirewallRules: [{4F110FD0-5547-404C-8046-932E00EBD9DB}] => (Allow) LPort=135
FirewallRules: [{C6315988-5C08-40BF-AB94-234C3893E024}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4A6F19C-E4E9-43CC-AAAC-BDDA9FB91CFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A3D222C0-AEAD-4F5B-96B2-7ACFD6CA587E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{77C0CC91-22F0-4EDD-8CFC-36CE4090CEFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{72666342-E4E0-4133-95DB-160823679458}C:\program files (x86)\auto close idle client\aciclient.exe] => (Allow) C:\program files (x86)\auto close idle client\aciclient.exe
FirewallRules: [UDP Query User{38C31B53-6538-4F08-8E54-C0DC2F1E0B88}C:\program files (x86)\auto close idle client\aciclient.exe] => (Allow) C:\program files (x86)\auto close idle client\aciclient.exe
FirewallRules: [{7623CD75-BB00-4933-86E1-89DF89E4E443}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{B49C85E3-DA86-41B5-B68A-E052D4161FA6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{7C82F2D4-5881-464F-B3DE-E93676F3DC03}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D1205A4F-0D99-4832-860B-73AE637CFFD3}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
FirewallRules: [{678EC7C6-2893-4DA9-8627-BA80AF49FE49}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
FirewallRules: [{5A8483B5-1DB6-40E3-ADA1-A34B951C534C}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
FirewallRules: [{B3CF0F5F-02B4-431A-AD09-0E1D497CB654}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
FirewallRules: [{495BB905-D89E-4B84-9369-655469918335}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
FirewallRules: [{62B55856-8D2B-4715-941F-39F3CBC4C3C4}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\lmgrd.exe
FirewallRules: [{7F92B6DC-647E-45D1-BF2F-AA32EA4CCB80}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
FirewallRules: [{E4CB0AA5-6276-491A-8228-B844A3FEF264}] => (Allow) C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\flexsvr.exe
FirewallRules: [{5A4B5C35-0242-498A-9345-4965C37B628B}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
FirewallRules: [{DC94D38B-33E2-4855-8E8E-D9FB72449684}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
FirewallRules: [{9CDCFA3F-F27C-4F6D-81F6-C64001E39543}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
FirewallRules: [{A4D83C9B-4EE1-4197-BF1A-61DF5E5A98E2}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
FirewallRules: [{E30AC51D-10E9-4931-9FC7-B43F324B83F8}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
FirewallRules: [{3FAFA5B1-B17A-4891-AA9F-C1FBA2B27502}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
FirewallRules: [{6092345D-1E85-45E3-936C-A43AE0ADED7E}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
FirewallRules: [{387CC272-5D0D-4EDC-A153-16181C771576}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
FirewallRules: [{E50B7497-D4ED-45E8-9F4D-0177AFDBE76C}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
FirewallRules: [{4C1F4D47-4223-4713-AF56-D4161D519AB7}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
FirewallRules: [{90D12DB4-0D8D-4CDC-8125-D7608016C6EB}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
FirewallRules: [{40F7A205-731F-4336-8084-420155154E2F}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
FirewallRules: [{37939E5B-4110-4CB9-9034-60D86A945D3E}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\DaClient.exe
FirewallRules: [{94913FF2-0C23-4578-A219-7146544436B8}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\DaClient.exe
FirewallRules: [{A66BB72A-5A0E-462B-BC8C-A4AF0790F2E7}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
FirewallRules: [{13AC2977-BE4E-4B3E-8778-14C9A865108A}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
FirewallRules: [{5B2A7D50-1F56-457D-ADA3-AC80C4A6F01C}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
FirewallRules: [{874E1D61-B534-4297-BFE4-23571E100BA5}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
FirewallRules: [{77286534-BF96-45C9-BD51-D8C456DEA0D2}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\VStudio.exe
FirewallRules: [{CA6823E1-8E1F-4BAD-820C-C2E5028744A2}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\VStudio.exe
FirewallRules: [{5B36D997-2937-41A4-B574-EB7AF73BE5E5}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSPVStudio.exe
FirewallRules: [{B8360476-EFC3-4C6C-B78B-1275920A5FB8}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSPVStudio.exe
FirewallRules: [{AC7DA500-ECFF-4CA5-B4A3-668F476CFBFD}] => (Allow) C:\Windows\SysWOW64\OpcEnum.exe
FirewallRules: [{49604F7E-7A79-489E-8D96-22374A64AC44}] => (Allow) C:\Windows\SysWOW64\OpcEnum.exe
FirewallRules: [{E5905FFA-0833-4CB5-A5BD-C24F6D6BD972}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
FirewallRules: [{2B4314AA-D0DC-46E0-8DD2-47CB01C40507}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
FirewallRules: [{888A2574-1B30-43DA-8AEA-DECA892D6A84}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
FirewallRules: [{C3A242A9-1BD2-4A77-A36B-69825EF5C74E}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
FirewallRules: [{4D4296E3-A7A2-4AD1-B956-0EBB11848F6B}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
FirewallRules: [{1D56AF7B-119E-4FC6-BEE8-FE18F01F648E}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
FirewallRules: [{A8AB45C2-8181-4B5F-A6FF-F5771FEFC6A4}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
FirewallRules: [{B4A6FE4B-37D7-4C4C-95FF-4BC3AE5272F6}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
FirewallRules: [{E922DEE4-1540-4482-BBFB-32796FBFD55C}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
FirewallRules: [{507F6C39-029B-4781-9BF8-082C8C884DE9}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
FirewallRules: [{AB8245FD-F9B6-4459-B319-7BD3CBD7A150}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
FirewallRules: [{5120995B-8364-4C4E-8FA7-9DF82D9D454E}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
FirewallRules: [{8F158115-3458-4936-A4F0-EB8375E2D7CC}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\DaClient.exe
FirewallRules: [{64977FDC-948E-4AEC-9D03-163EFDDE26A6}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\DaClient.exe
FirewallRules: [{76B5D9ED-44D2-4F38-BD14-63106F8B97B3}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
FirewallRules: [{EDE70079-BCD4-4F6D-ADDD-B55040B8C454}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
FirewallRules: [{6630FA62-C279-4ED3-939A-22ADF9BAD90B}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
FirewallRules: [{D4109940-5C38-4ED4-8E38-451568A176DA}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
FirewallRules: [{354C33C9-0F9B-4E0C-9251-8B98F298049A}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\VStudio.exe
FirewallRules: [{764553B6-7054-4D6A-8D4D-310C95F715A4}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\VStudio.exe
FirewallRules: [{9AADD665-82A5-482C-BAA1-B8E509FA9896}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSPVStudio.exe
FirewallRules: [{19A60829-7514-48A9-A52C-C3C6212099F2}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSPVStudio.exe
FirewallRules: [{539D7867-A5CF-49D2-AEC5-46453847810A}] => (Allow) C:\Windows\SysWOW64\OpcEnum.exe
FirewallRules: [{F7671B9D-0C9F-4A34-AF20-EC736794A2B2}] => (Allow) C:\Windows\SysWOW64\OpcEnum.exe
FirewallRules: [{8BB7C72C-0C8D-41A2-90C1-76B6693414CA}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
FirewallRules: [{F4786DF5-579B-4BC4-9EEA-4E56B694C170}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
FirewallRules: [{C035F681-D21E-4696-B8E6-4F6F70C37E93}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTCounterMonitor.exe
FirewallRules: [{6AF87291-C896-436B-967D-1941A55C6A05}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTCounterMonitor.exe
FirewallRules: [{B82418B0-67AC-4788-8CA3-7CB7B5788E53}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
FirewallRules: [{0C818460-6AE6-4726-AEE2-7FBB5A4086E5}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTSysDiagSvcHost.exe
FirewallRules: [{45402668-206D-4DE2-8397-AE53E5B8FE4C}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTCounterMonitor.exe
FirewallRules: [{9F3D7DF5-A0FF-4AE9-BB3A-4F231553B30D}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\FTCounterMonitor.exe
FirewallRules: [{3329FA5D-C5BD-4128-B8CE-789AA1B3B8A6}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Architect\Architect.exe
FirewallRules: [{90DA30C8-00E6-4FCF-8332-17934485766B}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Architect\Architect.exe
FirewallRules: [{DC7E4AD6-91E5-4659-AB0B-9EFBFEA341BC}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Architect\Architect.exe
FirewallRules: [{D1040E5A-7B6F-470E-A92B-3B93B462734C}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Architect\Architect.exe
FirewallRules: [{1F8CA59D-2DCE-4290-BD30-629FA453B888}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
FirewallRules: [{CE42A169-AB20-4EC3-8F89-49DEB7C2E2E6}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
FirewallRules: [{E900EA75-FB62-493E-A2D2-1C5199E6C104}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe
FirewallRules: [{7B66C6A2-62CE-4DB7-8200-5E8B3DF854A1}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe
FirewallRules: [{0F0C74A3-0FDD-4510-A296-58C33DA8BC58}] => (Allow) LPort=44818
FirewallRules: [{971D9076-73AE-4254-8106-A28B61AD4519}] => (Allow) LPort=44818
FirewallRules: [{6AA6E814-75B6-421C-9EE6-B173621E1C62}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
FirewallRules: [{9B4F5C3A-8FD8-4B35-BB4E-A104BFA4344C}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
FirewallRules: [{F416C1CF-A7A3-4833-9C6D-7381107CAF37}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe
FirewallRules: [{F69854A8-22F1-4C5F-9D5C-E95378385964}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx Enterprise\RSLinxShortcutAOA.exe
FirewallRules: [{F1E5C757-5FB4-4285-A295-07BE11E9ACAB}] => (Allow) LPort=44818
FirewallRules: [{A1B049C1-3ABC-45E7-8DFF-88A3EE4C0FB4}] => (Allow) LPort=44818
FirewallRules: [{1FB35843-9566-40BC-B1CB-0DBFCE954347}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
FirewallRules: [{A9FD35EB-87C2-405D-8353-1D1392FE7042}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
FirewallRules: [{7E45767A-92B0-477E-987E-7473C7E88A5A}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
FirewallRules: [{A51CBD60-147D-4BB2-B4E6-713F74255C1F}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
FirewallRules: [{58292B67-9426-4424-9FAD-E8831CBBF351}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmDetector.exe
FirewallRules: [{22B38ADD-B829-411B-8D23-8ECAEF8508DF}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmDetector.exe
FirewallRules: [{C5365114-AAED-4F8B-9316-C46CD3823B88}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
FirewallRules: [{E9560FA0-8EA7-405F-8EE5-01D2F5F3E6C2}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAeServer.exe
FirewallRules: [{6996275B-9F23-4C28-89A0-2CD1C30CBF01}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
FirewallRules: [{3B3E19BA-CB56-422B-9382-79DEDAD1AA65}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmMux.exe
FirewallRules: [{7C4A78F9-1399-4CCA-88D4-9F72D0B35419}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmDetector.exe
FirewallRules: [{B39D2947-A2FB-4407-90E8-2AA454ECC2D7}] => (Allow) C:\Program Files (x86)\Common Files\Rockwell\RnaAlarmDetector.exe
FirewallRules: [{0F1C71BC-D043-4658-B65B-5944F9A0C815}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Logix Designer\ENU\v28\Bin\LogixDesigner.Exe
FirewallRules: [{EE6ABCEA-D3CE-4780-88BD-0A0B6C11DA74}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Logix Designer\ENU\v28\Bin\LogixDesigner.Exe
FirewallRules: [{DFB2220D-28AA-4D44-8E10-3D59D2A98656}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
FirewallRules: [{03C4411C-8A09-4027-88B3-A648537DB38A}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
FirewallRules: [{8E28D785-F225-4B2E-8DAB-DFE497460C3F}] => (Allow) C:\Program Files (x86)\Rockwell Software\OPCTools\OPCTest\opctest.exe
FirewallRules: [{1394C091-B753-45E3-96A7-4E369A3D0DD2}] => (Allow) C:\Program Files (x86)\Rockwell Software\OPCTools\OPCTest\opctest.exe
FirewallRules: [{B7C95E97-B21D-42D6-8419-B2030D3E4013}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
FirewallRules: [{58459D96-4536-412F-A3B7-BE5A930168C1}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSLinx\RSLINX.EXE
FirewallRules: [{51367D3B-58EB-4EC5-A2CA-F76A14C8505F}] => (Allow) C:\Program Files (x86)\Rockwell Software\OPCTools\OPCTest\opctest.exe
FirewallRules: [{62CCA433-9B82-42BF-A724-722D51387716}] => (Allow) C:\Program Files (x86)\Rockwell Software\OPCTools\OPCTest\opctest.exe
FirewallRules: [{FA6F0C4A-B672-4535-9E37-09EBC05EC489}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{3925ED5E-AF85-4CC1-A1BB-DE27F55A352B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{BC1BE13C-606A-4B78-A4E0-2F991B1041A8}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\MERuntime.exe
FirewallRules: [{907FDD8D-DC4A-4965-B76A-2CA7466C1FB0}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\MERuntime.exe
FirewallRules: [{47F1F8A3-A16A-4F69-873D-45240083E535}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
FirewallRules: [{E2F8FD77-6CF0-40B4-BC2C-4C518DB8D9BC}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
FirewallRules: [{7A67E058-4354-4463-923E-DC8E41580082}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\VStudio.exe
FirewallRules: [{1BB521B0-350E-470B-8987-509945C55DB6}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\VStudio.exe
FirewallRules: [{E89A034C-4620-4C71-B54E-BB87EC645BF8}] => (Allow) LPort=80
FirewallRules: [{1C0937B3-D249-4013-AFB7-B02D545CBC9D}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\MERuntime.exe
FirewallRules: [{27EC6CB0-4532-4189-B9B3-6FDCA42DE3D0}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\MERuntime.exe
FirewallRules: [{A906A8AA-7694-488A-9317-39B110946F3A}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
FirewallRules: [{35AEA674-CB9B-46D6-AF55-711F467B545B}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\TagSrv.exe
FirewallRules: [{1B1D133B-4270-4742-8CBD-49F91017FD57}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\VStudio.exe
FirewallRules: [{0B9A89B2-931A-4DA5-83DC-0003B873E063}] => (Allow) C:\Program Files (x86)\Rockwell Software\RSView Enterprise\VStudio.exe
FirewallRules: [{1C15193B-7BCE-4097-AB6E-1E99E64D302E}] => (Allow) LPort=80
FirewallRules: [{06286918-D857-4A42-BBC1-DB14F4071BD7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3BA23419-F3D6-46A1-8347-B391EE25142B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{361BE2C2-8CC5-4482-AA44-BFA21F5A7EF1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{659703E6-015E-4050-BC8A-9102D35D2B31}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
FirewallRules: [{22E47433-2531-4024-B490-DDEEC5563201}] => (Allow) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
FirewallRules: [{1EFB5ECB-BFE2-4728-91EB-FD6E8CEFF705}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Logix Designer\ENU\v24\Bin\LogixDesigner.Exe
FirewallRules: [{6FF70DE0-D8C1-41C6-AEAD-D5E134D95EEE}] => (Allow) C:\Program Files (x86)\Rockwell Software\Studio 5000\Logix Designer\ENU\v24\Bin\LogixDesigner.Exe
FirewallRules: [{4ACAF3E1-4465-4E74-90C5-0AC0AEBB96D8}] => (Allow) C:\Program Files (x86)\Avaya\Avaya Microsoft Lync 2013 Integration\Lync2013Addin.exe
FirewallRules: [TCP Query User{4E4CF10C-8A34-40A6-AF38-CC2C93934EDB}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe
FirewallRules: [UDP Query User{6B338591-2636-4F2F-8A36-875EEE693535}C:\program files (x86)\logmein ignition\lmiignition.exe] => (Allow) C:\program files (x86)\logmein ignition\lmiignition.exe
FirewallRules: [TCP Query User{73DB45DC-23A3-4E20-8E10-9C6D1FB6DE5A}C:\program files\microsoft office 15\root\office15\lync.exe] => (Allow) C:\program files\microsoft office 15\root\office15\lync.exe
FirewallRules: [UDP Query User{5A64DDDF-9A89-4A61-9EFD-D6B0960BACD8}C:\program files\microsoft office 15\root\office15\lync.exe] => (Allow) C:\program files\microsoft office 15\root\office15\lync.exe
FirewallRules: [TCP Query User{E6B0B86F-E14C-468E-8E98-9711B1088272}C:\program files\moxa\mgate manager\mgatemanager64.exe] => (Allow) C:\program files\moxa\mgate manager\mgatemanager64.exe
FirewallRules: [UDP Query User{E8C6E688-3D7B-42FA-BA43-482805A5EFF8}C:\program files\moxa\mgate manager\mgatemanager64.exe] => (Allow) C:\program files\moxa\mgate manager\mgatemanager64.exe
FirewallRules: [TCP Query User{1B4A1D8B-CE90-4ABA-8E0C-048AC13F641F}C:\program files\modbus tools\modbus slave\mbslave.exe] => (Allow) C:\program files\modbus tools\modbus slave\mbslave.exe
FirewallRules: [UDP Query User{0542B22F-5257-4C26-A202-454F9C52D481}C:\program files\modbus tools\modbus slave\mbslave.exe] => (Allow) C:\program files\modbus tools\modbus slave\mbslave.exe
FirewallRules: [TCP Query User{328416B1-24E7-4A87-B374-F0AF3F7319AC}C:\program files (x86)\rockwell software\studio 5000\logix designer\enu\v24\bin\logixdesigner.exe] => (Allow) C:\program files (x86)\rockwell software\studio 5000\logix designer\enu\v24\bin\logixdesigner.exe
FirewallRules: [UDP Query User{F593C67C-3B9B-40CF-B69F-54FDF824B21F}C:\program files (x86)\rockwell software\studio 5000\logix designer\enu\v24\bin\logixdesigner.exe] => (Allow) C:\program files (x86)\rockwell software\studio 5000\logix designer\enu\v24\bin\logixdesigner.exe
FirewallRules: [TCP Query User{D625E1AF-A0D6-41B2-BA87-CE31D074974E}C:\program files (x86)\rockwell software\rslinx\rslinx.exe] => (Allow) C:\program files (x86)\rockwell software\rslinx\rslinx.exe
FirewallRules: [UDP Query User{1878DF5D-0E85-44E2-99D5-13F2DC72AA90}C:\program files (x86)\rockwell software\rslinx\rslinx.exe] => (Allow) C:\program files (x86)\rockwell software\rslinx\rslinx.exe
FirewallRules: [TCP Query User{1E82AB25-4160-4DD0-AF90-DAAB58C5B97F}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [UDP Query User{6023D066-843E-45F7-875C-B9F33FAD6D23}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [{24C13F62-34B0-4D23-93A2-86AE37A61E40}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{F2A28EB8-D2A1-461D-BF16-DCAFBBBBEC5D}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{CF112790-D4B0-4062-9BB4-A86477AFE9B6}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{3564D473-93A8-4978-9853-92EB739054E0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{B06DC8A3-930F-433D-945E-FCCD08E24213}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{2858053D-A053-4B62-A794-B2D9EF759F5A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{DDD90D99-EBE7-46EB-81EA-8F980F55C79A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{2D86AAB9-21BA-4F31-8B5C-22205346F8A0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{8F84831A-146A-4A21-9B88-10135B8519B3}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{811B4FE3-FAA9-4355-B4F6-8E46B8B398AC}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{B99C28BB-5C80-433A-9B36-317424847CD6}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{FE7A0288-0CC5-4D32-8880-7763AFA77D03}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{0EDFEF94-64B6-4531-AD7C-36EE9AEEE5CD}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{1AB7EE23-83E5-47C1-9BF2-052497C351C2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{2571C652-8F68-499B-83FE-78D89DA1DA4D}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{622AD691-F309-40D9-B2B7-1A1984D4A0E8}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7AF978C7-ED08-42B6-B0DE-C096719DB97B}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5CF41C19-1953-468C-BF2F-A6989CED8A03}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{040CC798-6493-455E-A082-64A529A7CEFB}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{581BBB63-0D40-427A-B7C5-BEAAB8837B01}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1ED9AF8-B5D1-4D1E-8523-39F45B3C645C}] => (Allow) C:\Users\aschreiner\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{8A196ABC-B2EC-44E2-B19F-1562385E7E77}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [UDP Query User{F6A8183D-695A-43B3-A34D-C62C7A41D4F3}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [{AE25275F-6114-4869-98C4-D211D81212A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E029C856-72D5-48FB-B463-5B010017021C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5DE2BA5D-D9B1-4E94-9F32-807E6FACCD75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{51C2BAD1-9C46-45D6-A392-2F0F0ECD14BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{62891688-A246-49F9-92EF-AF4CFCC054D2}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\51.0.2704.7\remoting_host.exe
FirewallRules: [{BA67448A-DA95-48D2-AC1C-2B2DB9734A0B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3D9F016D-9A96-4BFD-BB11-3716CF237BDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Sentinel64
Description: Sentinel64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Sentinel64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2016 09:35:36 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/27/2016 09:27:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/27/2016 09:27:02 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/25/2016 04:27:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 159745

Error: (06/25/2016 04:27:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 159745

Error: (06/25/2016 04:27:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:27:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 144425

Error: (06/25/2016 04:27:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 144425

Error: (06/25/2016 04:27:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/25/2016 04:26:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 129418


System errors:
=============
Error: (06/27/2016 09:11:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (85000 milliseconds) was reached while waiting for a transaction response from the FTActivationBoost service.

Error: (06/25/2016 04:26:59 PM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (06/25/2016 04:24:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (85000 milliseconds) was reached while waiting for a transaction response from the FTActivationBoost service.

Error: (06/25/2016 02:55:23 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain BMCD due to the following: 
%%1311 = There are currently no logon servers available to service the logon request.


This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (06/25/2016 02:51:16 PM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (06/25/2016 02:49:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/25/2016 02:47:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (85000 milliseconds) was reached while waiting for a transaction response from the FTActivationBoost service.

Error: (06/25/2016 11:29:34 AM) (Source: TermService) (EventID: 1067) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (06/25/2016 11:26:43 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (06/25/2016 11:26:35 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (85000 milliseconds) was reached while waiting for a transaction response from the FTActivationBoost service.


CodeIntegrity:
===================================
  Date: 2016-06-27 09:28:52.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-24 10:42:04.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-23 08:40:21.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 17:21:39.959
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 13:51:09.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 16:03:48.376
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-13 08:43:11.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-08 13:28:15.571
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 14:20:28.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-06 11:42:19.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
Percentage of memory in use: 45%
Total physical RAM: 15999.36 MB
Available physical RAM: 8719.3 MB
Total Virtual: 31996.89 MB
Available Virtual: 22868.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:27.44 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (1st Birthday ) (CDROM) (Total:0.06 GB) (Free:0 GB) UDF
Drive e: () (Removable) (Total:29.7 GB) (Free:18.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 63BBAAF1)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Please let me know if there is any other information needed.

 

Thanks in advance for the help.


  • 0

Advertisements

#2
dbreeze
Posted 01 July 2016 - 04:42 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts
According to GeeksToGo's TermsOfUse (which I would think that you are familiar with since you have so many posts here), we usually do not support any Business owned systems (as this really should be handled by the Business's IT department).  However, in this one case, I will try and help you out.
 
Actually the real problem with proceeding with the usual fixes is that System Restore has been disabled on the machine.  IF anything were to 'run amuck' then there is no way to return to the previous working condition.  Also, I notice that you are not the Administrator of this system; that makes it very hard for some of the fixes to run.
 
Let us start with this first.  This is just a scan to see if it finds anything in the Browser's User Profiles.  Please follow the steps and we should be fine as this is only scanning for now.
 
 
AdwCleaner by Xplode
 
Download AdwCleaner from here or from here. Save the file to the desktop.
 
 
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
 
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
  • You will see the following console:
     
    AdwCleaner_v5016_zpsf8ln0fea.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
  • Click the Report button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R#].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.
Thank you. Do you have any questions?
  • 0

#3
dbreeze
Posted 06 July 2016 - 03:44 PM

dbreeze

    Trusted Helper

  • Malware Removal
  • 2,216 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP