Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen of Death


  • This topic is locked This topic is locked
45 replies to this topic

#1 j_699

j_699

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 19 June 2014 - 12:11 PM

After the computer is idle about an hour the blue screen of death appears. It says:  IRQL_NOT_LESS_OR_EQUAL then below that it says:  STOP: 0X0000000A
I did a system restore to the last restore point before this happened the first time but that didn't change anything. If I stay busy at the computer the screen does not appear. Please help! Here are the log files you asked for. Thanks for your help!
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.51.2
Run by Joe at 16:11:52 on 2014-06-10
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.16341.12116 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
C:\PROGRA~2\GFI\GFIBAC~1\GFIHInst.exe
C:\PROGRA~2\GFI\GFIBAC~1\GFIHSC~1.EXE
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\JCI\FXWorkbench-4.1\bin\niagarad.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_13_0_0_214_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: TBSB05810 Class: {A7AF277D-1466-4A7B-93AF-B043984A5671} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Glarysoft Toolbar: {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Glarysoft Toolbar: {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [GFI Backup 2009 - Home Edition] "C:\PROGRA~2\GFI\GFIBAC~1\GFIAgent.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://client.logis.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{80699EC9-9A81-4338-A00A-B81546B96109} : DHCPNameServer = 192.168.0.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-6-4 17600]
R0 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-14 20672]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys [2014-5-20 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys [2014-5-20 1148120]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [2014-6-9 1530160]
R1 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys [2014-5-20 162392]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2010-7-14 87600]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140608.001\IDSviA64.sys [2014-6-9 525016]
R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-3-27 91352]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys [2014-5-20 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys [2014-5-20 593112]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2014-6-3 173792]
R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-11-30 163840]
R2 GFIBckHAtt;GFI Backup 2009 - Home Edition Attendant Service;C:\PROGRA~2\GFI\GFIBAC~1\GFIHInst.exe [2013-1-23 858480]
R2 GFIBckHSched;GFI Backup 2009 - Home Edition Scheduler Service;C:\PROGRA~2\GFI\GFIBAC~1\GFIHSC~1.EXE [2013-1-23 2324848]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-13 13336]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-2-2 628448]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-13 189608]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2012-5-21 212984]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-3-27 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-3-27 860472]
R2 Niagara;Niagara;C:\JCI\FXWorkbench-4.1\bin\niagarad.exe [2013-3-6 246096]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe [2014-5-20 276376]
R2 SWGVCSvc;SonicWALL Global VPN Client Service;C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe [2009-3-6 284696]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-13 363800]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2012-12-10 479224]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2011-7-1 1600000]
R2 wgsslvpnsrc;WatchGuard SSLVPN Service;C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [2014-5-21 101376]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-21 137648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-3-27 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-3-27 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-3-27 63704]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-7-13 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-7-13 181248]
S1 SWIPsec;SonicWALL IPsec Driver;C:\Windows\System32\drivers\SWIPsec.sys [2013-3-6 99352]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2012/07/13 00:48:07;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-11-29 248304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 acsock;acsock;C:\Windows\System32\drivers\acsock64.sys [2012-6-7 112080]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-14 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-9 111616]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SWVNIC;SonicWALL Virtual Miniport;C:\Windows\System32\drivers\SWVNIC.sys [2009-3-4 24600]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-13 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-15 30208]
S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\System32\drivers\vpcuxd.sys [2012-7-13 16384]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-20 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]
S4 RsFx0151;RsFx0151 Driver;C:\Windows\System32\drivers\RsFx0151.sys [2011-6-17 313696]
.
=============== Created Last 30 ================
.
2014-06-04 13:20:22 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-06-04 13:20:22 118048 ----a-w- C:\Windows\System32\BootDefrag.exe
2014-06-03 20:21:27 -------- d-----w- C:\Users\Joe\AppData\Local\Dell Edoc Viewer
2014-06-03 19:02:08 10993664 ----a-w- C:\ProgramData\Microsoft\BingDesktop\Updater\BingDesktop.msi
2014-05-27 13:03:12 -------- d-----w- C:\Windows\System32\0419
2014-05-27 13:03:12 -------- d-----w- C:\Windows\System32\0410
2014-05-27 13:03:12 -------- d-----w- C:\Windows\System32\040E
2014-05-27 13:03:12 -------- d-----w- C:\Windows\System32\040B
2014-05-27 13:02:43 -------- d-----w- C:\ProgramData\Downloaded Installations
2014-05-21 13:36:29 -------- d-----w- C:\Program Files (x86)\WatchGuard
2014-05-21 08:05:42 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-21 08:05:41 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-20 13:57:59 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-20 13:57:59 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-20 13:51:13 -------- d-----w- C:\NPE
2014-05-20 13:49:05 -------- d-----w- C:\Users\Joe\AppData\Local\NPE
2014-05-20 13:45:47 593112 ----a-w- C:\Windows\System32\drivers\NISx64\1503000.00C\symnets.sys
2014-05-20 13:45:46 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1503000.00C\symelam.sys
2014-05-20 13:45:46 1148120 ----a-w- C:\Windows\System32\drivers\NISx64\1503000.00C\symefa64.sys
2014-05-20 13:45:45 875736 ----a-w- C:\Windows\System32\drivers\NISx64\1503000.00C\srtsp64.sys
2014-05-20 13:45:45 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1503000.00C\symds64.sys
2014-05-20 13:45:45 36952 ----a-r- C:\Windows\System32\drivers\NISx64\1503000.00C\srtspx64.sys
2014-05-20 13:45:45 264280 ----a-r- C:\Windows\System32\drivers\NISx64\1503000.00C\ironx64.sys
2014-05-20 13:45:45 162392 ----a-w- C:\Windows\System32\drivers\NISx64\1503000.00C\ccsetx64.sys
2014-05-20 13:45:34 -------- d-----w- C:\Windows\System32\drivers\NISx64\1503000.00C
2014-05-14 12:55:44 20672 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-05-14 12:55:37 -------- d-----w- C:\Program Files (x86)\Glary Utilities 5
.
==================== Find3M  ====================
.
2014-06-10 20:45:37 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-14 19:37:33 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 19:37:33 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-12 12:26:10 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-12 12:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 12:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:19:05 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:12:06 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-01 03:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-04-01 03:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 16:12:26.52 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/20/2012 1:42:18 PM
System Uptime: 6/10/2014 1:06:43 PM (3 hours ago)
.
Motherboard: Dell Inc. | | 06NWYK
Processor: Intel® Xeon® CPU E31270 @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 465 GiB total, 310.153 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: SonicWALL Virtual NIC
Device ID: ROOT\SWVNIC\0000
Manufacturer: SonicWALL
Name: SonicWALL Virtual NIC
PNP Device ID: ROOT\SWVNIC\0000
Service: SWVNIC
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: SonicWALL IPsec Driver
Device ID: ROOT\LEGACY_SWIPSEC\0000
Manufacturer:
Name: SonicWALL IPsec Driver
PNP Device ID: ROOT\LEGACY_SWIPSEC\0000
Service: SWIPsec
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\5&216F40F0&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\5&216F40F0&0
Service: i8042prt
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Device ID: ROOT\NET\0001
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
PNP Device ID: ROOT\NET\0001
Service: vpnva
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco Systems VPN Adapter for 64-bit Windows
Device ID: ROOT\NET\0002
Manufacturer: Cisco Systems
Name: Cisco Systems VPN Adapter for 64-bit Windows
PNP Device ID: ROOT\NET\0002
Service: CVirtA
.
==== System Restore Points ===================
.
RP204: 5/27/2014 7:56:50 AM - Dell Updates
RP205: 5/27/2014 8:02:56 AM - Installed Renesas Electronics USB 3.0 Host Controller Driver
RP206: 5/29/2014 8:57:29 AM - Restore Operation
.
==== Installed Programs ======================
.
Adobe Acrobat X Standard - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Reader XI (11.0.07)
Belimo SelectPro
Bing Bar
Bing Desktop
BioAPI Framework
Broadcom NetXtreme-I Netlink Driver and Management Installer
CCleaner
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
Cisco Systems VPN Client 5.0.07.0440
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Custom
CyberLink PowerDVD 9.5
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Client System Update
Dell Data Protection | Access
Dell Data Protection | Access | Drivers
Dell Data Protection | Access | Middleware
Dell Edoc Viewer
DellAccess
DIRcalc 1.22
EMBASSY Security Center
FileHippo.com Update Checker
FX-PCT
Gemalto
GFI Backup 2009 - Home Edition
Glary Utilities 5.1
Glarysoft Toolbar
Google Chrome
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Intel® Control Center
Intel® Identity Protection Technology 1.2.27.0
Intel® Management Engine Components
Intel® Network Connections 16.8.45.00
Intel® Rapid Storage Technology
Intel® Trusted Connect Service Client
Java 7 Update 51
Java Auto Updater
Johnson Controls FX-PCT 6.0.0.9000
Johnson Controls ZigBee Field Router (Driver Removal)
Junk Mail filter update
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Standard 2007
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Report Viewer Redistributable 2008 (KB971119)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client
Microsoft SQL Server 2008 R2 Policies
Microsoft SQL Server 2008 R2 RsFx Driver
Microsoft SQL Server 2008 R2 Setup (English)
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Browser
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Movie Maker
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Niagara-3.3.31
Niagara-3.5.34
Niagara-3.6.47
Norton Internet Security
NTRU TCG Software Stack
NVIDIA Display Control Panel
NVIDIA Graphics Driver 266.87
NVIDIA HD Audio Driver 1.1.13.1
NVIDIA Install Application
NVIDIA nView 135.60
NVIDIA nView Desktop Manager
PC-CCID
Photo Common
Photo Gallery
Preboot Manager
Private Information Manager
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SonicWALL Global VPN Client
SPBA 5.9
SQL Server 2008 R2 SP1 Common Files
SQL Server 2008 R2 SP1 Database Engine Services
SQL Server 2008 R2 SP1 Database Engine Shared
SQL Server 2008 R2 SP1 Management Studio
Sql Server Customer Experience Improvement Program
Trusted Drive Manager
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Upek Touchchip Fingerprint Reader
WatchGuard Mobile VPN with SSL client 11.3.5
Wave Infrastructure Installer
Wave Support Software Installer
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
6/9/2014 7:28:04 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
6/9/2014 7:28:04 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
6/9/2014 1:32:09 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff8a000363d38, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e8425b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060914-24897-01.
6/3/2014 8:05:23 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff8a000361568, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e8725b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 060314-22822-01.
6/10/2014 8:57:45 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff8a0003614f8, 0x0000000000000002, 0x0000000000000000, 0xfffff80002ed025b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061014-17378-01.
6/10/2014 1:07:26 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SWIPsec
6/10/2014 1:07:16 PM, Error: Service Control Manager [7001] - The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error: The operation completed successfully.
6/10/2014 1:07:13 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0xfffff8a000360888, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e7b25b). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 061014-24757-01.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 24 June 2014 - 08:34 AM.
Posted Attach.txt


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 24 June 2014 - 08:33 AM

Greetings j_699 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run the below for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

BlueScreenView

----------
  • Download BlueScreenView and save it to your desktop
  • Double click the BlueScreenView.exe file then click OK
  • Select Run, Next, then Next again
  • Click Install
  • When the scanning is complete, select Edit and Select All
  • Then click File and Save Selected Items
  • Save the report as BSOD.txt
  • Open BSOD.txt in Notepad, copy the entire content and paste it into your next reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • BSOD.txt
  • Attached System Summary Information

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 25 June 2014 - 08:41 AM

Gary,

 

Here are the logs you requested.

 

Thanks,

Joe

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-06-2014
Ran by Joe (administrator) on JOE-PC on 25-06-2014 08:13:22
Running from C:\Users\Joe\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
() C:\JCI\FXWorkbench-4.1\bin\niagarad.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SonicWALL, Inc.) C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
() C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\nis.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2010-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [257392 2011-05-27] (Wave Systems Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112408 2012-01-19] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [75048 2011-11-29] (cyberlink)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-12] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-2170330597-544982255-2113717361-1000\...\Run: [GFI Backup 2009 - Home Edition] => C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIAgent.exe [2195824 2010-07-30] (GFI Software Ltd.)
HKU\S-1-5-21-2170330597-544982255-2113717361-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-28] (Google Inc.)
HKU\S-1-5-21-2170330597-544982255-2113717361-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-06-16] (Glarysoft Ltd)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: EnabledUnlockedFDEIconOverlay -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: UninitializedFdeIconOverlay -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {81FD6D6E-BB60-4BF6-A7CD-F4F4AF93653B} URL =
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TBSB05810 Class - {A7AF277D-1466-4A7B-93AF-B043984A5671} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll ()
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://client.logis.org/CACHE/stc/1/binaries/vpnweb.cab
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-07-13]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1051\FirefoxExtension
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\coFFPlgn [2014-06-25]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\IPSFF [2013-10-09]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-18]
CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (Google Search) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Norton Identity Protection) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-01-18]
CHR Extension: (Google Wallet) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-05-20]

==================== Services (Whitelisted) =================

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [248304 2011-11-29] (CyberLink)
R2 GFIBckHAtt; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe [858480 2010-07-30] (GFI Software Ltd.)
R2 GFIBckHSched; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe [2324848 2010-07-30] (GFI Software Ltd.)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
R2 Niagara; C:\JCI\FXWorkbench-4.1\bin\niagarad.exe [246096 2013-03-06] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.) [File not signed]
R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [101376 2011-12-15] () [File not signed]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-02] (Glarysoft Ltd)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1503000.00C\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-05-14] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\IPSDefs\20140623.001\IDSvia64.sys [525016 2014-05-28] (Symantec Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [1980648 2010-10-04] (Realtek Semiconductor Corp.)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140624.001\ENG64.SYS [126040 2014-05-29] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.2.1\Definitions\VirusDefs\20140624.001\EX64.SYS [2099288 2014-05-29] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1503000.00C\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1503000.00C\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-25 08:13 - 2014-06-25 08:13 - 00028166 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-06-25 08:13 - 2014-06-25 08:13 - 00000000 ____D () C:\FRST
2014-06-25 08:12 - 2014-06-25 08:12 - 02082816 _____ (Farbar) C:\Users\Joe\Desktop\FRST64.exe
2014-06-25 08:09 - 2014-06-25 08:09 - 00000000 _____ () C:\Windows\invcol.tmp
2014-06-23 15:25 - 2014-06-23 15:26 - 00292816 _____ () C:\Windows\Minidump\062314-30030-01.dmp
2014-06-23 15:25 - 2014-06-23 15:25 - 1093084081 _____ () C:\Windows\MEMORY.DMP
2014-06-23 11:06 - 2014-06-23 11:06 - 00000000 ____D () C:\Users\Joe\Downloads\UnlimitedJCEPolicyJDK7
2014-06-23 11:04 - 2014-06-23 11:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-23 10:59 - 2014-06-23 10:59 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-23 10:41 - 2014-06-23 10:42 - 00007426 _____ () C:\Users\Joe\Downloads\UnlimitedJCEPolicyJDK7.zip
2014-06-23 10:37 - 2014-06-23 10:37 - 00000000 ____D () C:\Users\Joe\Downloads\jce_policy-8
2014-06-23 10:36 - 2014-06-23 10:36 - 00008409 _____ () C:\Users\Joe\Downloads\jce_policy-8.zip
2014-06-23 10:30 - 2014-06-23 11:00 - 00000000 ____D () C:\Program Files\Java
2014-06-23 10:30 - 2014-06-23 10:59 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-23 10:30 - 2014-06-23 10:59 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-23 10:30 - 2014-06-23 10:59 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-23 08:21 - 2014-06-25 07:58 - 00000280 _____ () C:\Windows\setupact.log
2014-06-23 08:21 - 2014-06-23 08:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-18 08:07 - 2014-06-18 09:35 - 00000000 ____D () C:\Users\Joe\AppData\Local\Adobe
2014-06-11 15:42 - 2014-06-11 15:42 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-11 15:42 - 2014-06-11 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-11 08:58 - 2014-05-30 05:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:58 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:58 - 2014-05-30 05:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 08:58 - 2014-05-30 04:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:58 - 2014-05-30 04:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:58 - 2014-05-30 04:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 08:58 - 2014-05-30 04:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 08:58 - 2014-05-30 04:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:58 - 2014-05-30 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 08:58 - 2014-05-30 04:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:58 - 2014-05-30 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:58 - 2014-05-30 04:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 08:58 - 2014-05-30 04:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 08:58 - 2014-05-30 04:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:58 - 2014-05-30 04:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 08:58 - 2014-05-30 04:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:58 - 2014-05-30 04:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:58 - 2014-05-30 04:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:58 - 2014-05-30 03:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 08:58 - 2014-05-30 03:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 08:58 - 2014-05-30 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:58 - 2014-05-30 03:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:58 - 2014-05-30 03:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:58 - 2014-05-30 03:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 08:58 - 2014-05-30 03:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 08:58 - 2014-05-30 03:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:58 - 2014-05-30 03:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 08:58 - 2014-05-30 03:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:58 - 2014-05-30 03:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 08:58 - 2014-05-30 03:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:58 - 2014-05-30 03:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:58 - 2014-05-30 03:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:58 - 2014-05-30 03:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 08:58 - 2014-05-30 03:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 08:58 - 2014-05-30 03:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:58 - 2014-05-30 03:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:58 - 2014-05-30 03:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 08:58 - 2014-05-30 03:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 08:58 - 2014-05-30 03:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:58 - 2014-05-30 03:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:58 - 2014-05-30 02:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:58 - 2014-05-30 02:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:58 - 2014-05-30 02:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:58 - 2014-05-30 02:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 08:58 - 2014-05-30 02:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:58 - 2014-05-30 02:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:58 - 2014-05-30 02:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:58 - 2014-05-30 02:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:58 - 2014-05-30 02:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:58 - 2014-05-30 02:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:58 - 2014-05-30 02:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 08:58 - 2014-05-30 02:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 08:58 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 08:58 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 08:58 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:58 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:58 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:58 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 08:58 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:58 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:58 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 08:58 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 08:58 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:58 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 08:58 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 08:58 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 08:55 - 2014-06-08 04:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 08:55 - 2014-06-08 04:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-10 16:12 - 2014-06-10 16:12 - 00027678 _____ () C:\Users\Joe\Desktop\dds.txt
2014-06-10 16:12 - 2014-06-10 16:12 - 00014373 _____ () C:\Users\Joe\Desktop\attach.txt
2014-06-10 16:00 - 2014-06-10 16:09 - 00688992 ____R (Swearware) C:\Users\Joe\Downloads\dds.com
2014-06-04 08:20 - 2014-06-18 07:56 - 00000234 _____ () C:\BackupLoader.ini
2014-06-04 08:20 - 2014-06-02 20:26 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-06-04 08:20 - 2014-06-02 20:05 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-06-03 15:21 - 2014-06-03 15:21 - 00000000 ____D () C:\Users\Joe\AppData\Local\Dell Edoc Viewer
2014-05-29 09:44 - 2014-05-29 09:44 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\0419
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\0410
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\040E
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\040B
2014-05-27 08:02 - 2014-05-27 08:02 - 00000000 ____D () C:\ProgramData\Downloaded Installations

==================== One Month Modified Files and Folders =======

2014-06-25 08:13 - 2014-06-25 08:13 - 00028166 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-06-25 08:13 - 2014-06-25 08:13 - 00000000 ____D () C:\FRST
2014-06-25 08:12 - 2014-06-25 08:12 - 02082816 _____ (Farbar) C:\Users\Joe\Desktop\FRST64.exe
2014-06-25 08:09 - 2014-06-25 08:09 - 00000000 _____ () C:\Windows\invcol.tmp
2014-06-25 08:09 - 2012-07-13 00:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-25 08:08 - 2012-07-20 13:44 - 00000000 ____D () C:\Windows\System32\Tasks\Dell
2014-06-25 08:06 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-25 08:06 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-25 08:03 - 2012-07-13 00:25 - 01802549 _____ () C:\Windows\WindowsUpdate.log
2014-06-25 08:00 - 2012-07-23 09:34 - 00000000 ____D () C:\Users\Joe\Documents\Outlook Files
2014-06-25 07:59 - 2014-05-14 07:55 - 00000328 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-06-25 07:59 - 2014-05-14 07:55 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-06-25 07:59 - 2012-08-28 08:04 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 07:58 - 2014-06-23 08:21 - 00000280 _____ () C:\Windows\setupact.log
2014-06-25 07:58 - 2012-08-28 08:04 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 07:58 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-24 16:46 - 2012-07-25 15:03 - 00000000 ___RD () C:\Users\Joe\Desktop\Ricoh Scans
2014-06-24 09:31 - 2012-07-27 11:04 - 00003910 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E949781-BB70-485C-9266-F47B9125A5C0}
2014-06-23 15:50 - 2012-07-20 13:43 - 00000000 ___RD () C:\Users\Joe\Virtual Machines
2014-06-23 15:26 - 2014-06-23 15:25 - 00292816 _____ () C:\Windows\Minidump\062314-30030-01.dmp
2014-06-23 15:25 - 2014-06-23 15:25 - 1093084081 _____ () C:\Windows\MEMORY.DMP
2014-06-23 15:25 - 2012-12-21 00:05 - 00000000 ____D () C:\Windows\Minidump
2014-06-23 11:28 - 2012-09-07 10:31 - 00000000 ____D () C:\Users\Joe\AppData\Local\CrashDumps
2014-06-23 11:06 - 2014-06-23 11:06 - 00000000 ____D () C:\Users\Joe\Downloads\UnlimitedJCEPolicyJDK7
2014-06-23 11:04 - 2014-06-23 11:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-23 11:04 - 2014-06-23 11:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-23 11:04 - 2014-01-24 14:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-23 11:04 - 2012-08-08 09:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-23 11:00 - 2014-06-23 10:30 - 00000000 ____D () C:\Program Files\Java
2014-06-23 10:59 - 2014-06-23 10:59 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-23 10:59 - 2014-06-23 10:30 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-23 10:59 - 2014-06-23 10:30 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-23 10:59 - 2014-06-23 10:30 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-23 10:42 - 2014-06-23 10:41 - 00007426 _____ () C:\Users\Joe\Downloads\UnlimitedJCEPolicyJDK7.zip
2014-06-23 10:37 - 2014-06-23 10:37 - 00000000 ____D () C:\Users\Joe\Downloads\jce_policy-8
2014-06-23 10:36 - 2014-06-23 10:36 - 00008409 _____ () C:\Users\Joe\Downloads\jce_policy-8.zip
2014-06-23 08:21 - 2014-06-23 08:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-18 15:47 - 2014-01-28 11:06 - 00000000 ____D () C:\Users\Joe\Documents\2014 Docs
2014-06-18 14:54 - 2012-08-28 08:04 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 14:54 - 2012-08-28 08:04 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 09:35 - 2014-06-18 08:07 - 00000000 ____D () C:\Users\Joe\AppData\Local\Adobe
2014-06-18 08:03 - 2014-05-14 07:55 - 00002964 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-06-18 08:03 - 2014-05-14 07:55 - 00002616 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-06-18 08:03 - 2014-05-14 07:55 - 00001094 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-06-18 08:03 - 2014-05-14 07:55 - 00001082 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-18 08:01 - 2012-07-13 00:27 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-18 08:01 - 2012-07-13 00:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-18 08:01 - 2012-07-13 00:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-18 07:56 - 2014-06-04 08:20 - 00000234 _____ () C:\BackupLoader.ini
2014-06-16 13:36 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-12 15:27 - 2014-03-27 15:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 17:25 - 2013-07-26 09:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 17:23 - 2012-07-20 15:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-11 17:23 - 2012-07-20 14:38 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 17:22 - 2014-04-30 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 15:42 - 2014-06-11 15:42 - 00004430 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-11 15:42 - 2014-06-11 15:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-10 16:12 - 2014-06-10 16:12 - 00027678 _____ () C:\Users\Joe\Desktop\dds.txt
2014-06-10 16:12 - 2014-06-10 16:12 - 00014373 _____ () C:\Users\Joe\Desktop\attach.txt
2014-06-10 16:09 - 2014-06-10 16:00 - 00688992 ____R (Swearware) C:\Users\Joe\Downloads\dds.com
2014-06-08 04:13 - 2014-06-11 08:55 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 04:08 - 2014-06-11 08:55 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 11:22 - 2012-08-09 14:12 - 00000000 ____D () C:\Users\Joe\Documents\2012 Docs
2014-06-03 15:21 - 2014-06-03 15:21 - 00000000 ____D () C:\Users\Joe\AppData\Local\Dell Edoc Viewer
2014-06-03 14:57 - 2013-03-26 16:04 - 00000000 ____D () C:\Users\Joe\AppData\Local\Windows Live
2014-06-02 20:26 - 2014-06-04 08:20 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-06-02 20:05 - 2014-06-04 08:20 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-05-30 05:21 - 2014-06-11 08:58 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 05:02 - 2014-06-11 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 05:02 - 2014-06-11 08:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 04:45 - 2014-06-11 08:58 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 04:39 - 2014-06-11 08:58 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 04:39 - 2014-06-11 08:58 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 04:38 - 2014-06-11 08:58 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 04:28 - 2014-06-11 08:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 04:27 - 2014-06-11 08:58 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 04:24 - 2014-06-11 08:58 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 04:21 - 2014-06-11 08:58 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 04:21 - 2014-06-11 08:58 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 04:20 - 2014-06-11 08:58 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 04:18 - 2014-06-11 08:58 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 04:11 - 2014-06-11 08:58 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 04:08 - 2014-06-11 08:58 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 04:06 - 2014-06-11 08:58 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 04:02 - 2014-06-11 08:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 03:55 - 2014-06-11 08:58 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 03:49 - 2014-06-11 08:58 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 03:46 - 2014-06-11 08:58 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 03:44 - 2014-06-11 08:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 03:44 - 2014-06-11 08:58 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 03:43 - 2014-06-11 08:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 03:42 - 2014-06-11 08:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 03:38 - 2014-06-11 08:58 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 03:35 - 2014-06-11 08:58 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 03:34 - 2014-06-11 08:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 03:33 - 2014-06-11 08:58 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 03:30 - 2014-06-11 08:58 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 03:29 - 2014-06-11 08:58 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 03:28 - 2014-06-11 08:58 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 03:27 - 2014-06-11 08:58 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 03:24 - 2014-06-11 08:58 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 03:23 - 2014-06-11 08:58 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 03:16 - 2014-06-11 08:58 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 03:10 - 2014-06-11 08:58 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 03:06 - 2014-06-11 08:58 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 03:04 - 2014-06-11 08:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 03:02 - 2014-06-11 08:58 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 02:56 - 2014-06-11 08:58 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 02:56 - 2014-06-11 08:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 02:54 - 2014-06-11 08:58 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 02:50 - 2014-06-11 08:58 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 02:49 - 2014-06-11 08:58 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 02:43 - 2014-06-11 08:58 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 02:40 - 2014-06-11 08:58 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 02:30 - 2014-06-11 08:58 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 02:21 - 2014-06-11 08:58 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 02:15 - 2014-06-11 08:58 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 02:13 - 2014-06-11 08:58 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 02:13 - 2014-06-11 08:58 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 09:44 - 2014-05-29 09:44 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-29 09:44 - 2014-03-27 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-29 09:44 - 2014-03-27 15:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-29 09:33 - 2014-02-24 18:03 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-05-29 09:33 - 2014-02-24 18:03 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-29 09:01 - 2012-07-20 13:42 - 00000000 ____D () C:\Users\Joe
2014-05-29 08:59 - 2014-05-14 07:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-05-29 08:59 - 2012-08-20 10:41 - 00000000 ____D () C:\ProgramData\Norton
2014-05-29 08:59 - 2012-07-20 13:42 - 00000000 ____D () C:\ProgramData\Dell
2014-05-29 08:59 - 2012-07-13 02:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-29 08:59 - 2010-11-21 02:06 - 00000000 ____D () C:\Windows\system32\0409
2014-05-29 08:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-05-29 08:59 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Help
2014-05-29 08:58 - 2012-07-20 15:16 - 00000000 __RHD () C:\MSOCache
2014-05-28 16:03 - 2013-08-07 16:01 - 00000029 _____ () C:\Users\Joe\CCTRecentFiles
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\0419
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\0410
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\040E
2014-05-27 08:03 - 2014-05-27 08:03 - 00000000 ____D () C:\Windows\system32\040B
2014-05-27 08:02 - 2014-05-27 08:02 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-05-27 07:59 - 2012-07-13 02:20 - 00000000 ____D () C:\ProgramData\NVIDIA

Files to move or delete:
====================
C:\Users\Joe\CTX.DAT

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-11 13:42

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Joe at 2014-06-25 08:14:03
Running from C:\Users\Joe\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Belimo SelectPro (HKLM-x32\...\{C2171084-EB98-4729-BA48-E6181808F465}) (Version: 2.0.89 - Smartware Technologies)
Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0C518F4B-8D5A-47A6-A1E2-B3F371486118}) (Version: 15.2.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4822 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.1.4822 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.002 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
DellAccess (Version: 01.01.00.072 - Wave Systems Corp.) Hidden
DIRcalc 1.22 (HKLM-x32\...\DIRcalc 1.22) (Version:  - )
EMBASSY Security Center (Version: 04.03.00.121 - Wave Systems Corp.) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FX-PCT (x32 Version: 6.0.0.9000 - Johnson Controls, Inc.) Hidden
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GFI Backup 2009 - Home Edition (HKLM-x32\...\GFI Backup 2009 - Home Edition) (Version: 3.0 - GFI Software Ltd.)
Glary Utilities 5.2 (HKLM-x32\...\Glary Utilities 5) (Version: 5.2.0.5 - Glarysoft Ltd)
Glarysoft Toolbar (HKLM-x32\...\Glarysoft Toolbar) (Version: 1.2.0 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.2.27.0 (HKLM-x32\...\{F109D156-577D-101B-A622-CF4351943AA4}) (Version: 1.2.27.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel® Network Connections 16.8.45.00 (HKLM\...\PROSetDX) (Version: 16.8.45.00 - Dell)
Intel® Network Connections 16.8.45.00 (Version: 16.8.45.00 - Dell) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Johnson Controls FX-PCT 6.0.0.9000 (HKLM-x32\...\Metasys PCT) (Version: 6.0.0.9000 - Johnson Controls, Inc.)
Johnson Controls ZigBee Field Router (Driver Removal) (HKLM-x32\...\JCIZCOMM&2426&0102) (Version:  - Johnson Controls)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Standard 2007 (HKLM-x32\...\VISSTDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Niagara-3.3.31 (HKLM-x32\...\Niagara-3.3.31) (Version:  - )
Niagara-3.5.34 (HKLM-x32\...\Niagara-3.5.34) (Version:  - )
Niagara-3.6.47 (HKLM-x32\...\Niagara-3.6.47) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
NTRU TCG Software Stack (Version: 2.1.36 - Security Innovation, Inc.) Hidden
NVIDIA Display Control Panel (Version: 6.14.12.6687 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 266.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 266.87 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA nView 135.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.60 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.13560 - NVIDIA Corporation) Hidden
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Preboot Manager (Version: 03.03.00.074 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.01.00.022 - Wave Systems Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5883 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SonicWALL Global VPN Client (HKLM\...\{5E2D889D-FAFC-4E76-A851-3695ABA1A76F}) (Version: 4.2.6 - SonicWALL)
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Trusted Drive Manager (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISSTDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISSTDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISSTDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISSTDR_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
WatchGuard Mobile VPN with SSL client 11.3.5 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version:  - WatchGuard)
Wave Infrastructure Installer (Version: 07.67.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.033 - Wave Systems Corp) Hidden
Windows Driver Package - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {33983A1E-496B-40D7-B41F-3E9660905D91} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3A38D93E-43FA-4673-917A-CF37142AD069} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-06-16] (Glarysoft Ltd)
Task: {3EEAEB28-CAB7-453D-9B3A-25C5D17E9B54} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {4DC9F9F6-F1CC-4E16-BB5D-224CE6AA0BEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-18] (Adobe Systems Incorporated)
Task: {55B0A96B-5F4F-47F9-A536-D8D6A1083696} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: {655B7C27-12D1-4829-9F97-57064F4D0EEE} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-06-16] (Glarysoft Ltd)
Task: {6E8A75C1-8848-4330-BDC3-003C79C12FF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-28] (Google Inc.)
Task: {81CB39C5-57A0-4B73-8ED7-D5F8F00329BB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-10] (Symantec Corporation)
Task: {827658BD-2361-4510-AE7F-401CFE7EA67E} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {D3BEB167-E07C-4129-BB42-CD65E255615C} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {FD01ED48-8255-40C6-8CB1-3CE3F7C7D3CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-06 13:26 - 2013-03-06 13:26 - 00246096 _____ () C:\JCI\FXWorkbench-4.1\bin\niagarad.exe
2014-05-21 08:36 - 2011-12-15 22:03 - 00101376 _____ () C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-03-06 13:26 - 2013-03-06 13:26 - 00429568 _____ () C:\JCI\FXWorkbench-4.1\bin\platform.dll
2013-03-06 13:26 - 2013-03-06 13:26 - 00045056 _____ () C:\JCI\FXWorkbench-4.1\bin\nre.dll
2013-03-06 13:26 - 2013-03-06 13:26 - 00102400 _____ () C:\JCI\FXWorkbench-4.1\bin\zlibwapi.dll
2013-03-06 13:26 - 2013-03-06 13:26 - 00151552 _____ () C:\JCI\FXWorkbench-4.1\bin\dialup.dll
2013-03-06 13:26 - 2013-03-06 13:26 - 00035328 _____ () C:\JCI\FXWorkbench-4.1\bin\ddns.dll
2014-06-16 03:37 - 2014-06-16 03:37 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-06-04 08:27 - 2014-06-03 13:13 - 00131800 _____ () C:\Users\Joe\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.3.470\wallpaper.dll
2012-08-27 10:11 - 2012-02-21 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-05-08 06:21 - 2014-05-08 06:21 - 02897280 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-02-13 04:31 - 2014-02-13 04:31 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\82f383a4d239eb434e37b408bec087f6\IsdiInterop.ni.dll
2012-07-13 00:39 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: SonicWALL IPsec Driver
Description: SonicWALL IPsec Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SWIPsec
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (06/25/2014 07:59:23 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/24/2014 02:11:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/24/2014 09:24:03 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/23/2014 03:27:11 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/23/2014 11:24:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VMWindow.exe, version: 6.1.7601.17514, time stamp: 0x4ce7b2e6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x6894
Faulting application start time: 0xVMWindow.exe0
Faulting application path: VMWindow.exe1
Faulting module path: VMWindow.exe2
Report Id: VMWindow.exe3

Error: (06/23/2014 08:31:28 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location \\JOE-PC\Users\Joe\Backup\. The error is: The system cannot find the file specified. (0x80070002).

Error: (06/23/2014 08:22:24 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (06/23/2014 08:22:22 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/23/2014 08:22:22 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/23/2014 08:22:22 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (06/25/2014 07:59:12 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SWIPsec

Error: (06/25/2014 07:58:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (06/24/2014 02:11:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SWIPsec

Error: (06/24/2014 02:11:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (06/24/2014 09:23:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SWIPsec

Error: (06/24/2014 09:23:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (06/23/2014 03:26:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SWIPsec

Error: (06/23/2014 03:26:02 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0xfffff8a0003607e0, 0x0000000000000002, 0x0000000000000000, 0xfffff80002e5eeaa)C:\Windows\MEMORY.DMP062314-30030-01

Error: (06/23/2014 03:26:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.36 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (06/23/2014 03:25:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:15:58 PM on ‎6/‎23/‎2014 was unexpected.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 16341.02 MB
Available physical RAM: 12606.84 MB
Total Pagefile: 32680.21 MB
Available Pagefile: 28521.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:314.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 97CC3EA8)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

==================================================
Dump File         : 062314-30030-01.dmp
Crash Time        : 6/23/2014 2:16:16 PM
Bug Check String  : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x0000000a
Parameter 1       : fffff8a0`003607e0
Parameter 2       : 00000000`00000002
Parameter 3       : 00000000`00000000
Parameter 4       : fffff800`02e5eeaa
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   :
Stack Address 2   :
Stack Address 3   :
Computer Name     :
Full Path         : C:\Windows\Minidump\062314-30030-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 292,816
Dump File Time    : 6/23/2014 3:26:02 PM
==================================================

 

 

Attached Files



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 25 June 2014 - 09:05 AM

Hi Joe,

Thanks for the information. Please do these things.

FYI, I will be away from my computer for several hours but upon my return I will review what you have posted.

===================================================

Please download and run Microsoft Fix it 50688 to fix a non-malware related technical issue with Windows.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {81FD6D6E-BB60-4BF6-A7CD-F4F4AF93653B} URL =
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} -  No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
C:\Users\Joe\CTX.DAT
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Uploading Minidump File

--------------------
  • Using Windows Explorer please navigate to the following location:

C:\Windows\Minidump\062314-30030-01.dmp

  • Zip the file
  • Upload the file here
  • I will be automatically notified when the file has been successfully uploaded
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Uploaded Minidump file

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 25 June 2014 - 09:55 AM

Gary,

 

Here is the fix log but when I try to zip the mini dump file I get a pop up box that says "file not found or no read permission" so I can't upload it.

 

Thanks,

Joe

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-06-2014
Ran by Joe at 2014-06-25 09:20:27 Run:1
Running from C:\Users\Joe\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {81FD6D6E-BB60-4BF6-A7CD-F4F4AF93653B} URL =
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} -  No File
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
C:\Users\Joe\CTX.DAT
*****************

'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3' => Key deleted successfully.
'HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}'=> Key not found.
'HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3' => Key deleted successfully.
'HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{81FD6D6E-BB60-4BF6-A7CD-F4F4AF93653B}' => Key deleted successfully.
'HKCR\CLSID\{81FD6D6E-BB60-4BF6-A7CD-F4F4AF93653B}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
'HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32D47EA5-9473-4CAD-805D-9999F15D5AE2} => value deleted successfully.
'HKCR\CLSID\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}'=> Key not found.
'HKCR\PROTOCOLS\Handler\tmpx' => Key deleted successfully.
'HKCR\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23}'=> Key not found.
'HKCR\Wow6432Node\PROTOCOLS\Handler\tmpx'=> Key not found.
'HKCR\Wow6432Node\CLSID\{0E526CB5-7446-41D1-A403-19BFE95E8C23}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=euc-jp' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=ISO-8859-1' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS936' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS949' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS950' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF-8' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF8' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=euc-jp' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=ISO-8859-1' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS936' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS949' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS950' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF-8' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF8' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
'HKCR\PROTOCOLS\Filter\ica' => Key deleted successfully.
'HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC}'=> Key not found.
C:\Users\Joe\CTX.DAT => Moved successfully.

==== End of Fixlog ====



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 25 June 2014 - 02:09 PM

Can you see the file?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 25 June 2014 - 02:21 PM

The Minidump folder has a padlock on it but I can see the file inside the folder.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 25 June 2014 - 04:54 PM

Thank you.

Do this and then see if you can access/upload it.

===================================================

GrantPerms by Farbar

--------------------
  • Download Grantperms (32 bit systems) or Grantperms64 (64 bit systems) and save it to your desktop
  • Unzip the file and launch the program
  • Copy and paste the following in the edit box:

C:\Windows\Minidump

  • Click Unlock. When it is done click OK
  • Click List Permissions and copy/paste the results of the Perms.txt document.
  • A copy of Perms.txt will be saved in the same directory the tool is run.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Perms.txt
  • Uploaded Minidump file

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 26 June 2014 - 03:01 PM

Here is the perms.txt document

 

GrantPerms by Farbar
Ran by Joe (administrator) at 2014-06-26 14:41:53

===============================================
\\?\C:\Windows\Minidump

   Owner: BUILTIN\Administrators

   DACL(P)(AI):
   BUILTIN\Administrators   FULL   ALLOW   (CI)(OI)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (CI)(OI)
   BUILTIN\Users   READ/EXECUTE   ALLOW   (CI)(OI)

 

================ End Of List ================

 

I had to copy and past the minidump file to the desktop before it would let me zip it, again saying "no file found or no read permission". Also I'm finding with java in internet explorer some "Application Blocked by Security Settings" pop up and says contact system administrator when I am the only administrator on this computer.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 26 June 2014 - 03:07 PM

Thanks,

Please do these things.

===================================================

Farbar's Recovery Scan Tool Search

--------------------
  • Launch FRST
  • Copy/paste the following in the Search Field
cng.sys
  • Click Search File(s) button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Windows Repair (All in One)

--------------------
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Download Windows Repair (All in One) and save it to your desktop
  • Double click the icon and select Run
  • Continually click Next, then Finish
  • Note: If you are unable to complete one of the steps simply continue on with the next step
  • Go to Step 3 and allow it to run See if Check Disk is Needed by clicking on the Check button:
  • If your see Errors Found On The Drive! Check Disk Is Needed click Do It in the Check Disk (If Needed) box
  • Go to Step 4 and click Do It under System File Check
  • Go to Step 5 and click Create under System Restore, then Backup under Registry Backup
  • Go to Start Repairs tab and click Start button.
  • Please make sure the following items are checked

Reset Registry Permissions
Reset File Permissions
Reset Service Permissions
Register System Files
Repair WMI
Repair Internet Explorer
Remove Policies Set By Infections
Repair Icons
Remove Temp Files
Unhide Non System Files
Repar MSI (Windows Installer)
Repair File Associations
Restore Important Windows Services
Set Windows Services To Default Startup

  • Click on box next to the Restart/Shutdown System when Finished
  • Click on Restart System
  • Click on Start
  • Your computer will reboot upon completion
  • Using Windows Explorer navigate to the following file

C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs

  • Copy and paste the contents of the log in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Search results
  • Windows All in One log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 27 June 2014 - 11:32 AM

Gary,

 

Here is the Search.txt and All In One log.  Thanks, Joe

 

Farbar Recovery Scan Tool (x64) Version: 25-06-2014
Ran by Joe at 2014-06-26 15:36:25
Running from C:\Users\Joe\Desktop
Boot Mode: Normal

================== Search Files: "cng.sys" =============

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\cng.sys
[2013-11-12 23:21][2013-07-09 01:26] 0458704 ____A (Microsoft Corporation) 29F5E6D593ED5CAC96B0889FD6CF555B [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\cng.sys
[2013-11-12 23:21][2013-07-09 01:26] 0458704 ____A (Microsoft Corporation) 29F5E6D593ED5CAC96B0889FD6CF555B [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\cng.sys
[2012-11-15 11:31][2012-08-24 12:53] 0458712 ____A (Microsoft Corporation) D50B14C87DDD0068BFF6F103A7A0FFEE [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\cng.sys
[2012-07-13 02:15][2012-07-13 02:15] 0459232 ____A (Microsoft Corporation) D584A6204D791C4475E4B397EF713C44 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\cng.sys
[2013-11-12 23:21][2013-07-04 07:18] 0458712 ____A (Microsoft Corporation) EBF28856F69CF094A902F884CF989706 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\cng.sys
[2013-11-12 23:21][2013-07-04 07:18] 0458712 ____A (Microsoft Corporation) EBF28856F69CF094A902F884CF989706 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\cng.sys
[2012-11-15 11:31][2012-08-24 13:09] 0458712 ____A (Microsoft Corporation) AAFCB52FE0037207FB6FBEA070D25EFE [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\cng.sys
[2012-07-13 02:15][2012-07-13 02:15] 0459232 ____A (Microsoft Corporation) C4943B6C962E4B82197542447AD599F4 [File is signed]

C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\cng.sys
[2010-11-20 22:24][2010-11-20 22:24] 0459248 ____A (Microsoft Corporation) D5FEA92400F12412B3922087C09DA6A5 [File is signed]

C:\Windows\System32\drivers\cng.sys
[2013-11-12 23:21][2013-07-04 07:18] 0458712 ____A (Microsoft Corporation) EBF28856F69CF094A902F884CF989706 [File is signed]

====== End Of Search ======

 

 

Attached Files



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:30 AM

Posted 27 June 2014 - 11:44 AM

Unfortunately I can not open the zipped files. Can you copy and paste the information?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 27 June 2014 - 12:59 PM

There are 13 files in the folder. Here are 10 of them with the last 3 to follow.

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Joe\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
 0 percent complete. (0 of 206848 file records processed)    
 1 percent complete. (20685 of 206848 file records processed)    
 2 percent complete. (41370 of 206848 file records processed)    
 3 percent complete. (62055 of 206848 file records processed)    
 4 percent complete. (82740 of 206848 file records processed)    
 5 percent complete. (103424 of 206848 file records processed)    
 6 percent complete. (124109 of 206848 file records processed)    
 7 percent complete. (144794 of 206848 file records processed)    
 8 percent complete. (165479 of 206848 file records processed)    
 9 percent complete. (186164 of 206848 file records processed)    
  206848 file records processed.                                        

File verification completed.
  471 large file records processed.                                  

  0 bad file records processed.                                    

  2 EA records processed.                                          

  44 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
11 percent complete. (6993 of 274884 index entries processed)   
12 percent complete. (14158 of 274884 index entries processed)   
13 percent complete. (21323 of 274884 index entries processed)   
14 percent complete. (28488 of 274884 index entries processed)   
15 percent complete. (35653 of 274884 index entries processed)   
16 percent complete. (42818 of 274884 index entries processed)   
17 percent complete. (49983 of 274884 index entries processed)   
18 percent complete. (57148 of 274884 index entries processed)   
19 percent complete. (64313 of 274884 index entries processed)   
20 percent complete. (71478 of 274884 index entries processed)   
21 percent complete. (78643 of 274884 index entries processed)   
22 percent complete. (85808 of 274884 index entries processed)   
23 percent complete. (92973 of 274884 index entries processed)   
24 percent complete. (100138 of 274884 index entries processed)   
25 percent complete. (107303 of 274884 index entries processed)   
26 percent complete. (114468 of 274884 index entries processed)   
27 percent complete. (121633 of 274884 index entries processed)   
28 percent complete. (128798 of 274884 index entries processed)   
29 percent complete. (135963 of 274884 index entries processed)   
30 percent complete. (143128 of 274884 index entries processed)   
31 percent complete. (150293 of 274884 index entries processed)   
32 percent complete. (157458 of 274884 index entries processed)   
33 percent complete. (164624 of 274884 index entries processed)   
34 percent complete. (171789 of 274884 index entries processed)   
35 percent complete. (178954 of 274884 index entries processed)   
36 percent complete. (186119 of 274884 index entries processed)   
37 percent complete. (193284 of 274884 index entries processed)   
38 percent complete. (200449 of 274884 index entries processed)   
38 percent complete. (207324 of 274884 index entries processed)   
39 percent complete. (207614 of 274884 index entries processed)   
39 percent complete. (208953 of 274884 index entries processed)   
39 percent complete. (209332 of 274884 index entries processed)   
39 percent complete. (209953 of 274884 index entries processed)   
39 percent complete. (210667 of 274884 index entries processed)   
39 percent complete. (211848 of 274884 index entries processed)   
39 percent complete. (213136 of 274884 index entries processed)   
39 percent complete. (214081 of 274884 index entries processed)   
40 percent complete. (214779 of 274884 index entries processed)   
40 percent complete. (216066 of 274884 index entries processed)   
40 percent complete. (216907 of 274884 index entries processed)   
40 percent complete. (217623 of 274884 index entries processed)   
40 percent complete. (218897 of 274884 index entries processed)   
40 percent complete. (220312 of 274884 index entries processed)   
40 percent complete. (221263 of 274884 index entries processed)   
40 percent complete. (221670 of 274884 index entries processed)   
41 percent complete. (221944 of 274884 index entries processed)   
41 percent complete. (222671 of 274884 index entries processed)   
41 percent complete. (223378 of 274884 index entries processed)   
41 percent complete. (223566 of 274884 index entries processed)   
41 percent complete. (223955 of 274884 index entries processed)   
41 percent complete. (224520 of 274884 index entries processed)   
41 percent complete. (225336 of 274884 index entries processed)   
41 percent complete. (225867 of 274884 index entries processed)   
41 percent complete. (227208 of 274884 index entries processed)   
41 percent complete. (227962 of 274884 index entries processed)   
41 percent complete. (228972 of 274884 index entries processed)   
42 percent complete. (229109 of 274884 index entries processed)   
42 percent complete. (229901 of 274884 index entries processed)   
42 percent complete. (230437 of 274884 index entries processed)   
42 percent complete. (231096 of 274884 index entries processed)   
42 percent complete. (231722 of 274884 index entries processed)   
42 percent complete. (232417 of 274884 index entries processed)   
42 percent complete. (232862 of 274884 index entries processed)   
42 percent complete. (233257 of 274884 index entries processed)   
42 percent complete. (233789 of 274884 index entries processed)   
42 percent complete. (234464 of 274884 index entries processed)   
Index entry SYMEFA1.DB in index $I30 of file 144066 is incorrect.
42 percent complete. (235221 of 274884 index entries processed)   
42 percent complete. (235687 of 274884 index entries processed)   
43 percent complete. (236274 of 274884 index entries processed)   
43 percent complete. (236448 of 274884 index entries processed)   
43 percent complete. (236989 of 274884 index entries processed)   
43 percent complete. (237466 of 274884 index entries processed)   
43 percent complete. (238015 of 274884 index entries processed)   
43 percent complete. (238730 of 274884 index entries processed)   
43 percent complete. (239211 of 274884 index entries processed)   
43 percent complete. (239703 of 274884 index entries processed)   
43 percent complete. (240249 of 274884 index entries processed)   
43 percent complete. (240560 of 274884 index entries processed)   
  274884 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>

 

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Joe\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
9 percent complete. (186164 of 206848 file records processed)    
206848 file records processed.                                        

File verification completed.
  471 large file records processed.                                  

  0 bad file records processed.                                    

2 EA records processed.                                          

  44 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
11 percent complete. (6993 of 274884 index entries processed)   
12 percent complete. (14158 of 274884 index entries processed)   
13 percent complete. (21323 of 274884 index entries processed)   
14 percent complete. (28488 of 274884 index entries processed)   
15 percent complete. (35653 of 274884 index entries processed)   
42 percent complete. (234464 of 274884 index entries processed)   
Index entry SYMEFA1.DB in index $I30 of file 144066 is incorrect.
43 percent complete. (240560 of 274884 index entries processed)   
274884 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>

 

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Professional
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: JOE-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Joe
Current Profile SID: S-1-5-21-2170330597-544982255-2113717361-1000
Current Profile Classes: S-1-5-21-2170330597-544982255-2113717361-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Joe\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:45:38

Process Count: 83
Commit Total: 2.72 GB
Commit Limit: 31.91 GB
Commit Peak: 3.28 GB
Handle Count: 26276
Kernel Total: 734.51 MB
Kernel Paged: 581.19 MB
Kernel Non Paged: 153.32 MB
System Cache: 6.90 GB
Thread Count: 954
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.96 GB
Memory Used: 2.49 GB(15.6258%)
Memory Avail.: 13.46 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 15.96 GB
Memory Used: 2.18 GB(13.6659%)
Memory Avail.: 13.78 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Start (6/27/2014 10:04:41 AM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (6/27/2014 10:04:48 AM)
   Running Repair Under Current User Account
   Done (6/27/2014 10:04:57 AM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (6/27/2014 10:04:57 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:08:25 AM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (6/27/2014 10:08:25 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:09:32 AM)

02 - Reset File Permissions: C:
   C: & Sub Folders
   Start (6/27/2014 10:09:32 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:13:13 AM)

02 - Reset File Permissions: All Profiles
   C:\Users & Sub Folders
   Start (6/27/2014 10:13:13 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:15:19 AM)

02 - Reset File Permissions: Current Profile
   C:\Users\Joe & Sub Folders
   Start (6/27/2014 10:15:19 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:17:04 AM)

02 - Reset File Permissions: Cleanup
   Repairing Restricted Folders Permissions To Avoid Infinite Loops
   Start (6/27/2014 10:17:05 AM)
   Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\dub_cm_auto\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\dub_cm_auto\Cookies>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Cookies> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Local Settings>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Local Settings> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\My Documents>
Reading the SD from <\\?\C:\Users\dub_cm_auto\My Documents> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\NetHood>
Reading the SD from <\\?\C:\Users\dub_cm_auto\NetHood> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\PrintHood>
Reading the SD from <\\?\C:\Users\dub_cm_auto\PrintHood> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Recent>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Recent> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\SendTo>
Reading the SD from <\\?\C:\Users\dub_cm_auto\SendTo> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Start Menu>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Start Menu> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Templates>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Templates> failed with: The system cannot find the file specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\dub_cm_auto\AppData\Local\Application Data> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\AppData\Local\History>
Reading the SD from <\\?\C:\Users\dub_cm_auto\AppData\Local\History> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\AppData\Local\Temporary Internet Files>
Reading the SD from <\\?\C:\Users\dub_cm_auto\AppData\Local\Temporary Internet Files> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Documents\My Music>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Documents\My Music> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Documents\My Pictures> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\dub_cm_auto\Documents\My Videos>
Reading the SD from <\\?\C:\Users\dub_cm_auto\Documents\My Videos> failed with: The system cannot find the path specified.

SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\Joe\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Joe\Documents\My Videos>

SetACL finished successfully.
   Done (6/27/2014 10:17:13 AM)

03 - Reset Service Permissions
   Start (6/27/2014 10:17:13 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:17:22 AM)

04 - Register System Files
   Start (6/27/2014 10:17:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:17:39 AM)

05 - Repair WMI
   Start (6/27/2014 10:17:39 AM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Norton Internet Security Exported.

   Exporting AntiSpyware Info...
   Norton Internet Security Exported.
   Windows Defender Exported.

   Exporting 3rd Party Firewall Info...
   Norton Internet Security Exported.

   Running Repair Under Current User Account
   Done (6/27/2014 10:18:43 AM)

06 - Repair Windows Firewall
   Start (6/27/2014 10:18:43 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:19:27 AM)

07 - Repair Internet Explorer
   Start (6/27/2014 10:19:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:19:51 AM)

08 - Repair MDAC/MS Jet
   Start (6/27/2014 10:19:51 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:19:58 AM)

09 - Repair Hosts File
   Start (6/27/2014 10:19:58 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:20:00 AM)

10 - Remove Policies Set By Infections
   Start (6/27/2014 10:20:00 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:20:05 AM)

11 - Repair Start Menu Icons Removed By Infections
   Start (6/27/2014 10:20:05 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:20:07 AM)

12 - Repair Icons
   Start (6/27/2014 10:20:07 AM)
   Running Repair Under Current User Account
   Done (6/27/2014 10:20:09 AM)

13 - Repair Winsock & DNS Cache
   Start (6/27/2014 10:20:09 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:20:30 AM)

14 - Remove Temp Files
   Start (6/27/2014 10:20:30 AM)
   Running Repair Under System Account
   Done (6/27/2014 10:20:33 AM)

15 - Repair Proxy Settings
   Start (6/27/2014 10:20:33 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:20:37 AM)

16 - Unhide Non System Files
   Start (6/27/2014 10:20:37 AM)
   C:\ - Total Files Unhidden: 488 - Check Unhidden_Files.txt for list of files unhidden
   Done (6/27/2014 10:21:05 AM)

17 - Repair Windows Updates
   Start (6/27/2014 10:21:05 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:26 AM)

18 - Repair CD/DVD Missing/Not Working
   Start (6/27/2014 10:21:26 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (6/27/2014 10:21:26 AM)

19 - Repair Volume Shadow Copy Service
   Start (6/27/2014 10:21:26 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:31 AM)

20 - Repair Windows Sidebar/Gadgets
   Start (6/27/2014 10:21:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:35 AM)

21 - Repair MSI (Windows Installer)
   Start (6/27/2014 10:21:35 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:44 AM)

22 - Repair Windows Snipping Tool
   Start (6/27/2014 10:21:44 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:49 AM)

23.01 - Repair bat Association
   Start (6/27/2014 10:21:49 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:21:58 AM)

23.02 - Repair cmd Association
   Start (6/27/2014 10:21:58 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:02 AM)

23.03 - Repair com Association
   Start (6/27/2014 10:22:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:07 AM)

23.04 - Repair Directory Association
   Start (6/27/2014 10:22:07 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:12 AM)

23.05 - Repair Drive Association
   Start (6/27/2014 10:22:12 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:16 AM)

23.06 - Repair exe Association
   Start (6/27/2014 10:22:16 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:21 AM)

23.07 - Repair Folder Association
   Start (6/27/2014 10:22:21 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:26 AM)

23.08 - Repair inf Association
   Start (6/27/2014 10:22:26 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:35 AM)

23.09 - Repair lnk (Shortcuts) Association
   Start (6/27/2014 10:22:35 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:39 AM)

23.10 - Repair msc Association
   Start (6/27/2014 10:22:39 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:44 AM)

23.11 - Repair reg Association
   Start (6/27/2014 10:22:44 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:49 AM)

23.12 - Repair scr Association
   Start (6/27/2014 10:22:49 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:53 AM)

24 - Repair Windows Safe Mode
   Start (6/27/2014 10:22:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:22:58 AM)

25 - Repair Print Spooler
   Start (6/27/2014 10:22:58 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:23:11 AM)

26 - Restore Important Windows Services
   Start (6/27/2014 10:23:11 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:23:24 AM)

27 - Set Windows Services To Default Startup
   Start (6/27/2014 10:23:24 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/27/2014 10:23:29 AM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

Cleaning up empty logs...

All Selected Repairs Done.
   Done (6/27/2014 10:23:29 AM)
   Total Repair Time: 00:18:50

...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account

 

 

Deleted file - C:\Users\Joe\AppData\Local\Temp\AdobeARM.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR2BC1.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR5ACC.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR658A.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR6ED8.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR7DD6.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR8577.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVR895A.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVRB309.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVRBD46.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVRC63B.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVRF5A4.tmp.cvr
Deleted file - C:\Users\Joe\AppData\Local\Temp\CVRFE1C.tmp.cvr
C:\Users\Joe\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Joe\AppData\Local\Temp\JavaDeployReg.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\java_install.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\java_install_reg.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\java_install_sp.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\jinstall.cfg
Deleted file - C:\Users\Joe\AppData\Local\Temp\Joe.bmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\jusched.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\RD169.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\RDE15C.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\RDF4BC.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\RIAF5.BIN
Deleted file - C:\Users\Joe\AppData\Local\Temp\StructuredQuery.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\~autoupdate.dat
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF032FE3355BBE846B.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF0B352EC331393D65.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF195A40C43AA1E50F.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF1ECC43391C288160.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF21E259BEB505677D.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF2660EF903345F334.TMP
C:\Users\Joe\AppData\Local\Temp\~DF2CA2DC46E55EC775.TMP
The process cannot access the file because it is being used by another process.
C:\Users\Joe\AppData\Local\Temp\~DF38A517AD49C2904E.TMP
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF39ACEF40E6DA4962.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF478F44886A02A640.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF48824341EC0CC3F8.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF4D1EDEA86CE28CC9.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF4EECCBC879F13574.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF52D2605FCB61C0B3.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF574502E1AD189485.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF638BB04CEEB69E91.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF70E946083ED88F5F.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF711C23627B8934EE.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF75F7A0F6CF8F5202.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF7ACA8563ED2560BE.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF7FA4A4C6DDEBB349.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF84488F1DCFBFB646.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF86D3E749B0A6B98D.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF8BFE6583B7B83C84.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF8DE3B6412693AF1A.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF927730E2F9FC8AA8.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF9CB7DDA25F7F2416.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DF9F61B4ABD2FECE54.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFA636F3D6C49DAFAE.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFB01C0E1FA3706163.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFB34E18F2F73B6F07.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFB6345A931BA76538.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFCC618DA4465A71F6.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFD7963923EFD43DDC.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFE561D424C8E7677F.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFE6611580CDDC95BB.TMP
C:\Users\Joe\AppData\Local\Temp\~DFE6F7F5CAE66AB759.TMP
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFE80C262979C84DB5.TMP
C:\Users\Joe\AppData\Local\Temp\~DFEC07642CBDD3BE42.TMP
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFF5997FFA1258D6FD.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFF646D679915F4871.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~DFFF1FF3522E4A080A.TMP
Deleted file - C:\Users\Joe\AppData\Local\Temp\~gu3-ver.dat
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PI1674.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PI4A6.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PI88F2.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PIB256.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PID3DD.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PIE5CA.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~PIF641.tmp
Deleted file - C:\Users\Joe\AppData\Local\Temp\~upgrade.dat
Deleted file - C:\Users\Joe\AppData\Local\Temp\Low\JavaDeployReg.log
Deleted file - C:\Users\Joe\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml
Deleted file - C:\Users\Joe\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx
Deleted file - C:\Users\Joe\AppData\Local\Temp\PreLoad\Standard.Update.png
Deleted file - C:\Users\Joe\AppData\Local\Temp\TCD7B4B.tmp\CleanGradient.thmx
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[029] M-210.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[030] M-300.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[031] M-400.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[032] M-500.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[033] M-501.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[034] M-600.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[035] M-601.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_c070aa6f-cff1-432d-87d4-9d12f1361ce6.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[036] M-602.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[029] M-210.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[030] M-300.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[031] M-400.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[032] M-500.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[033] M-501.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[034] M-600.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[035] M-601.00.PDF
Deleted file - C:\Users\Joe\AppData\Local\Temp\Temp1_f0585f3c-3e5e-407f-855a-3a10954bc891.zip\H&M_#US388 - Burnsville Center - Burnsville, MN (Pricing)_(01) First Issue\[036] M-602.00.PDF
C:\Users\Joe\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
C:\Users\Joe\AppData\Local\Temp\~DF2CA2DC46E55EC775.TMP - The process cannot access the file because it is being used by another process.
C:\Users\Joe\AppData\Local\Temp\~DF38A517AD49C2904E.TMP - The process cannot access the file because it is being used by another process.
C:\Users\Joe\AppData\Local\Temp\~DFE6F7F5CAE66AB759.TMP - The process cannot access the file because it is being used by another process.
C:\Users\Joe\AppData\Local\Temp\~DFEC07642CBDD3BE42.TMP - The process cannot access the file because it is being used by another process.
Deleted file - C:\Windows\Temp\fwtsqmfile00.sqm
Deleted file - C:\Windows\Temp\fwtsqmfile01.sqm
Deleted file - C:\Windows\Temp\fwtsqmfile02.sqm
Deleted file - C:\Windows\Temp\fwtsqmfile03.sqm
Deleted file - C:\Windows\Temp\FXSAPIDebugLogFile.txt
Deleted file - C:\Windows\Temp\FXSTIFFDebugLogFile.txt
Deleted file - C:\Windows\Temp\GoogleToolbarInstaller1.log

 

 

Could Not Find C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\iconcache*.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1024.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db
Deleted file - C:\Users\Joe\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db

 

 

[SC] ChangeServiceConfig SUCCESS
The Windows Installer service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Installer service is starting.
The Windows Installer service was started successfully.

[SC] ChangeServiceConfig SUCCESS
The Windows Installer service is stopping.
The Windows Installer service was stopped successfully.

The Windows Installer service is starting.
The Windows Installer service was started successfully.

 

 

The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

 

 

The Windows Firewall service is stopping.
The Windows Firewall service was stopped successfully.

The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The following services are dependent on the Base Filtering Engine service.
Stopping the Base Filtering Engine service will also stop these services.

   IPsec Policy Agent
   IKE and AuthIP IPsec Keying Modules

The IPsec Policy Agent service is stopping...
The IPsec Policy Agent service was stopped successfully.

The IKE and AuthIP IPsec Keying Modules service is stopping.
The IKE and AuthIP IPsec Keying Modules service was stopped successfully.

The Base Filtering Engine service is stopping.
The Base Filtering Engine service was stopped successfully.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Base Filtering Engine service is starting.
The Base Filtering Engine service was started successfully.

The Internet Connection Sharing (ICS) service is starting.
The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

The Windows Firewall service is starting.
The Windows Firewall service was started successfully.

The Windows Firewall service is stopping.
The Windows Firewall service was stopped successfully.

The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The following services are dependent on the Base Filtering Engine service.
Stopping the Base Filtering Engine service will also stop these services.

   IPsec Policy Agent
   IKE and AuthIP IPsec Keying Modules

The IPsec Policy Agent service is stopping...
The IPsec Policy Agent service was stopped successfully.

The IKE and AuthIP IPsec Keying Modules service is stopping.
The IKE and AuthIP IPsec Keying Modules service was stopped successfully.

The Base Filtering Engine service is stopping.
The Base Filtering Engine service was stopped successfully.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Base Filtering Engine service is starting.
The Base Filtering Engine service was started successfully.

The Internet Connection Sharing (ICS) service is starting.
The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

The Windows Firewall service is starting.
The Windows Firewall service was started successfully.

 

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Cryptographic Services service is stopping..
The Cryptographic Services service was stopped successfully.

The Background Intelligent Transfer Service service is stopping..
The Background Intelligent Transfer Service service was stopped successfully.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Deleted file - C:\Windows\SoftwareDistribution\ReportingEvents.log
Deleted file - C:\Windows\SoftwareDistribution\AuthCabs\authcab.cab
Deleted file - C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\authcab.cab
Deleted file - C:\Windows\SoftwareDistribution\AuthCabs\Redir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
Deleted file - C:\Windows\SoftwareDistribution\AuthCabs\Redir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab
Deleted file - C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00180.log
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00181.log
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edb00182.log
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00001.jrs
Deleted file - C:\Windows\SoftwareDistribution\DataStore\Logs\edbres00002.jrs
Deleted file - C:\Windows\SoftwareDistribution\Download\14d19c27b28cc3990260d7191f6e0ff6c7483623
Deleted file - C:\Windows\SoftwareDistribution\Download\c3248eb572cb5f82e63ce9c6d73cfbf39b1052ae
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\wsus3setup.cab
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.mum
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\wuident.cab
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\wuident.txt
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\WuPackages.xml
Deleted file - C:\Windows\SoftwareDistribution\SelfUpdate\Handler\WuSetupHandler.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muredir.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\muv4muredir.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\v6-legacy-muredir.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\7971F918-A847-4430-9279-4A52D1EFE18D\wuredir.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\muv4wuredir.cab
Deleted file - C:\Windows\SoftwareDistribution\WuRedir\9482F4B4-E343-43B6-B170-9A65BC822C77\wuredir.cab
Deleted file - C:\Windows\system32\catroot2\dberr.txt
Deleted file - C:\Windows\system32\catroot2\edb.chk
Deleted file - C:\Windows\system32\catroot2\edb.log
Deleted file - C:\Windows\system32\catroot2\edb00667.log
Deleted file - C:\Windows\system32\catroot2\edbres00001.jrs
Deleted file - C:\Windows\system32\catroot2\edbres00002.jrs
Deleted file - C:\Windows\system32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
Deleted file - C:\Windows\system32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
Deleted file - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
Deleted file - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
Deleted file - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TM.blf
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
The process cannot access the file because it is being used by another process.
Deleted file - C:\Windows\system32\config\txr\{3b52b4e5-e023-11e3-9d39-5cf9dd75b28e}.TxR.0.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{3b52b4e5-e023-11e3-9d39-5cf9dd75b28e}.TxR.1.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{3b52b4e5-e023-11e3-9d39-5cf9dd75b28e}.TxR.2.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{3b52b4e5-e023-11e3-9d39-5cf9dd75b28e}.TxR.blf
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.0.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.1.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.2.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.blf
The process cannot access the file because it is being used by another process.
Deleted file - C:\Windows\system32\config\txr\{d7c688c8-e01e-11e3-a018-5cf9dd75b28e}.TM.blf
Deleted file - C:\Windows\system32\config\txr\{d7c688c8-e01e-11e3-a018-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\config\txr\{d7c688c8-e01e-11e3-a018-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{1dd58ac4-d29a-11e1-8440-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{1dd58ac4-d29a-11e1-8440-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{1dd58ac4-d29a-11e1-8440-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3517158c-d2a4-11e1-98e1-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3517158c-d2a4-11e1-98e1-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3517158c-d2a4-11e1-98e1-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{351716f0-d2a4-11e1-98e1-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{351716f0-d2a4-11e1-98e1-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{351716f0-d2a4-11e1-98e1-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3ce47617-e543-11e1-be16-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3ce47617-e543-11e1-be16-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{3ce47617-e543-11e1-be16-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{40781906-6bd7-11e3-a26f-5cf9dd75b28e}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{40781906-6bd7-11e3-a26f-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{40781906-6bd7-11e3-a26f-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{5631ab9f-16c5-11e2-8691-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{5631ab9f-16c5-11e2-8691-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{5631ab9f-16c5-11e2-8691-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{802a8d1d-0720-11e2-87ed-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{802a8d1d-0720-11e2-87ed-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{802a8d1d-0720-11e2-87ed-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{846ee3d3-7039-11de-9d20-001d09fa5a1c}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{94c25e1d-ccad-11e1-be2e-001018e33bc0}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{94c25e1d-ccad-11e1-be2e-001018e33bc0}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{94c25e1d-ccad-11e1-be2e-001018e33bc0}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{ab5622dc-3671-11e3-b0cf-5cf9dd75b28e}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{ab5622dc-3671-11e3-b0cf-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{ab5622dc-3671-11e3-b0cf-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cbec1c9d-dd10-11e2-b8db-5cf9dd75b28e}.TM.blf
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cbec1c9d-dd10-11e2-b8db-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
Deleted file - C:\Windows\system32\SMI\Store\Machine\SCHEMA.DAT{cbec1c9d-dd10-11e2-b8db-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
[SC] SetServiceObjectSecurity SUCCESS
[SC] SetServiceObjectSecurity SUCCESS
File not found - C:\Windows\SysWoW64\catroot2\*.*

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
The Cryptographic Services service is not started.

More help is available by typing NET HELPMSG 3521.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

The system cannot find the file specified.
Could Not Find C:\ProgramData\Application Data\Microsoft\Network\Downloader\qmgr*.dat
Path not found - C:\Windows\SoftwareDistribution
The system cannot find the file specified.
The system cannot find the file specified.
Path not found - C:\Windows\system32\catroot2
The system cannot find the file specified.
The system cannot find the file specified.
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TM.blf
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TMContainer00000000000000000001.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{020cfa5f-e733-11e3-8a33-5cf9dd75b28e}.TMContainer00000000000000000002.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.0.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.1.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.2.regtrans-ms
The process cannot access the file because it is being used by another process.
C:\Windows\system32\config\txr\{924e3d65-e739-11e3-a5b4-5cf9dd75b28e}.TxR.blf
The process cannot access the file because it is being used by another process.
File not found - C:\Windows\system32\SMI\Store\Machine\*.TM*
Could Not Find C:\Windows\system32\SMI\Store\Machine\*.TM*
[SC] SetServiceObjectSecurity SUCCESS
[SC] SetServiceObjectSecurity SUCCESS
Path not found - C:\Windows\SysWoW64\catroot2
The system cannot find the file specified.
The system cannot find the file specified.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS
[SC] ChangeServiceConfig SUCCESS

 

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

 

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

Reseting Interface, OK!
Restart the computer to complete this action.

The following command was not found: int isatap reset all.

Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

Reseting Interface, OK!
Restart the computer to complete this action.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

There's no user specified settings to be reset.

The following command was not found: int isatap reset all.

Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.


 



#14 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 27 June 2014 - 01:15 PM

Here are 2 more with the last to follow.

 

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  The file or directory is not a reparse point.

Error:  The file or directory is not a reparse point.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

Error:  Access is denied.

 

 

Skipped: (Symbolic Link or Junction) - C:\Documents and Settings
Skipped: (Symbolic Link or Junction) - C:\hiberfil.sys
Skipped: (Symbolic Link or Junction) - C:\pagefile.sys
1 - C:\dell.sdr
1 - C:\MSOCache
1 - C:\dell\OOBEDONE.FLG
1 - C:\Program Files\Uninstall Information
1 - C:\Program Files (x86)\InstallShield Installation Information
1 - C:\Program Files (x86)\Temp
1 - C:\Program Files (x86)\Uninstall Information
1 - C:\Program Files (x86)\Common Files\Adobe\Adobe PCD\cache\758D162DBEC6
1 - C:\Program Files (x86)\Common Files\Adobe\Adobe PCD\cache\9B27103BF37A
1 - C:\Program Files (x86)\Common Files\Adobe\AdobeApplicationManager\AAMSetup\iASUVersion.dll
1 - C:\Program Files (x86)\Dell\ClientSystemUpdate\CplSetup.exe
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Application Data
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Desktop
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Documents
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Favorites
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Start Menu
Skipped: (Symbolic Link or Junction) - C:\ProgramData\Templates
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\High Quality Print.joboptions
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\PDFA1b 2005 CMYK.joboptions
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\PDFA1b 2005 RGB.joboptions
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\Press Quality.joboptions
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\Smallest File Size.joboptions
1 - C:\ProgramData\Adobe\Adobe PDF\Settings\Standard.joboptions
1 - C:\ProgramData\Adobe\SLStore\B1D03F6131F6
1 - C:\ProgramData\Adobe\SLStore\B3DE3C6126F6
1 - C:\ProgramData\CyberLink\BDNAV
1 - C:\ProgramData\CyberLink\EvoParser
1 - C:\ProgramData\CyberLink\BDNAV\BRF.dat
1 - C:\ProgramData\CyberLink\CLUpdater\PowerDVD\9.0
1 - C:\ProgramData\CyberLink\EvoParser\PowerDVD\9.0
1 - C:\ProgramData\Microsoft\WwanSvc
1 - C:\ProgramData\Microsoft\Microsoft SQL Server\100\Tools\Shell\1033\ssms.CTM
1 - C:\ProgramData\Microsoft\MSDN\8.0\1033\dexplore.CTM
1 - C:\ProgramData\Microsoft\MSDN\9.0\1033\dexplore.CTM
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\1033\vsta.CTM
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\ItemTemplatesCache\cache.bin
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\ProjectTemplatesCache\cache.bin
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\1033\vsta.CTM
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\ItemTemplatesCache\cache.bin
1 - C:\ProgramData\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\ProjectTemplatesCache\cache.bin
1 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
1 - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
1 - C:\ProgramData\Microsoft\WwanSvc\Profiles
1 - C:\ProgramData\Microsoft Help\Hx.hxn
1 - C:\ProgramData\Microsoft Help\Hx_1033_MKWD_K.HxW
1 - C:\ProgramData\Microsoft Help\Hx_1033_MKWD_NamedURL.HxW
1 - C:\ProgramData\Microsoft Help\Hx_1033_MTOC_Hx.HxH
1 - C:\ProgramData\Microsoft Help\Hx_1033_MValidator.HxD
1 - C:\ProgramData\Microsoft Help\Hx_1033_MValidator.Lck
1 - C:\ProgramData\Microsoft Help\MS.Dexplore.v80.en.hxn
1 - C:\ProgramData\Microsoft Help\MS.Dexplore.v90.en.hxn
1 - C:\ProgramData\Microsoft Help\MS.EXCEL.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.EXCEL.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.GRAPH.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.GRAPH.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSACCESS.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSACCESS.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSOUC.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSPUB.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSPUB.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSTORE.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.MSTORE.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.OIS.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.OIS.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.ONENOTE.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.OUTLOOK.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.OUTLOOK.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.POWERPNT.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.POWERPNT.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.RIBBON.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.SETLANG.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.SETLANG.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10.hxn
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_A.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_B.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_F.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_K.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_NamedUrl.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_S.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MKWD_Samples.HxW
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MTOC_s10cc.HxH
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MValidator.HxD
1 - C:\ProgramData\Microsoft Help\MS.SQLCC.v10_1033_MValidator.Lck
1 - C:\ProgramData\Microsoft Help\MS.SQLIPCC.v10.hxn
1 - C:\ProgramData\Microsoft Help\MS.VISIO.DEV.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.VISIO.SHAPESHEET.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.VISIO_STD.12.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.VSTA.v20.en.hxn
1 - C:\ProgramData\Microsoft Help\MS.VSTACC.v20.hxn
1 - C:\ProgramData\Microsoft Help\MS.WINWORD.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\MS.WINWORD.DEV.14.1033.hxn
1 - C:\ProgramData\Microsoft Help\nslist.hxl
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_AVPAPP_{BB639333-810A-4bf8-85F5-C537857F55FC}1
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_ICFMGR_{F34173A0-C9EA-45ab-B832-29D35E6D04EC}G
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_ISDATAPR_{E8EFD4CD-DE52-4444-9511-EFF3B158724B}1
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_ISDATAPR_{FF9AC67A-E394-46ae-B150-B3365343F166}G
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_RDRPluginG
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_SNDPluginG
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_SvcMgr-A2B50D70-5EA1-45a0-A983-0DB9E7101676G
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_UI.Host.{1AFE47BB-FCF1-4096-9039-1FEBC9A0CCCF}1
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\CmnClnt\_lck\_{4E9CB39A-5F78-4887-A3D6-2790DE9DDE11}1
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_0IcxXajsIEEa9w4
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_1obPE8wfbq1fcKw
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_28eu8SEV2ql2rfu
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_9oiHRJx7MVTAvEE
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_aouttlmoroqrx51
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_B02malX9MbcKrkm
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_bCCaXLXaOgVWNhe
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_c7AuA2yNL2IKsZ8
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_c9mxvILBzNsuZYo
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_ckYKwOoOkzOYpSj
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_CsFe68s5ix6Xrdb
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_d6dFUWJmfSQUDER
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_dd5EkBCrYFwN90K
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_e0hQkahsfDc8TBj
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_E0ZfJttnBHmruWc
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_FsjHTs6OZu4bMlc
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_gXj2aydCsJp27eD
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_gYxIKRQI3No3wya
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_HPQ0HjPqfNxyOwM
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_hURnAJ8JHnOrhF8
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_IgZvRLp6wdU92Rx
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_IhP9zbZMi9BJJhe
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_iq8yYr8FbzXwN07
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_ISDTrHxK81UF41D
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_JJQOl1g6Z9tjt1C
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_kGfdAAdiIqrQwQY
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_lelhrDzjIIWYVHB
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_mnv1DSBtkNjKZXz
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_MPYSQ5kFAgHvZ2I
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_MuhxMWk8J6vusGQ
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_MyTYIAB6wnEBb6K
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_ND3kdUvo8vOdkK9
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_nxW27EC4ADiXB6W
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_p1mwmdwQeu6bbS6
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_p3wjXnGU1zDxaUG
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_P4f6zV02dBHQhwp
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_PNAua0xffa1vI3F
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_QgQr99rn3tVACPK
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_qHJHqf3BafZze63
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_QkdDSYKVUgWTmBy
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_RM3zNdh5n9YGwB4
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_RO0mog7Rk4GJUfX
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_rP9d35fsPCQ4jh3
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_RV5EC6OBUCnQkCU
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_RVPBVfMcybo5TaB
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_rWW7LDLlLwemBOt
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_SH4ovqrME9I3We8
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_tw1hJYy7vlDMxot
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_U3nOP6F6pxmakiO
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_UDOmfMViyXoordX
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_uZOea0zGkqrJvO4
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_W896Pv0510bSutf
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_wPR1AaiPyjSgPeY
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_wWhp9qSpNawhhv0
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_x7FzqRa3n0fpoJS
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_Y8d6xS4Y1zJPA90
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_YfjhvH2y3DGX5Tk
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_yrbzRo2iN1rdMrm
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_YtuRDcO1NjavYy0
0 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.2.1\Temp\musdmys_Ztb6lg0NS3Ln2fB
Skipped: (Symbolic Link or Junction) - C:\Users\All Users
Skipped: (Symbolic Link or Junction) - C:\Users\Default User
1 - C:\Users\Default
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Application Data
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Cookies
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Local Settings
Skipped: (Symbolic Link or Junction) - C:\Users\Default\My Documents
Skipped: (Symbolic Link or Junction) - C:\Users\Default\NetHood
Skipped: (Symbolic Link or Junction) - C:\Users\Default\PrintHood
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Recent
Skipped: (Symbolic Link or Junction) - C:\Users\Default\SendTo
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Start Menu
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Templates
1 - C:\Users\Default\AppData
1 - C:\Users\Default\NTUSER.DAT.LOG
1 - C:\Users\Default\NTUSER.DAT.LOG1
Skipped: (Symbolic Link or Junction) - C:\Users\Default\AppData\Local\Application Data
Skipped: (Symbolic Link or Junction) - C:\Users\Default\AppData\Local\History
Skipped: (Symbolic Link or Junction) - C:\Users\Default\AppData\Local\Temporary Internet Files
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\8.0\toolbox.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\8.0\toolboxIndex.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\8.0\toolboxIndex_reset.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\8.0\toolbox_reset.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\9.0\toolbox.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\9.0\toolboxIndex.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\9.0\toolboxIndex_reset.tbd
1 - C:\Users\Default\AppData\Local\Microsoft\MSDN\9.0\toolbox_reset.tbd
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Documents\My Music
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Documents\My Pictures
Skipped: (Symbolic Link or Junction) - C:\Users\Default\Documents\My Videos
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Application Data
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Cookies
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Local Settings
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\My Documents
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\NetHood
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\PrintHood
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Recent
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\SendTo
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Start Menu
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Templates
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\AppData\Local\Application Data
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\AppData\Local\History
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\AppData\Local\Temporary Internet Files
1 - C:\Users\Joe\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
1 - C:\Users\Joe\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~
1 - C:\Users\Joe\AppData\Local\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~
1 - C:\Users\Joe\AppData\Local\Microsoft\Media Player\Art Cache
1 - C:\Users\Joe\AppData\Local\Microsoft\Microsoft SQL Server\100\Tools\Shell\toolbox.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\Microsoft SQL Server\100\Tools\Shell\toolboxIndex.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\Microsoft SQL Server\100\Tools\Shell\toolboxIndex_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\Microsoft SQL Server\100\Tools\Shell\toolbox_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\MSDN\9.0\toolbox.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\MSDN\9.0\toolboxIndex.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\MSDN\9.0\toolboxIndex_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\MSDN\9.0\toolbox_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\toolbox.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\toolboxIndex.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\toolboxIndex_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptComponent\9.0\toolbox_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\toolbox.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\toolboxIndex.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\toolboxIndex_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\VSTAHost\SSIS_ScriptTask\9.0\toolbox_reset.tbd
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\UsrClass.dat
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Burn\Burn
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Burn\Burn1
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.MSO
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\NVIDIA Corporation
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\ProgramData\NVIDIA Corporation\Drs
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\Documents
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Roaming
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Adobe
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Microsoft
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Temp
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Adobe\Color
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Microsoft\Windows
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Local\Microsoft\Windows\Explorer
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Roaming\Microsoft
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Roaming\Microsoft\Windows
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Roaming\Microsoft\Windows\PrivacIE
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\AppData\Roaming\Microsoft\Windows\PrivacIE\Low
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\Documents\My Documents
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\Documents\My Documents\My Shapes
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Joe\Documents\My Documents\My Shapes\_private
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows Live\Installer\BIT9E8E.tmp
1 - C:\Users\Joe\AppData\Local\Microsoft\Windows Live\Installer\BITB793.tmp
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.OUTLOOK.14.1033_1033_MKWD_F.HxW
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.OUTLOOK.14.1033_1033_MKWD_K.HxW
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.OUTLOOK.14.1033_1033_MTOC_OUTLOOK_COL.HxH
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.OUTLOOK.14.1033_1033_MValidator.HxD
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.OUTLOOK.14.1033_1033_MValidator.Lck
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.WINWORD.14.1033_1033_MKWD_F.HxW
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.WINWORD.14.1033_1033_MKWD_K.HxW
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.WINWORD.14.1033_1033_MTOC_WINWORD_COL.HxH
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.WINWORD.14.1033_1033_MValidator.HxD
1 - C:\Users\Joe\AppData\Local\Microsoft Help\MS.WINWORD.14.1033_1033_MValidator.Lck
1 - C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
1 - C:\Users\Joe\AppData\Roaming\Microsoft\Office\Recent\index.dat
1 - C:\Users\Joe\AppData\Roaming\Microsoft\Templates\~$rmalEmail.dotm
1 - C:\Users\Joe\AppData\Roaming\Microsoft\Windows\DNTException\Low
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Documents\My Music
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Documents\My Pictures
Skipped: (Symbolic Link or Junction) - C:\Users\Joe\Documents\My Videos
1 - C:\Users\Joe\Documents\My Documents\My Shapes\desktop.ini
1 - C:\Users\Joe\Documents\My Documents\My Shapes\_private
1 - C:\Users\Joe\Documents\My Documents\My Shapes\_private\folder.ico
1 - C:\Users\Joe\Searches\Everywhere.search-ms
1 - C:\Users\Joe\Searches\Indexed Locations.search-ms
1 - C:\Users\Public\Desktop
1 - C:\Users\Public\Favorites
1 - C:\Users\Public\Libraries
Skipped: (Symbolic Link or Junction) - C:\Users\Public\Documents\My Music
Skipped: (Symbolic Link or Junction) - C:\Users\Public\Documents\My Pictures
Skipped: (Symbolic Link or Junction) - C:\Users\Public\Documents\My Videos
1 - C:\Users\Public\Recorded TV\TempRec
1 - C:\Windows\WindowsShell.Manifest
1 - C:\Windows\assembly\PublisherPolicy.tme
1 - C:\Windows\assembly\pubpol53.dat
1 - C:\Windows\assembly\pubpol55.dat
1 - C:\Windows\assembly\NativeImages_v2.0.50727_32\indexed2.dat
1 - C:\Windows\assembly\NativeImages_v2.0.50727_32\indexf2d.dat
1 - C:\Windows\assembly\NativeImages_v2.0.50727_32\indexf2e.dat
1 - C:\Windows\assembly\NativeImages_v2.0.50727_64\indexa6e.dat
1 - C:\Windows\assembly\NativeImages_v2.0.50727_64\indexa6f.dat
Skipped: (Symbolic Link or Junction) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.4548.184408
Skipped: (Symbolic Link or Junction) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.4548.184408
1 - C:\Windows\ServiceProfiles\LocalService\AppData
1 - C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG
1 - C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1
1 - C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2
1 - C:\Windows\ServiceProfiles\NetworkService\AppData
1 - C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG
1 - C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1
1 - C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2
1 - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
1 - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
1 - C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-ums-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-security-lsalookup-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-security-sddl-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-service-core-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-service-management-l1-1-0.dll
1 - C:\Windows\System32\api-ms-win-service-management-l2-1-0.dll
1 - C:\Windows\System32\api-ms-win-service-winsvc-l1-1-0.dll
1 - C:\Windows\System32\config\COMPONENTS.LOG
1 - C:\Windows\System32\config\COMPONENTS.LOG1
1 - C:\Windows\System32\config\COMPONENTS.LOG2
1 - C:\Windows\System32\config\DEFAULT.LOG
1 - C:\Windows\System32\config\DEFAULT.LOG1
1 - C:\Windows\System32\config\DEFAULT.LOG2
1 - C:\Windows\System32\config\SAM.LOG
1 - C:\Windows\System32\config\SAM.LOG1
1 - C:\Windows\System32\config\SAM.LOG2
1 - C:\Windows\System32\config\SECURITY.LOG
1 - C:\Windows\System32\config\SECURITY.LOG1
1 - C:\Windows\System32\config\SECURITY.LOG2
1 - C:\Windows\System32\config\SOFTWARE.LOG
1 - C:\Windows\System32\config\SOFTWARE.LOG1
1 - C:\Windows\System32\config\SOFTWARE.LOG2
1 - C:\Windows\System32\config\SYSTEM.LOG
1 - C:\Windows\System32\config\SYSTEM.LOG1
1 - C:\Windows\System32\config\SYSTEM.LOG2
1 - C:\Windows\System32\config\systemprofile\ntuser.dat.LOG
1 - C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads
1 - C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads\BIT9EED.tmp
1 - C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads\BITA5FF.tmp
1 - C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Device Metadata\dmrccache\downloads\BITA6FA.tmp
1 - C:\Windows\System32\config\systemprofile\Searches\Indexed Locations.search-ms
1 - C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
1 - C:\Windows\System32\SMI\Store\Machine\schema.dat.LOG
1 - C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT.LOG1
1 - C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT.LOG2
1 - C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-security-lsalookup-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-security-sddl-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-service-core-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-service-management-l1-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-service-management-l2-1-0.dll
1 - C:\Windows\SysWOW64\api-ms-win-service-winsvc-l1-1-0.dll
1 - C:\Windows\Tasks\SA.DAT
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-security-base-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-security-base-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-security-base-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-console-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-datetime-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-debug-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-delayload-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-errorhandling-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-fibers-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-file-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-handle-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-heap-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-interlocked-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-io-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-localization-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-localregistry-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-memory-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-misc-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-namedpipe-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-processenvironment-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-processthreads-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-profile-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-rtlsupport-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-string-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-synch-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-sysinfo-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-threadpool-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-util-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-xstate-l1-1-0.dll
1 - C:\Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-security-base-l1-1-0.dll
 



#15 j_699

j_699
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:30 AM

Posted 27 June 2014 - 01:18 PM

The last file Repair_WMI is too large to paste here.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users