"hard drive clusters are partly damaged. segment load failure"
and
"RAM memory reliability is extremely low. This problem may cause system failure"
and
"critical error"
and
"hard drive critical error. start a system diagnostics..." etc
I cant see any files whatsoever on my computer and am operating from another machine at the moment. This is similar to another problem I had a few months ago. I had to reinstall windows and start over, which makes me think that I have an infected external hard drive, perhaps.
however, I was somehow able to run an OTL from a jump drive by navigating around, and its pasted below.
****PLEASE NOTE: It gave me two outputs: one called OTL and another, also pasted below, called "extras"
OTL:
OTL logfile created on: 1/19/2012 12:11:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.98 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 68.01% Memory free
4.82 Gb Paging File | 4.09 Gb Available in Paging File | 84.88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.87 Gb Total Space | 173.45 Gb Free Space | 74.48% Space Free | Partition Type: NTFS
Drive E: | 1.94 Gb Total Space | 0.46 Gb Free Space | 23.81% Space Free | Partition Type: FAT
Computer Name: NG00158029 | User Name: jeh46727 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/19 12:10:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012/01/19 11:17:24 | 000,447,744 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\sJbtigWoqlpSK.exe
PRC - [2011/12/24 17:50:16 | 000,981,680 | -H-- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011/07/20 15:14:31 | 000,145,936 | -H-- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/07/20 15:14:30 | 000,159,320 | -H-- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/03/18 14:06:37 | 000,209,760 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
PRC - [2011/03/18 14:06:36 | 000,057,152 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\scan32.exe
PRC - [2011/03/18 14:06:28 | 000,033,648 | -H-- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2010/12/14 17:22:37 | 000,075,608 | -H-- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe
PRC - [2010/10/15 15:05:00 | 000,185,664 | -H-- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
PRC - [2010/10/15 15:05:00 | 000,140,608 | -H-- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\UdaterUI.exe
PRC - [2010/10/15 15:05:00 | 000,120,128 | -H-- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe
PRC - [2010/10/15 15:05:00 | 000,075,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\Common Framework\McTray.exe
PRC - [2010/09/27 11:35:58 | 002,093,322 | ---- | M] (Internet Security Systems, Inc.) -- C:\Program Files\ISS\Proventia Desktop\blackd.exe
PRC - [2010/09/27 11:35:58 | 001,274,122 | ---- | M] (Internet Security Systems, Inc.) -- C:\Program Files\ISS\Proventia Desktop\RapApp.exe
PRC - [2010/09/27 11:35:58 | 000,405,770 | ---- | M] (Internet Security Systems, Inc.) -- C:\Program Files\ISS\Proventia Desktop\vpatch.exe
PRC - [2010/09/07 23:05:34 | 000,254,034 | R--- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\STACSV.EXE
PRC - [2010/02/26 01:37:06 | 001,287,464 | ---- | M] (Altiris, Inc.) -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe
PRC - [2010/02/26 01:37:00 | 000,173,352 | ---- | M] (Altiris, Inc.) -- C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe
PRC - [2009/04/20 18:01:56 | 000,737,280 | RH-- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFLTR.EXE
PRC - [2009/03/27 18:10:56 | 000,014,336 | RH-- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2008/04/17 08:08:46 | 001,528,608 | -H-- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2008/04/14 04:42:20 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 04:42:16 | 000,389,120 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
PRC - [2007/03/07 15:41:18 | 001,437,696 | ---- | M] (Altiris) -- C:\Program Files\Altiris\Carbon Copy\Client.exe
PRC - [2007/03/07 15:41:18 | 000,724,992 | -H-- | M] (Altiris) -- C:\Program Files\Altiris\Carbon Copy\ShellKer.exe
PRC - [2007/03/07 15:18:58 | 000,049,152 | -H-- | M] (Altiris) -- C:\WINDOWS\system32\CCSRVC.exe
PRC - [2006/09/21 04:20:00 | 000,127,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2005/07/15 16:48:33 | 000,479,232 | -H-- | M] (Google Inc.) -- C:\Program Files\Google\Gmail Notifier\gnotify.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/19 11:17:24 | 000,447,744 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\sJbtigWoqlpSK.exe
MOD - [2011/02/24 01:57:18 | 000,555,112 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2010/10/15 15:05:00 | 000,065,536 | -H-- | M] () -- C:\Program Files\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
MOD - [2010/09/27 11:35:56 | 000,065,536 | ---- | M] () -- C:\Program Files\ISS\Proventia Desktop\AV\ipsupd.dll
MOD - [2010/09/27 11:35:54 | 000,745,984 | ---- | M] () -- C:\Program Files\ISS\Proventia Desktop\libxml2.dll
MOD - [2010/09/27 11:35:54 | 000,147,968 | ---- | M] () -- C:\Program Files\ISS\Proventia Desktop\libxslt.dll
MOD - [2008/05/20 04:18:10 | 000,094,720 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008/04/17 08:08:56 | 000,197,408 | ---- | M] () -- C:\WINDOWS\system32\vpnapi.dll
MOD - [2007/08/14 13:43:46 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 21:33:58 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2007/07/12 11:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 11:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007/04/18 19:30:46 | 000,471,040 | ---- | M] () -- C:\Program Files\McAfee\Common Framework\ccme_base.dll
MOD - [2007/04/18 19:30:46 | 000,393,216 | -H-- | M] () -- C:\Program Files\McAfee\Common Framework\cryptocme2.dll
MOD - [2007/02/05 15:55:36 | 000,130,560 | ---- | M] () -- C:\Program Files\ISS\Proventia Desktop\AV\libfn.dll
MOD - [2002/01/14 14:49:00 | 000,045,056 | ---- | M] () -- C:\Program Files\ISS\Proventia Desktop\AV\avxdisk.dll
MOD - [2001/07/31 02:17:12 | 000,094,274 | ---- | M] () -- C:\WINDOWS\system32\HPBHEALR.DLL
========== Win32 Services (SafeList) ==========
SRV - File not found [Unknown | Running] -- -- (VPatch)
SRV - File not found [Unknown | Running] -- -- (RapApp)
SRV - File not found [Unknown | Running] -- -- (BlackICE)
SRV - [2011/07/20 15:14:31 | 000,145,936 | -H-- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2011/07/20 15:14:30 | 000,159,320 | -H-- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/03/18 14:06:37 | 000,209,760 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe -- (McTaskManager)
SRV - [2010/12/14 17:22:37 | 000,075,608 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Forefront Identity Manager\2010\Password Reset Client Service\PwdMgmtProxy.exe -- (FIMPasswordReset)
SRV - [2010/10/15 15:05:00 | 000,120,128 | -H-- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe -- (McAfeeFramework)
SRV - [2010/09/07 23:05:34 | 000,254,034 | R--- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\STACSV.EXE -- (STacSV)
SRV - [2010/02/26 01:37:06 | 001,287,464 | ---- | M] (Altiris, Inc.) [Auto | Running] -- C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe -- (AeXNSClient)
SRV - [2010/01/15 07:49:20 | 000,227,232 | -H-- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/27 18:10:56 | 000,014,336 | RH-- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008/04/17 08:08:46 | 001,528,608 | -H-- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2007/03/07 15:18:58 | 000,049,152 | -H-- | M] (Altiris) [Auto | Running] -- C:\WINDOWS\system32\CCSRVC.exe -- (CarbonCopy32)
========== Driver Services (SafeList) ==========
DRV - [2012/01/19 11:52:38 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011/07/20 15:14:31 | 000,436,728 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/07/20 15:14:31 | 000,171,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/07/20 15:14:31 | 000,116,104 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/07/20 15:14:31 | 000,088,544 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/07/20 15:14:31 | 000,085,152 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/07/20 15:14:31 | 000,058,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/09/27 11:35:58 | 000,050,163 | ---- | M] (Internet Security Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RapDrv.sys -- (rap)
DRV - [2010/09/27 11:35:56 | 000,205,938 | ---- | M] (Internet Security Systems, Inc.) [Kernel | Disabled | Running] -- C:\WINDOWS\system32\drivers\Blackcat.sys -- (black)
DRV - [2010/09/27 11:35:56 | 000,080,512 | ---- | M] (Internet Security Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\isskboep.sys -- (MakoNT)
DRV - [2010/09/07 23:05:34 | 001,643,715 | R--- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2010/04/05 23:35:56 | 000,168,616 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress) Intel®
DRV - [2010/04/05 10:44:28 | 006,601,216 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2010/02/25 14:19:12 | 000,016,768 | -H-- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2010/01/28 19:55:06 | 000,058,600 | RH-- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009/12/03 06:57:48 | 000,045,984 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/11/20 19:15:18 | 000,137,728 | RH-- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2009/11/20 19:15:16 | 000,058,880 | RH-- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2009/09/17 12:54:14 | 000,041,088 | RH-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2009/07/21 14:18:58 | 001,161,760 | RH-- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/20 14:05:16 | 000,049,152 | R--- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rismc32.sys -- (rismc32)
DRV - [2009/06/25 15:58:10 | 000,048,128 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/04/20 19:13:34 | 000,113,664 | R--- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2008/10/11 14:56:00 | 000,045,056 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 14:41:36 | 000,038,400 | R--- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2008/07/23 10:31:38 | 000,044,800 | RH-- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2008/04/17 08:07:52 | 000,306,299 | -H-- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2008/03/29 16:36:28 | 000,125,328 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dne2000.sys -- (DNE)
DRV - [2007/03/07 15:22:54 | 000,009,216 | -H-- | M] (Altiris) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CCDevice.sys -- (CCDevice)
DRV - [2007/01/18 16:28:02 | 000,005,275 | -H-- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006/09/21 04:20:00 | 000,094,460 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/09/21 04:20:00 | 000,088,476 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/09/21 04:20:00 | 000,087,004 | -H-- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/09/21 04:20:00 | 000,026,044 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/09/21 04:20:00 | 000,015,068 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/09/21 04:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/09/21 04:20:00 | 000,002,496 | -H-- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2006/07/24 00:00:04 | 000,022,016 | RH-- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/07/24 00:00:04 | 000,017,920 | RH-- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2006/03/17 07:35:24 | 000,005,660 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/03/17 07:34:46 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/01/26 10:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.state.va.us/cmsportal3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vofonline.org [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2011/10/25 11:11:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/23 10:51:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2011/10/25 13:15:52 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\jeh46727\Application Data\Mozilla\Extensions
[2011/10/25 13:11:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/23 10:51:16 | 000,121,816 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 19:26:50 | 000,002,252 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/10 17:37:38 | 000,002,040 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/11/08 11:00:06 | 000,001,663 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 172.22.234.78 cov-rpb-nas002.cov.virginia.gov
O1 - Hosts: 10.192.32.76 COVSMICES-ANS01 COVSMICES-ANS01.vita.virginia.gov COVSMICES-ANS01.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O1 - Hosts: 10.192.32.77 COVSMICES-ANS03 COVSMICES-ANS03.vita.virginia.gov COVSMICES-ANS03.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O1 - Hosts: 10.192.32.78 COVSMICES-ANS04 COVSMICES-ANS04.vita.virginia.gov COVSMICES-ANS04.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O1 - Hosts: 10.192.32.79 COVSMICES-ANS05 COVSMICES-ANS05.vita.virginia.gov COVSMICES-ANS05.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O1 - Hosts: 10.192.32.80 COVSMICES-ANS06 COVSMICES-ANS06.vita.virginia.gov COVSMICES-ANS06.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O1 - Hosts: 10.192.32.45 COVSMICES-ANS07 COVSMICES-ANS07.vita.virginia.gov COVSMICES-ANS07.cov.virginia.gov # Altiris NS ***DO NOT REMOVE OR MODIFY***
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110720161443.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [AeXAgentLogon] C:\Program Files\Altiris\Altiris Agent\AeXAgentActivate.exe (Altiris, Inc.)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [McAfeeUpdaterUI] C:\Program Files\McAfee\Common Framework\udaterui.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [PasswordRegistration] C:\WINDOWS\system32\MsPwdRegistration.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [sJbtigWoqlpSK.exe] C:\Documents and Settings\All Users\Application Data\sJbtigWoqlpSK.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\PhishingFilter present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\SQM present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoOnlinePrintsWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonType = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 32000
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceStartMenuLogOff = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPublishingWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoOnlinePrintsWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 2 = wscui.cpl (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O15 - HKLM\..Trusted Domains: virginia.gov ([idmportal.cov] https in Local intranet)
O15 - HKCU\..Trusted Domains: virginia.gov ([]* in Local intranet)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} Reg Error: Key error. (Macromedia Authorware Web Player Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cov.virginia.gov
O20 - AppInit_DLLs: (AMINIT32.dll) -C:\WINDOWS\System32\AMInit32.dll (Altiris, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MsPwdGina.dll) -C:\WINDOWS\System32\MsPwdGina.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/07/19 21:15:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{16dc5dee-ffcf-11e0-a1cb-183da27742a0}\Shell\AutoRun\command - "" = E:\Connect.exe
O33 - MountPoints2\{6b4e1eba-03bb-11e1-a1cc-183da27742a0}\Shell - "" = AutoRun
O33 - MountPoints2\{6b4e1eba-03bb-11e1-a1cc-183da27742a0}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6b4e1eba-03bb-11e1-a1cc-183da27742a0}\Shell\AutoRun\command - "" = F:\HPLauncher.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\HPLauncher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/19 12:06:58 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\jeh46727\Recent
[2012/01/19 11:52:38 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/01/18 16:22:19 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Desktop\AEP Exports
[2012/01/18 15:01:31 | 000,000,000 | ---D | C] -- C:\logs
[2012/01/18 15:01:07 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012/01/18 15:00:24 | 000,000,000 | -H-D | C] -- C:\Program Files\Microsoft Forefront Identity Manager
[2012/01/18 14:32:18 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\join.me
[2012/01/18 11:42:22 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2012/01/11 08:46:56 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\Adobe
[2012/01/10 17:34:07 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Application Data\Adobe
[2012/01/09 16:22:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\Temp
[2012/01/09 16:20:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\Adobe
[2012/01/09 16:20:31 | 000,000,000 | -H-D | C] -- C:\Program Files\Adobe
[2012/01/04 15:42:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office Outlook Tools
[2012/01/04 15:42:10 | 000,000,000 | -H-D | C] -- C:\Program Files\MSECache
[2011/12/29 12:43:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/12/29 12:41:37 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\Google
[2011/12/28 12:25:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Desktop\new pics
[2011/12/21 17:09:11 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/12/21 11:41:36 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\jeh46727\Application Data\Malwarebytes
[2011/12/21 11:40:16 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/12/21 11:40:11 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/12/21 11:40:11 | 000,000,000 | -H-D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/20 15:03:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/19 12:15:00 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6F1E465E-1806-426B-BBF8-D398F24871FE}.job
[2012/01/19 11:52:38 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2012/01/19 11:46:22 | 000,053,237 | -H-- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/01/19 11:46:20 | 000,053,237 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012/01/19 11:46:02 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/19 11:45:48 | 000,000,886 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/19 11:43:21 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2012/01/19 11:17:24 | 000,447,744 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\sJbtigWoqlpSK.exe
[2012/01/19 10:53:21 | 704,565,792 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\rocket aurora.psd
[2012/01/19 09:06:04 | 000,082,058 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\2012-13_mountain cove.pdf
[2012/01/19 09:03:39 | 000,368,871 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\POSTER.jpg
[2012/01/19 08:47:37 | 002,594,559 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\POSTER.pdf
[2012/01/18 15:50:40 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{34110CE7-C3CF-46D7-8170-4C28C5194E2D}.job
[2012/01/18 14:39:32 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\wininet_dll.iss
[2012/01/18 14:39:31 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\urlmon_dll.iss
[2012/01/18 14:39:31 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\url_dll.iss
[2012/01/18 14:37:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\client.INI
[2012/01/18 14:32:24 | 000,000,914 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\join.me.lnk
[2012/01/18 13:35:02 | 000,000,484 | -H-- | M] () -- C:\WINDOWS\tasks\Computer Account Inventory Update.job
[2012/01/18 13:30:06 | 000,126,569 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\GISerror.pdf
[2012/01/18 12:07:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/01/18 11:42:40 | 000,444,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/01/18 11:42:40 | 000,072,306 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/01/18 10:55:21 | 000,002,206 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/01/18 10:10:06 | 002,252,288 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\START.mxd
[2012/01/04 12:58:23 | 008,683,255 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\Settlement+Map+FrCoVA.jpg
[2011/12/29 15:53:57 | 000,015,533 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\PTO Leave Form.pdf
[2011/12/29 13:49:51 | 000,187,544 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\aep.pdf
[2011/12/29 10:00:01 | 003,332,288 | -H-- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/29 09:59:42 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\ole32_dll.iss
[2011/12/29 09:59:42 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\crypt32_dll.iss
[2011/12/28 13:09:25 | 000,004,608 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/27 14:03:25 | 000,120,335 | ---- | M] () -- C:\WINDOWS\AeXCheckAltirisAgent.js
[2011/12/22 08:20:47 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\ntdll_dll.iss
[2011/12/22 08:20:47 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\shell32_dll.iss
[2011/12/21 11:19:25 | 000,001,464 | -H-- | M] () -- C:\Documents and Settings\jeh46727\Desktop\CLEAR MEMORY.lnk
[2011/12/21 08:41:11 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\comctl32_dll.iss
[2011/12/21 08:41:11 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\mswsock_dll.iss
[2011/12/20 15:18:29 | 000,000,028 | -H-- | M] () -- C:\WINDOWS\System32\rpcrt4_dll.iss
[2011/12/20 15:18:29 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\oleaut32_dll.iss
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/19 11:20:25 | 000,447,744 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\sJbtigWoqlpSK.exe
[2012/01/19 09:06:00 | 000,082,058 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\2012-13_mountain cove.pdf
[2012/01/19 08:54:14 | 000,368,871 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\POSTER.jpg
[2012/01/19 08:47:34 | 002,594,559 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\POSTER.pdf
[2012/01/19 08:43:48 | 704,565,792 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\rocket aurora.psd
[2012/01/18 14:37:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\client.INI
[2012/01/18 14:32:20 | 000,000,920 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Start Menu\Programs\join.me.lnk
[2012/01/18 14:32:20 | 000,000,914 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\join.me.lnk
[2012/01/18 13:30:04 | 000,126,569 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\GISerror.pdf
[2012/01/04 12:58:22 | 008,683,255 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\Settlement+Map+FrCoVA.jpg
[2011/12/29 13:49:50 | 000,187,544 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\aep.pdf
[2011/12/29 12:41:46 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/29 12:41:46 | 000,000,886 | -H-- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/21 11:18:50 | 000,001,464 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Desktop\CLEAR MEMORY.lnk
[2011/12/20 13:55:49 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2011/12/20 13:55:49 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2011/11/04 11:30:34 | 003,907,640 | ---- | C] () -- C:\WINDOWS\System32\gsdll32.dll
[2011/11/03 08:04:13 | 000,004,608 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/31 14:33:45 | 000,002,528 | -H-- | C] () -- C:\Documents and Settings\jeh46727\Application Data\$_hpcst$.hpc
[2011/10/25 14:34:44 | 002,195,350 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/10/25 11:34:02 | 000,032,256 | -H-- | C] () -- C:\WINDOWS\System32\ntrights.exe
[2011/10/25 11:22:20 | 000,053,237 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/10/25 11:19:37 | 000,237,220 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011/10/25 11:19:35 | 000,237,220 | -H-- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011/10/25 11:19:35 | 000,000,001 | -H-- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011/10/25 09:33:31 | 000,008,665 | -H-- | C] () -- C:\WINDOWS\dynamic.ini
[2011/07/20 16:54:18 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2011/07/20 15:10:43 | 000,000,126 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/07/20 15:06:38 | 000,204,800 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2011/07/20 15:06:38 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2011/07/20 15:06:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2011/07/20 15:06:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2011/07/20 15:06:37 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2011/07/20 15:06:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2011/07/20 01:03:15 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2011/07/20 01:03:10 | 000,444,596 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/20 01:03:10 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2011/07/20 01:03:10 | 000,072,306 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/20 01:03:10 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2011/07/20 01:03:08 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2011/07/20 01:03:08 | 000,004,463 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2011/07/20 01:03:05 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2011/07/20 01:02:57 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2011/07/20 01:02:57 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2011/07/20 01:02:40 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2011/07/20 01:02:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2011/07/19 21:31:40 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\HPB2550V.DLL
[2011/07/19 21:31:40 | 000,000,311 | ---- | C] () -- C:\WINDOWS\System32\HPB2550V.DAT
[2011/07/19 21:31:39 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2011/07/19 21:28:55 | 000,001,994 | -H-- | C] () -- C:\WINDOWS\System32\OEMINFO.ini
[2011/07/19 21:18:20 | 000,002,401 | ---- | C] () -- C:\WINDOWS\System32\drivers\AlKernel.sys
[2011/07/19 21:17:02 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2011/07/19 21:13:22 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/07/19 17:08:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/07/19 17:08:03 | 003,332,288 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/04/17 08:08:56 | 000,197,408 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2008/04/17 08:08:44 | 000,193,312 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2007/07/12 21:33:58 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2006/09/26 16:49:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/12 17:17:36 | 000,000,258 | -H-- | C] () -- C:\WINDOWS\AWSHKWV.ini
[1997/06/25 14:24:16 | 000,040,448 | -H-- | C] () -- C:\WINDOWS\System32\RegObj.dll
========== LOP Check ==========
[2011/10/26 07:38:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco Systems
[2011/11/02 20:15:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/10/25 11:42:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ESRI
[2011/11/08 12:06:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PlotSoft
[2011/11/02 20:16:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\DAEMON Tools Lite
[2011/10/25 15:10:44 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\DataEast
[2011/11/04 11:02:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\EDrawings
[2011/12/08 13:30:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\ESRI
[2011/11/02 20:04:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\FreeBurner
[2011/11/02 20:43:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\InterVideo
[2011/11/02 20:45:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\Leadertech
[2011/10/31 10:08:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\Softland
[2011/10/25 13:54:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\jeh46727\Application Data\VITA
[2012/01/18 13:35:02 | 000,000,484 | -H-- | M] () -- C:\WINDOWS\Tasks\Computer Account Inventory Update.job
[2012/01/18 15:50:40 | 000,000,398 | ---- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{34110CE7-C3CF-46D7-8170-4C28C5194E2D}.job
[2012/01/19 12:15:00 | 000,000,400 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6F1E465E-1806-426B-BBF8-D398F24871FE}.job
========== Purity Check ==========
< End of report >
EXTRAS
OTL Extras logfile created on: 1/19/2012 12:11:30 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.98 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 68.01% Memory free
4.82 Gb Paging File | 4.09 Gb Available in Paging File | 84.88% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.87 Gb Total Space | 173.45 Gb Free Space | 74.48% Space Free | Partition Type: NTFS
Drive E: | 1.94 Gb Total Space | 0.46 Gb Free Space | 23.81% Space Free | Partition Type: FAT
Computer Name: NG00158029 | User Name: jeh46727 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 1
"DisableConfig" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 4
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
"Enabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Altiris\AClient\Aclient.exe:*:Enabled:aclient.exe" = C:\Program Files\Altiris\AClient\Aclient.exe:*:Enabled:aclient.exe
"C:\Program Files\Altiris\AClient\AClntUsr.exe:*:Enabled:AclntUsr.exe" = C:\Program Files\Altiris\AClient\AClntUsr.exe:*:Enabled:AclntUsr.exe
"c:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" = c:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service
"Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" = Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
"Enabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:Enabled:RPC" = 135:TCP:*:Enabled:RPC
"135:UDP:*:Enabled:RPC" = 135:UDP:*:Enabled:RPC
"137:UDP:*:Enabled:WINS" = 137:UDP:*:Enabled:WINS
"138:UDP:*:Enabled:NetBIOS" = 138:UDP:*:Enabled:NetBIOS
"139:TCP:*:Enabled:NetBIOS" = 139:TCP:*:Enabled:NetBIOS
"139:UDP:*:Enabled:NetBIOS" = 139:UDP:*:Enabled:NetBIOS
"1433:TCP:*:Enabled:SMS site server to SQL server" = 1433:TCP:*:Enabled:SMS site server to SQL server
"1680:TCP:*:Enabled:CC" = 1680:TCP:*:Enabled:CC
"1723:TCP:*:Enabled:PPTP" = 1723:TCP:*:Enabled:PPTP
"1900:UDP:*:Enabled:UPnP Framework" = 1900:UDP:*:Enabled:UPnP Framework
"2701:TCP:*:Enabled:SMS Remote Control" = 2701:TCP:*:Enabled:SMS Remote Control
"2701:UDP:*:Enabled:SMS Remote Control" = 2701:UDP:*:Enabled:SMS Remote Control
"2702:TCP:*:Enabled:SMS Remote Control" = 2702:TCP:*:Enabled:SMS Remote Control
"2702:UDP:*:Enabled:SMS Remote Control" = 2702:UDP:*:Enabled:SMS Remote Control
"2703:TCP:*:Enabled:SMS Remote Chat" = 2703:TCP:*:Enabled:SMS Remote Chat
"2703:UDP:*:Enabled:SMS Remote Chat" = 2703:UDP:*:Enabled:SMS Remote Chat
"2704:TCP:*:Enabled:SMS Remote File Transfer" = 2704:TCP:*:Enabled:SMS Remote File Transfer
"2704:UDP:*:Enabled:SMS Remote File Transfer" = 2704:UDP:*:Enabled:SMS Remote File Transfer
"2869:TCP:*:Enabled:UPnP Framework" = 2869:TCP:*:Enabled:UPnP Framework
"3268:TCP:*:Enabled:Global Catalog LDAP" = 3268:TCP:*:Enabled:Global Catalog LDAP
"3269:TCP:*:Enabled:Global Catalog LDAP SSL" = 3269:TCP:*:Enabled:Global Catalog LDAP SSL
"3389:TCP:*:Enabled:Remote Desktop" = 3389:TCP:*:Enabled:Remote Desktop
"389:TCP:*:Enabled:LDAP" = 389:TCP:*:Enabled:LDAP
"389:UDP:*:Enabled:LDAP" = 389:UDP:*:Enabled:LDAP
"445:TCP:*:Enabled:Server Message Block(SMB)" = 445:TCP:*:Enabled:Server Message Block(SMB)
"53:TCP:*:Enabled:DNS" = 53:TCP:*:Enabled:DNS
"53:UDP:*:Enabled:DNS" = 53:UDP:*:Enabled:DNS
"636:TCP:*:Enabled:LDAP SSL" = 636:TCP:*:Enabled:LDAP SSL
"67:UDP:*:Enabled:DHCP" = 67:UDP:*:Enabled:DHCP
"80:TCP:*:Enabled:HTTP" = 80:TCP:*:Enabled:HTTP
"80:UDP:*:Enabled:HTTP" = 80:UDP:*:Enabled:HTTP
"88:TCP:*:Enabled:Kerberos" = 88:TCP:*:Enabled:Kerberos
"88:UDP:*:Enabled:Kerberos" = 88:UDP:*:Enabled:Kerberos
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 1
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 0
"LogFilePath" = %SYSTEMROOT%\firewall_domain.log -- ()
"LogFileSize" = 4096
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
"Enabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List]
"c:\Program Files\Altiris\AClient\ACLIENT.EXE:*:Enabled:Aclient.exe" = c:\Program Files\Altiris\AClient\ACLIENT.EXE:*:Enabled:Aclient.exe
"c:\Program Files\Altiris\AClient\AClntUsr.EXE:*:Enabled:AclntUsr.exe" = c:\Program Files\Altiris\AClient\AClntUsr.EXE:*:Enabled:AclntUsr.exe
"c:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" = c:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service
"Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service" = Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
"Enabled" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List]
"135:TCP:*:Enabled:RPC" = 135:TCP:*:Enabled:RPC
"135:UDP:*:Enabled:RPC" = 135:UDP:*:Enabled:RPC
"137:UDP:*:Enabled:WINS" = 137:UDP:*:Enabled:WINS
"138:UDP:*:Enabled:NetBIOS" = 138:UDP:*:Enabled:NetBIOS
"139:TCP:*:Enabled:NetBIOS" = 139:TCP:*:Enabled:NetBIOS
"139:UDP:*:Enabled:NetBIOS" = 139:UDP:*:Enabled:NetBIOS
"1433:TCP:*:Enabled:SMS site server to SQL server" = 1433:TCP:*:Enabled:SMS site server to SQL server
"1680:TCP:*:Enabled:CC" = 1680:TCP:*:Enabled:CC
"1723:TCP:*:Enabled:PPTP" = 1723:TCP:*:Enabled:PPTP
"1900:UDP:*:Enabled:UPnP Framework" = 1900:UDP:*:Enabled:UPnP Framework
"2701:TCP:*:Enabled:SMS Remote Control" = 2701:TCP:*:Enabled:SMS Remote Control
"2701:UDP:*:Enabled:SMS Remote Control" = 2701:UDP:*:Enabled:SMS Remote Control
"2702:TCP:*:Enabled:SMS Remote Control" = 2702:TCP:*:Enabled:SMS Remote Control
"2702:UDP:*:Enabled:SMS Remote Control" = 2702:UDP:*:Enabled:SMS Remote Control
"2703:TCP:*:Enabled:SMS Remote Chat" = 2703:TCP:*:Enabled:SMS Remote Chat
"2703:UDP:*:Enabled:SMS Remote Chat" = 2703:UDP:*:Enabled:SMS Remote Chat
"2704:TCP:*:Enabled:SMS Remote File Transfer" = 2704:TCP:*:Enabled:SMS Remote File Transfer
"2704:UDP:*:Enabled:SMS Remote File Transfer" = 2704:UDP:*:Enabled:SMS Remote File Transfer
"2869:TCP:*:Enabled:UPnP Framework" = 2869:TCP:*:Enabled:UPnP Framework
"3268:TCP:*:Enabled:Global Catalog LDAP" = 3268:TCP:*:Enabled:Global Catalog LDAP
"3269:TCP:*:Enabled:Global Catalog LDAP SSL" = 3269:TCP:*:Enabled:Global Catalog LDAP SSL
"3389:TCP:*:Enabled:Remote Desktop" = 3389:TCP:*:Enabled:Remote Desktop
"389:TCP:*:Enabled:LDAP" = 389:TCP:*:Enabled:LDAP
"389:UDP:*:Enabled:LDAP" = 389:UDP:*:Enabled:LDAP
"445:TCP:*:Enabled:Server Message Block(SMB)" = 445:TCP:*:Enabled:Server Message Block(SMB)
"53:TCP:*:Enabled:DNS" = 53:TCP:*:Enabled:DNS
"53:UDP:*:Enabled:DNS" = 53:UDP:*:Enabled:DNS
"636:TCP:*:Enabled:LDAP SSL" = 636:TCP:*:Enabled:LDAP SSL
"67:UDP:*:Enabled:DHCP" = 67:UDP:*:Enabled:DHCP
"80:TCP:*:Enabled:HTTP" = 80:TCP:*:Enabled:HTTP
"80:UDP:*:Enabled:HTTP" = 80:UDP:*:Enabled:HTTP
"88:TCP:*:Enabled:Kerberos" = 88:TCP:*:Enabled:Kerberos
"88:UDP:*:Enabled:Kerberos" = 88:UDP:*:Enabled:Kerberos
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 1
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 0
"LogFilePath" = %SYSTEMROOT%\Firewall_Standard.log -- ()
"LogFileSize" = 4096
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework]
"Enabled" = 1
"RemoteAddresses" =
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Altiris\AClient\AClntUsr.EXE" = C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:Enabled:AClntUsr - AClient Interactive User Service
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio Data Module
"{0780E24D-7FA1-488C-85B7-EDDE11269030}" = Internet Explorer
"{0E19A83E-F53B-40CF-8C91-96F32D955E6A}" = LightScribe System Software 1.10.23.1
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Roxio DLA
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Roxio MyDVD Plus
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java 6 Update 18
"{30A364D7-F907-474A-903F-8453E4882E57}" = Forefront Identity Manager Add-ins and Extensions
"{332454D8-73B0-4b4a-954C-D96089CD898A}" = Altiris Carbon Copy Solution Agent
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5
"{3D052387-009E-46C9-AD4D-E682B7C92480}" = FileZilla
"{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1" = Pazera Free MP4 to AVI Converter 1.5
"{48DB5914-8772-472D-B8DF-E2092BE598F6}" = Adobe Flash Player 10 ActiveX
"{4B2BF9C6-BC16-47CC-9BC7-393B94C5A958}" = Virginia IT Infrastructure Partnership Orientation Guides
"{5033400B-0977-45AB-94CE-CC135A8E1BBB}" = ArcGIS Desktop
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59613E43-6489-4F70-9684-D71E702EAA8F}" = IE TLS Enable
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{828DF64F-7A21-4E36-92AF-528E3E7723E9}" = Altiris Agent VITA Partnership - VOF
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8AA32561-D11D-480F-B1E4-2F88A3C0C1F8}" =
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{99A23D83-E612-4F37-872D-7F5C88538C65}" = RealPlayer
"{A0A1EB01-A6FD-423A-8480-364055A7C961}" = Altiris Software Delivery Solution Agent
"{A0FB6327-E3A9-4BC4-9B91-E1DD0733E21D}" = Cisco Systems VPN Client 5.0.03.0530
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4D70AE6-8AE2-48FE-BE3A-CA0A47878453}" = CutePDF
"{A91F84C3-4B02-4F34-BDE9-1727050B3882}_is1" = XTools Pro 8.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio Audio Module
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio Copy Module
"{B4496BE1-295F-4A17-9856-FEA2C9AA1A47}" = McAfee Agent
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C65D81C3-3FC2-4B01-B515-7C6F805886BC}" = AutoDWG DWG to PDF Converter
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}" = McAfee VirusScan Enterprise
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}" = Google SketchUp 8
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5
"{E6622CD7-9B56-4C95-9A15-60D864F22E6A}" = Internet Security Systems' Proventia Desktop
"{E82BD2C7-58B6-4607-8C39-896B4680A289}" = Authorware Player
"{ED0EE09A-8540-4257-8ADE-F127D2FC3E11}" = Alternatiff
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F58C2269-23CC-40A6-891A-08790D49B5EB}" = Windows Media Player Enterprise Deployment
"{FB97C283-1F3C-42D4-AE01-ADC1DC12F774}" = Visual Basic for Applications ® Core
"{FC350782-8982-4BBE-B9BA-B474CCDC935A}" = Altiris Application Metering Agent
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Altiris Carbon Copy Solution Agent " = Altiris Carbon Copy Solution Agent 6.2
"ArcGIS Desktop" = ArcGIS Desktop
"Cisco Connect" = Cisco Connect
"doPDF 7 printer_is1" = doPDF 7.2 printer
"ExtractNow_is1" = ExtractNow
"ie8" = Windows Internet Explorer 8
"LSI Soft Modem" = LSI HDA Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"numpy-py2.5" = Python 2.5 numpy-1.0.3
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROPLUS" = Microsoft Office Professional Plus 2007
"Python 2.5 numpy-1.0.3" = Python 2.5 numpy-1.0.3
"Python 2.5.1" = Python 2.5.1
"ST6UNST #1" = Enhanced Shapefile Creator 2.0
"ST6UNST #2" = Enhanced Shapefile Creator 2.0 (C:\Program Files\Enhanced Shapefile Creator\)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JoinMe" = join.me
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/19/2012 12:31:27 PM | Computer Name = NG00158029 | Source = TrueVector Service | ID = 5003
Description = TrueVector driver: Driver install or load failure: LoadNTDeviceDriver.
Win32 error: The system cannot find the file specified.
Error - 1/19/2012 12:44:10 PM | Computer Name = NG00158029 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 1/19/2012 12:44:11 PM | Computer Name = NG00158029 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 1/19/2012 12:45:17 PM | Computer Name = NG00158029 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 1/19/2012 12:46:09 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script GP-OU-U-0000 OCS Enable Auto
Run.vbs. The system cannot find the file specified. .
Error - 1/19/2012 12:46:09 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script S1.cmd. The system cannot find
the file specified. .
Error - 1/19/2012 12:46:09 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script S1.cmd. The system cannot find
the file specified. .
Error - 1/19/2012 12:46:10 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script Get-Script.cmd. The system
cannot find the file specified. .
Error - 1/19/2012 12:46:10 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script Get-Ini.cmd. The system cannot
find the file specified. .
Error - 1/19/2012 12:46:10 PM | Computer Name = NG00158029 | Source = UserInit | ID = 1000
Description = Could not execute the following script GP-OU-U-B005 VOF All Users
Desktop Settings.vbs. The system cannot find the file specified. .
[ OSession Events ]
Error - 11/30/2011 3:40:17 PM | Computer Name = NG00158029 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11841
seconds with 480 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 1/19/2012 12:31:06 PM | Computer Name = NG00158029 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain COV due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 1/19/2012 12:31:20 PM | Computer Name = NG00158029 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 1/19/2012 12:31:21 PM | Computer Name = NG00158029 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 1/19/2012 12:31:45 PM | Computer Name = NG00158029 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 1/19/2012 12:37:30 PM | Computer Name = NG00158029 | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.
Error - 1/19/2012 12:43:58 PM | Computer Name = NG00158029 | Source = Srv | ID = 2000
Description = The server's call to a system service failed unexpectedly.
Error - 1/19/2012 12:43:58 PM | Computer Name = NG00158029 | Source = Srv | ID = 2000
Description = The server's call to a system service failed unexpectedly.
Error - 1/19/2012 12:44:08 PM | Computer Name = NG00158029 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.
Error - 1/19/2012 12:44:08 PM | Computer Name = NG00158029 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.
Error - 1/19/2012 12:44:10 PM | Computer Name = NG00158029 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain COV due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
< End of report >