Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015 Ran by jallenh (2015-11-12 13:51:11) Running from D:\temp Microsoft Windows 7 Enterprise Service Pack 1 (X86) (2014-07-25 13:46:31) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3452821577-3394138591-3816337184-500 - Administrator - Disabled) Guest (S-1-5-21-3452821577-3394138591-3816337184-501 - Limited - Disabled) user1 (S-1-5-21-3452821577-3394138591-3816337184-1000 - Administrator - Enabled) => C:\Users\user1 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B} AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Host Intrusion Prevention Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (HKLM\...\7-Zip) (Version: - ) Adobe Flash Player 14 ActiveX (HKLM\...\{1F5E5F2E-5E61-431D-B796-58CCC6B68E28}) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM\...\{C4B32291-F7B2-4BEC-BA4D-4195676A08CC}) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM\...\{A4488E5C-1022-432A-8066-72E1C4023310}) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\{A580818A-6519-4120-AB1C-F4F6FCFAA7D0}) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM\...\{222B5B5E-DE82-48AB-A906-FB366339338A}) (Version: 12.1.9.160 - Adobe Systems, Inc) Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) Cisco Systems VPN Client 5.0.06.0160 (HKLM\...\{21E247D4-5E27-4BEA-AA4D-19A81203FE2A}) (Version: 5.0.6 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-57989841-616249376-1801674531-742043\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.) ConfigMgr Client Setup Bootstrap (Version: 5.00.7958.1000 - Microsoft Corporation) Hidden Configuration Manager Client (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.) Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.40.28 - Creative Technology Ltd) Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment) DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden Gail Howard's Smart Luck Advantage Gold™ version 4.0.1.92 (HKLM\...\{27743227-FA7F-4265-8802-0FA36262B349}_is1) (Version: 4.0.1.92 - Gail Howard's Smart Luck) Google Chrome (HKLM\...\{B903EB60-537C-3462-836A-514220BAD8F3}) (Version: 66.101.32853 - Google, Inc.) Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HP LoadRunner - Analysis (HKLM\...\{4636C03A-B041-442B-AA33-C0BF6C40B3A9}) (Version: 12.0.2739.0 - HP) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation) i-TOUCH (HKLM\...\{4396FAB0-7E28-4FC8-A3CE-B7D4147A9CE7}) (Version: 1.0.0 - Wipro) Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Juniper Networks Network Connect 7.4.0 (HKLM\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30667 - Juniper Networks) Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-57989841-616249376-1801674531-742043\...\Juniper_Setup_Client) (Version: 7.4.9.45013 - Juniper Networks, Inc.) Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McAfee Host Intrusion Prevention (HKLM\...\{6B005DF6-6B6E-4551-B632-B0001DF50499}_Uninst) (Version: 8.00.0402 - McAfee, Inc.) McAfee Host Intrusion Prevention (Version: 8.00.0402 - McAfee, Inc.) Hidden MDOP MBAM (HKLM\...\{D369D2E5-3330-499C-8FE7-81BA660FA8BB}) (Version: 2.5.0244.0 - Microsoft Corporation) Media Go (HKLM\...\{C9ACDF2C-F9A5-4F17-A6FA-97FF908DC4AA}) (Version: 3.0.278 - Sony) Media Go Network Downloader (HKLM\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.20.107.05220 (HKLM\...\{7348D0F2-3DAC-0BE7-4E7C-64844D2E3CA9}) (Version: 2.20.107.05220 - Sony) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Live Meeting 2007 (HKLM\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WSE 2.0 SP3 Runtime (HKLM\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 40.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MySupport Manager ODC V1.1 (HKLM\...\MySupport Manager ODC V1.1_is1) (Version: 1.1 - Wipro) Nexthink Collector (Version: 5.3.02003 - Nexthink S.A.) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden ParaBlu EPA (HKU\S-1-5-21-57989841-616249376-1801674531-742043\...\{44EEB8EA-37A5-4866-8852-0AC4B90F86CD}_is1) (Version: 1.1506.35 - ParaBlu) PhotoShowExpress (Version: 2.0.063 - Sonic Solutions) Hidden Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Service Manager (HKLM\...\Service Manager) (Version: - ) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.15.14.201510090937 - Sony Mobile Communications Inc.) Sony PC Companion 2.10.289 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony) TestFrame Engine v2013.05 (Build 68) (HKLM\...\TestFrame Engine_is1) (Version: - CGI, Nederland BV) TestFrame Toolbar V3 Release 2013.02.4 Beta (Build 460) (HKLM\...\TestFrame Toolbar_is1) (Version: 2013.02.4 Beta - CGI Nederland BV, IKC T&QM) Uninstall Startup Inspector (HKLM\...\{DE114695-AE58-4B66-8E0F-2505188602FB}_is1) (Version: - ) VNC Viewer 5.2.3 (HKLM\...\{F8E906E7-1077-4476-8CA2-57912B72B0A8}) (Version: 5.2.3 - RealVNC Ltd) Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-57989841-616249376-1801674531-742043_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\WebEx\T30_MC\atucfobj.dll (Cisco WebEx LLC) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-30 09:05 - 2015-11-09 13:43 - 01027100 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 m.fr.a2dfp.net 0.0.0.0 mfr.a2dfp.net 0.0.0.0 ad.a8.net 0.0.0.0 asy.a8ww.net 0.0.0.0 static.a-ads.com 0.0.0.0 atlas.aamedia.ro 0.0.0.0 abcstats.com 0.0.0.0 ad4.abradio.cz 0.0.0.0 a.abv.bg 0.0.0.0 adserver.abv.bg 0.0.0.0 adv.abv.bg 0.0.0.0 bimg.abv.bg 0.0.0.0 ca.abv.bg 0.0.0.0 track.acclaimnetwork.com 0.0.0.0 accuserveadsystem.com 0.0.0.0 www.accuserveadsystem.com 0.0.0.0 achmedia.com 0.0.0.0 csh.actiondesk.com 0.0.0.0 ads.activepower.net 0.0.0.0 app.activetrail.com 0.0.0.0 stat.active24stats.nl #[Tracking.Cookie] 0.0.0.0 traffic.acwebconnecting.com 0.0.0.0 office.ad1.ru 0.0.0.0 cms.ad2click.nl 0.0.0.0 ad2games.com 0.0.0.0 ads.ad2games.com 0.0.0.0 content.ad20.net 0.0.0.0 core.ad20.net 0.0.0.0 banner.ad.nu There are 12287 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {012803E5-639E-4B2C-AEDD-943A916CBB33} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {0B096CAD-B767-4E63-857E-A814686C2421} - System32\Tasks\{508CAF50-0478-498E-A280-8DD8EEEFF506} => pcalua.exe -a C:\Users\jallenh\Downloads\chromeinstall-8u51.exe -d C:\Users\jallenh\Downloads Task: {3F4E00E6-96D5-42E7-8D46-999D613DF106} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd) Task: {56BDCFD7-3291-483A-9FF1-C82DE7F8D701} - System32\Tasks\Microsoft Office 15 Sync Maintenance for {28348617-86c3-47db-b4aa-377291623094} L-156021761.wipro.com => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {639068DC-58B1-4AE8-A23B-DBF8637CC448} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {89A01C6F-C676-4ED7-9AD1-0E6154EAE397} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-04] (Adobe Systems Incorporated) Task: {947E91C5-2C75-49AE-B674-2E5338202CED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) Task: {ABCD278C-2512-46AF-BD4F-D5D94DC57E36} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection Task: {ADA26E5A-4DEA-43AF-9514-88FEDA3C3E76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F6E02F92-7BC5-4767-8969-48076E208CCA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-03] (Google Inc.) Task: {F98328CB-BAE3-4471-A2F1-3ECA20C3B831} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2015-04-14] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2012-10-01 19:33 - 2012-10-01 19:33 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-04-03 19:39 - 2013-04-03 19:39 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 10:15 - 2010-10-20 10:15 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-07-25 14:00 - 2014-04-29 17:06 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll 2012-10-01 19:32 - 2012-10-01 19:32 - 01014400 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2009-07-13 21:03 - 2009-07-14 01:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll 2015-11-11 08:44 - 2015-11-07 04:36 - 01532744 _____ () C:\Program Files\Google\Chrome\Application\46.0.2490.86\libglesv2.dll 2015-11-11 08:44 - 2015-11-07 04:36 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\46.0.2490.86\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-57989841-616249376-1801674531-742043\...\sharepoint.com -> hxxps://wipro365.sharepoint.com IE trusted site: HKU\S-1-5-21-57989841-616249376-1801674531-742043\...\twutil.net -> hxxp://hpcwp02.twutil.net ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-57989841-616249376-1801674531-742043\Control Panel\Desktop\\Wallpaper -> C:\Users\jallenh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.179.2.249 - 10.179.2.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AESTFilters => 2 MSCONFIG\Services: AudioEndpointBuilder => 2 MSCONFIG\Services: ehRecvr => 2 MSCONFIG\Services: ehSched => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IEEtwCollectorService => 3 MSCONFIG\Services: Mcx2Svc => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: QWAVE => 3 MSCONFIG\Services: STacSV => 2 MSCONFIG\Services: tgsrvc_mysupport => 2 MSCONFIG\Services: WinDefend => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^i-TOUCH.lnk => C:\Windows\pss\i-TOUCH.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" MSCONFIG\startupreg: Wipro => "C:\Program Files\Settings\WiproRunReg.vbs" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{E82054DF-9F59-49D8-9CF5-C8097D1B7B1A}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe FirewallRules: [{6FFF93D2-16DA-4545-8A2C-83579EC6B5F3}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe FirewallRules: [{80278F12-5726-4736-93F7-1DA78D8F88BE}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe FirewallRules: [{50382A82-2924-4D6B-99C5-A6705C0E0A58}] => (Allow) C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe FirewallRules: [{C8A3E259-8C54-4C32-8E01-D101834F9552}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{E22DA5C2-3431-4C69-8CEA-14C2630D55BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5A5DED08-2E8F-47B8-8B0D-5B1AA133C8C0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{B9F2C758-DCA2-4EAA-9BB7-197E7EA00E64}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{27632B57-DCF3-4F63-8BE2-9A5ADD5922E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2BC11B17-538D-46FC-A08C-078B8BC89A91}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{AC5A65B7-0E03-4780-923E-1B63021826BB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{1B2DEC32-CF43-4ABC-B941-908EBB79DDC9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{1D6629D1-2F52-4388-AF39-6CA5B032F90B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{28839D75-1D46-4C98-BAEC-4D7CE07965A7}C:\program files\microsoft office\office15\lync.exe] => (Allow) C:\program files\microsoft office\office15\lync.exe FirewallRules: [UDP Query User{856708E9-DC82-49BC-A755-B33570F9E3E7}C:\program files\microsoft office\office15\lync.exe] => (Allow) C:\program files\microsoft office\office15\lync.exe FirewallRules: [{9340129A-C4A7-4EC1-BED7-1E429CC58E30}] => (Allow) LPort=64313 FirewallRules: [{AADEF0FE-E001-48E3-A26F-6D57824354FA}] => (Allow) LPort=5000 FirewallRules: [{D18E9586-7F63-41B8-B923-D02574418D44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{CAE1D08C-25DC-4E70-8CEC-9A3B50AA1BDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{2B293F62-7C15-44DF-9367-8EEFA7989CDC}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{000CAE9C-063A-4AAF-B6FE-4A9D3B3E6E55}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [TCP Query User{F882B879-4470-4D8B-AEEF-877D28D595A2}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe FirewallRules: [UDP Query User{631B412B-8ABA-4F95-A31E-6F90D194ABC3}D:\diablo iii\diablo iii.exe] => (Allow) D:\diablo iii\diablo iii.exe FirewallRules: [{A5E2E278-1052-48AC-85FE-2AB08CBA8135}] => (Allow) D:\Winamp\winamp.exe FirewallRules: [{8C8EBF29-98D9-4EE6-AD0C-DD717BAC77B1}] => (Allow) D:\Winamp\winamp.exe FirewallRules: [{DEFD5342-1F43-4AE0-AF4E-9959075C6D6A}] => (Allow) D:\Winamp\winamp.exe FirewallRules: [{1B3A537C-1B72-40AB-A9C3-D984F2D0A5F7}] => (Allow) D:\Winamp\winamp.exe FirewallRules: [{EF48A8BA-7644-45CF-B5B4-D9C5EDAE6642}] => (Allow) D:\Winamp\winamp.exe FirewallRules: [{8091EC72-44FF-4854-97CF-EE789C490E95}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Cisco Systems VPN Adapter Description: Cisco Systems VPN Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: CVirtA Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Bluetooth Device (Personal Area Network) Description: Bluetooth Device (Personal Area Network) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: PCI Serial Port Description: PCI Serial Port Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (11/12/2015 12:24:55 PM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 11:18:56 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 11:04:12 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 10:58:08 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 10:36:21 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 10:16:51 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 10:09:00 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 09:58:07 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (11/12/2015 09:28:03 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. Error: (11/12/2015 09:23:11 AM) (Source: Outlook) (EventID: 62) (User: ) Description: Unable to create a Microsoft Classification Engine session for user: jeffrey.hinz@wipro.com - error code 0x80040206. System errors: ============= Error: (11/12/2015 12:58:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: WIPRO) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (11/12/2015 11:17:06 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (11/12/2015 11:03:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: %%1058 Error: (11/12/2015 11:03:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: %%1058 Error: (11/12/2015 11:03:48 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070422 Error: (11/12/2015 11:03:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1054) (User: WIPRO) Description: The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly. Error: (11/12/2015 11:03:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: %%1058 Error: (11/12/2015 11:03:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: %%1058 Error: (11/12/2015 11:03:23 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070422 Error: (11/12/2015 11:03:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: %%1058 CodeIntegrity: =================================== Date: 2015-11-12 12:07:53.745 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:07:53.729 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.249 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.249 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.249 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.233 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.217 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-11-12 12:05:15.217 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz Percentage of memory in use: 65% Total physical RAM: 3240.9 MB Available physical RAM: 1104.06 MB Total Virtual: 6480.09 MB Available Virtual: 3799.96 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.56 GB) (Free:62.83 GB) NTFS Drive d: () (Fixed) (Total:200.43 GB) (Free:123.47 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 22F8D777) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================