This is my work computer and somebody tried to install the chrome when I was sick a couple days now
I'm getting hyperlinks everywhere and redirects and blank pop-up boxes ran windows defender but no help. I included both OTL log files. It even didn't let me paste in here had to use ctrl-V. Thanks in advance.
OTL logfile created on: 2/25/2015 1:54:42 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\htaylor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17116)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.95 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 39.46% Memory free
7.90 Gb Paging File | 5.02 Gb Available in Paging File | 63.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.60 Gb Total Space | 394.41 Gb Free Space | 86.19% Space Free | Partition Type: NTFS
Computer Name: IT5001186 | User Name: htaylor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/02/25 13:53:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\htaylor\Desktop\OTL.exe
PRC - [2015/02/05 10:30:12 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
PRC - [2014/12/03 12:07:00 | 000,840,592 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2014/12/03 10:06:32 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/05 12:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/04/19 15:22:32 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2013/04/04 13:50:58 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 13:50:58 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 13:50:58 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/13 07:44:45 | 000,702,024 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2012/12/13 07:44:31 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012/08/16 20:46:36 | 000,350,552 | ---- | M] (Kaspersky Lab ZAO) -- c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
PRC - [2012/08/16 20:46:36 | 000,350,552 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
PRC - [2012/08/16 20:46:36 | 000,350,552 | ---- | M] (Kaspersky Lab ZAO) -- c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
PRC - [2011/05/06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/01/28 14:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2011/01/26 11:00:32 | 000,283,160 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/01/26 11:00:00 | 000,013,336 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/01/18 12:42:48 | 000,070,256 | ---- | M] (Portrait Displays, Inc) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
PRC - [2011/01/18 12:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
PRC - [2011/01/12 10:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2011/01/03 16:16:42 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/01/03 16:16:40 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/17 11:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/07/29 18:39:24 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
========== Modules (No Company Name) ==========
MOD - [2015/02/05 10:30:11 | 016,852,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
MOD - [2014/10/15 12:33:12 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b3011370dcbf33751d3b9dce8091c6c6\System.Runtime.Remoting.ni.dll
MOD - [2014/10/15 12:32:51 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/15 12:32:45 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/15 12:32:36 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/15 12:32:31 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/15 12:32:28 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/15 12:32:20 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/10 09:49:57 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013/12/05 12:36:56 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/12/13 07:45:20 | 000,063,560 | ---- | M] () -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2011/01/12 10:48:48 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010/11/24 21:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/05/19 09:05:58 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/05/19 09:05:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/05/19 09:05:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/05/13 17:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/02/06 01:39:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/01/27 03:52:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/01/26 17:11:48 | 000,131,128 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV:64bit: - [2010/07/29 18:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/03/03 04:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2015/02/05 10:30:12 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/03 10:06:32 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/07/25 07:42:13 | 000,100,352 | ---- | M] (LabTech Software) [Auto | Running] -- C:\Windows\LTSvc\LTSvcMon.exe -- (LTSvcMon)
SRV - [2014/03/20 16:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/12/11 16:21:20 | 000,142,848 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Managed Client\SCComm.exe -- (SCCommService)
SRV - [2013/09/11 05:00:00 | 001,614,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ccmsetup\ccmsetup.exe -- (ccmsetup)
SRV - [2013/06/07 16:34:43 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/04/19 15:22:32 | 000,069,792 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
SRV - [2013/04/04 13:50:58 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 13:50:58 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/13 07:44:31 | 000,544,840 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2012/08/16 20:46:36 | 000,350,552 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe -- (AVP)
SRV - [2011/05/06 09:58:04 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/01/28 14:27:06 | 000,281,656 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2011/01/26 11:00:00 | 000,013,336 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/01/18 12:42:44 | 000,113,264 | ---- | M] (Portrait Displays, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe -- (PdiService)
SRV - [2011/01/15 04:32:30 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2011/01/03 16:16:42 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/01/03 16:16:40 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/05/02 12:27:53 | 000,273,200 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2013/04/04 13:51:00 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/01/29 20:42:14 | 000,468,720 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/12/13 07:28:42 | 000,027,048 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2012/12/13 07:26:36 | 000,112,080 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acsock64.sys -- (acsock)
DRV:64bit: - [2012/11/28 09:42:06 | 001,866,080 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/15 05:02:46 | 000,198,144 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/01 15:28:36 | 000,032,048 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011/07/01 06:08:04 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/05/13 17:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 17:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/06 02:22:40 | 009,090,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/02/06 01:01:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/01/27 03:52:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/18 04:38:42 | 000,026,712 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\johci.sys -- (johci)
DRV:64bit: - [2011/01/13 04:14:04 | 000,040,448 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SzCCID.sys -- (SzCCID)
DRV:64bit: - [2011/01/12 19:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/01/05 15:56:16 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/28 05:25:58 | 000,173,656 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2010/12/21 00:31:00 | 000,316,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010/12/10 15:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 15:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/12/02 16:02:58 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/16 19:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/20 15:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010/07/20 15:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010/07/20 15:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010/07/14 08:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/02 16:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010/02/08 07:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009/11/11 14:30:52 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009/09/03 15:24:28 | 000,030,736 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klfltdev.sys -- (KLFLTDEV)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 15:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/16 17:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://binkiland.com...r=506387222&ir=
IE:64bit: - HKLM\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://binkiland.com...r=506387222&ir=
IE - HKCU\..\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Binkiland"
FF - prefs.js..browser.search.selectedEngine: "Binkiland"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://mygov.us/login"
FF - prefs.js..extensions.enabledAddons: %7B2075f906-a183-0238-b627-7a8a9d8b863b%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/12/15 07:22:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/25 07:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0.0.0\Extensions\\Components: c:\Program Files (x86)\Mozilla Firefox\Components [2014/07/25 07:55:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0.0.0\Extensions\\Plugins: c:\Program Files (x86)\Mozilla Firefox\Plugins
[2014/07/25 08:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\htaylor\AppData\Roaming\mozilla\Extensions
[2015/02/25 07:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\htaylor\AppData\Roaming\mozilla\Firefox\Profiles\6x4j2v0b.default\extensions
[2015/02/24 08:49:57 | 000,000,000 | ---D | M] ("Zoom It") -- C:\Users\htaylor\AppData\Roaming\mozilla\Firefox\Profiles\6x4j2v0b.default\extensions\{2075f906-a183-0238-b627-7a8a9d8b863b}
[2015/02/11 15:38:45 | 000,002,797 | ---- | M] () -- C:\Users\htaylor\AppData\Roaming\mozilla\firefox\profiles\6x4j2v0b.default\searchplugins\Binkiland.xml
[2014/07/25 07:54:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/25 07:54:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/25 07:54:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\chrome\en-US\locale\en-US\mozapps\extensions
[2014/07/25 07:54:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\chrome\toolkit\content\mozapps\extensions
[2014/07/25 07:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\chrome\toolkit\skin\classic\aero\mozapps\extensions
[2014/07/25 07:55:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\chrome\toolkit\skin\classic\mozapps\extensions
O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\RunOnce: [Adobe Speed Launcher] 1424874415 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun_KL_notset = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Anti-Banner - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Add to Anti-Banner - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\ie_banner_deny.htm ()
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9:64bit: - Extra Button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\x64\scieplgn.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll (Kaspersky Lab ZAO)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe File not found
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: kyoceraintelligence.com ([labtech] * in Trusted sites)
O15 - HKCU\..Trusted Domains: finehomebuilding.com ([www] http in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...pdetect1259.cab (GMNRev Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1007 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = CITYELM.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{968ADD20-7BEE-47C9-BA95-FD4CD4A305E2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DAD62D0D-5225-4E88-824E-99BB6082BEC7}: DhcpNameServer = 10.1.1.8 10.1.1.5 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2F74B8B-284A-4D44-A8D3-DF4CCBBE8B67}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\tmpx - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tmpx - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\PROGRA~2\KASPER~1\KASPER~1.0FO\x64\adialhk.dll) - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\x64\adialhk.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (c:\PROGRA~2\KASPER~1\KASPER~1.0FO\adialhk.dll) - c:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\adialhk.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015/02/25 13:53:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\htaylor\Desktop\OTL.exe
[2015/02/18 07:23:27 | 000,000,000 | ---D | C] -- C:\Users\htaylor\AppData\Roaming\Roxio Log Files
[2015/02/18 07:18:57 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2015/02/16 10:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2015/02/12 07:24:52 | 000,000,000 | ---D | C] -- C:\Users\htaylor\AppData\Local\Programs
[2015/02/11 15:44:54 | 000,000,000 | ---D | C] -- C:\Users\htaylor\AppData\Local\Google
[2015/02/11 15:44:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015/02/11 15:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
[2015/02/11 15:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Unchecky
========== Files - Modified Within 30 Days ==========
[2015/02/25 13:53:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\htaylor\Desktop\OTL.exe
[2015/02/25 13:26:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-299502267-725345543-500UA.job
[2015/02/25 13:25:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/25 13:15:07 | 000,047,815 | ---- | M] () -- C:\Users\htaylor\Documents\Fire Wall Hangers.pdf
[2015/02/25 12:20:59 | 001,932,498 | ---- | M] () -- C:\Users\htaylor\Documents\BCMC Truss Facts Final 100213.pdf
[2015/02/25 12:15:40 | 000,022,754 | ---- | M] () -- C:\Users\htaylor\Documents\MiTek Gable truss connection.pdf
[2015/02/25 10:26:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-299502267-725345543-500Core.job
[2015/02/25 08:37:01 | 000,000,137 | RHS- | M] () -- C:\ProgramData\3002.xml
[2015/02/25 08:33:15 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/25 08:33:15 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/25 08:25:56 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2015/02/25 08:25:54 | 000,069,792 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2015/02/25 08:25:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/25 08:25:36 | 3182,182,400 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/25 07:12:06 | 000,000,162 | ---- | M] () -- C:\Users\Public\Desktop\LMS Login.url
[2015/02/25 07:12:06 | 000,000,064 | ---- | M] () -- C:\Users\Public\Desktop\Little Elm EMAIL.url
[2015/02/19 07:01:54 | 000,019,942 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/02/18 07:29:56 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2015/02/18 07:29:39 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2015/02/18 07:06:00 | 000,004,564 | RHS- | M] () -- C:\Users\htaylor\ntuser.pol
[2015/02/17 07:11:13 | 013,018,355 | ---- | M] () -- C:\Users\htaylor\Documents\06_BCSI_booklet_FINAL.pdf
[2015/02/10 14:38:18 | 001,302,743 | ---- | M] () -- C:\Users\htaylor\Documents\ROUND AMERIVENT Installation-Instructions.pdf
[2015/02/10 10:25:19 | 000,118,902 | ---- | M] () -- C:\Users\htaylor\Documents\firedoor-requirements.pdf
========== Files Created - No Company Name ==========
[2015/02/25 13:16:32 | 000,047,815 | ---- | C] () -- C:\Users\htaylor\Documents\Fire Wall Hangers.pdf
[2015/02/25 12:21:59 | 001,932,498 | ---- | C] () -- C:\Users\htaylor\Documents\BCMC Truss Facts Final 100213.pdf
[2015/02/25 12:17:10 | 000,022,754 | ---- | C] () -- C:\Users\htaylor\Documents\MiTek Gable truss connection.pdf
[2015/02/18 07:31:01 | 000,001,765 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Monitoring Tray.lnk
[2015/02/18 07:28:58 | 000,000,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2015/02/17 07:11:01 | 013,018,355 | ---- | C] () -- C:\Users\htaylor\Documents\06_BCSI_booklet_FINAL.pdf
[2015/02/10 14:38:15 | 001,302,743 | ---- | C] () -- C:\Users\htaylor\Documents\ROUND AMERIVENT Installation-Instructions.pdf
[2015/02/10 10:25:18 | 000,118,902 | ---- | C] () -- C:\Users\htaylor\Documents\firedoor-requirements.pdf
[2014/07/25 08:28:24 | 000,004,564 | RHS- | C] () -- C:\Users\htaylor\ntuser.pol
[2013/07/26 03:11:56 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\RemComSvc.exe
[2013/07/21 21:53:37 | 000,002,528 | ---- | C] () -- C:\Windows\FCIC.INI
[2013/07/02 19:28:35 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013/06/18 06:36:26 | 000,440,608 | ---- | C] () -- C:\Windows\SysWow64\hpcc3155.dll
[2013/05/22 13:13:16 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/04/24 08:40:23 | 000,009,797 | ---- | C] () -- C:\Windows\cfgall.ini
[2012/10/02 13:07:45 | 000,000,137 | RHS- | C] () -- C:\ProgramData\3002.xml
[2012/10/02 13:07:44 | 000,026,784 | RHS- | C] () -- C:\ProgramData\3002.abs
[2012/10/02 12:41:48 | 000,019,942 | RHS- | C] () -- C:\ProgramData\ntuser.pol
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 20:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014/07/25 08:30:30 | 000,000,000 | ---D | M] -- C:\Users\htaylor\AppData\Roaming\Synaptics
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 2/25/2015 1:54:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\htaylor\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17116)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.95 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 39.46% Memory free
7.90 Gb Paging File | 5.02 Gb Available in Paging File | 63.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.60 Gb Total Space | 394.41 Gb Free Space | 86.19% Space Free | Partition Type: NTFS
Computer Name: IT5001186 | User Name: htaylor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = IE.AssocFile.HTM] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = IE.AssocFile.HTM] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|[email protected],-28548|[email protected],-28549|[email protected],-28502|
"FPS-ICMP6-ERQ-In" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA4=LocalSubnet|RA6=LocalSubnet|[email protected],-28545|[email protected],-28547|[email protected],-28502|
"FPS-ICMP4-ERQ-In" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|RA6=LocalSubnet|[email protected],-28543|[email protected],-28547|[email protected],-28502|
"FPS-RPCSS-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|
"FPS-SpoolSvc-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|
"FPS-NB_Datagram-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|
"FPS-NB_Name-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|
"FPS-SMB-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|
"FPS-NB_Session-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28545|[email protected],-28547|[email protected],-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28543|[email protected],-28547|[email protected],-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|
"WMI-ASYNC-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\wbem\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|
"WMI-WINMGMT-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|
"WMI-RPCSS-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|[email protected],-28548|[email protected],-28549|[email protected],-28502|
"FPS-ICMP6-ERQ-In" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Private|Profile=Public|ICMP6=128:*|RA4=LocalSubnet|RA6=LocalSubnet|[email protected],-28545|[email protected],-28547|[email protected],-28502|
"FPS-ICMP4-ERQ-In" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Private|Profile=Public|ICMP4=8:*|RA4=LocalSubnet|RA6=LocalSubnet|[email protected],-28543|[email protected],-28547|[email protected],-28502|
"FPS-RPCSS-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC-EPMap|RA4=LocalSubnet|RA6=LocalSubnet|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|
"FPS-SpoolSvc-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=RPC|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|
"FPS-NB_Datagram-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=138|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|
"FPS-NB_Name-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|
"FPS-SMB-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|
"FPS-NB_Session-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|[email protected],-28545|[email protected],-28547|[email protected],-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|[email protected],-28543|[email protected],-28547|[email protected],-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|[email protected],-28539|[email protected],-28542|[email protected],-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|[email protected],-28535|[email protected],-28538|[email protected],-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|[email protected],-28527|[email protected],-28530|[email protected],-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|[email protected],-28519|[email protected],-28522|[email protected],-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|[email protected],-28511|[email protected],-28514|[email protected],-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|[email protected],-28503|[email protected],-28506|[email protected],-28502|
"WMI-ASYNC-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%systemroot%\system32\wbem\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|
"WMI-WINMGMT-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|
"WMI-RPCSS-In-TCP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=135|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|[email protected],-34256|[email protected],-34257|[email protected],-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|[email protected],-34254|[email protected],-34255|[email protected],-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|[email protected],-34252|[email protected],-34253|[email protected],-34251|
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{178EDB60-168F-4AE4-920C-707BE106FA89}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A83F1FE-0EA4-41CD-B2E2-186DB9E419F3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2509A578-FC52-44CA-94C2-21B56F66C837}" = lport=162 | protocol=17 | dir=in | name=allow netfastalk |
"{55F354F6-64F1-43DB-AA4B-486FEFFF518C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56C598F9-F452-4A2F-9850-383668856B1D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6079EAD9-5859-4D05-AD1A-CE87FF51AA62}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B5687A88-AE00-4706-94E1-DD0295565F20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B856AAF8-06D8-4DC1-B4C8-01FF23254196}" = lport=4995 | protocol=6 | dir=in | name=allow local vnc |
"{BA0C2018-26F1-40A3-8376-EF504C275220}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BEFCB05A-7790-4597-B315-017AF4461A0C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDC6226F-71F3-4E50-A6EF-8B3E63D9527B}" = lport=3389 | protocol=6 | dir=in | app=system |
"{ECEC93E4-4EA7-46CC-86BF-19B515A9F9FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE1B5F3D-9247-4E5C-BEA3-2C1C2612B6A3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F253D182-4AEB-4375-8324-235DB7923455}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{FDADA77B-5DE6-475E-A19F-B8D14FC9F8A6}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{6A2B963E-903F-47A3-8794-13483160FA2F}" = protocol=17 | dir=in | name=allow tunnel |
"{6D085891-5C87-4C75-B349-CC0478E8847D}" = dir=in | app=c:\program files\hp\hp photosmart 7510 series\bin\hpnetworkcommunicatorcom.exe |
"{743C347A-3070-4B3D-821D-782B9F863627}" = protocol=17 | dir=out | name=allow tunnel |
"{82F229CE-E220-4018-B9C9-A90102F61218}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8B99C37F-5931-476C-B79E-07DD17965C04}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9BD1EA12-A144-430A-BEF9-D258F9A22833}" = protocol=6 | dir=in | name=allow local redir |
"{B302E006-A0BC-499C-9B9A-B8BDD2E81B85}" = dir=in | app=c:\windows\ltsvc\ltsvcmon.exe |
"{BB4BCFBD-0D59-4AE0-81FC-92D38BC2ACD1}" = dir=in | app=c:\program files\hp\hp photosmart 7510 series\bin\hpnetworkcommunicator.exe |
"{BE000D2D-4713-49BC-87AA-0C804A6FA148}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{D7226666-0E2F-4149-8891-F9D8E44168C2}" = protocol=6 | dir=in | name=allow local redir |
"{E1CE2CFF-CD28-4699-97AB-5BE98E983050}" = dir=in | app=c:\program files\hp\hp photosmart 7510 series\bin\devicesetup.exe |
"{F1F09F7F-1B2B-4D31-ABB0-37F58357A5E9}" = protocol=17 | dir=out | name=allow tunnel stunrelay |
"{F4DDFDED-7BE9-4940-8D13-D88E02AD50A0}" = dir=out | app=c:\windows\ltsvc\ltsvcmon.exe |
"{F51CA749-D060-4F02-A7DE-4C3D6DCEAB83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{FC9818E9-33D7-4902-A926-4871E5330AB6}" = dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe |
"{FE9DB48F-8CA4-45F5-AA28-BAC5FE5192D8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"TCP Query User{835C5829-3DD4-4DDA-B18E-869BCC4841E9}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
"UDP Query User{B54FB789-46A7-4501-9BB8-71CA1F11B06E}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{103729AF-35B8-7567-2739-905128A38CFE}" = ccc-utility64
"{24C7AD6B-F418-4D3B-B7F2-F3603FD720BF}" = HP Photosmart 7510 series Basic Device Software
"{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}" = 64 Bit HP CIO Components Installer
"{3D8EDF72-13CC-4E51-AAB6-32A20524D2E0}" = HP Power Assistant
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{565343AF-BB01-4638-A87A-06D04494796A}" = Desktop Restore
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7D1C63D1-6520-49DA-B738-958133526E80}" = HP HotKey Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83DA38AB-1014-41C2-A3CD-E2B93832A71A}" = HP 3D DriveGuard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.VISIO_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.VISIO_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.VISIO_{1779650B-2E44-4A19-8DF6-3866D645764A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.PROPLUS_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-1000-0000000FF1CE}_Office14.VISIO_{270CA0B9-9881-44DB-BC3B-37C7E66A044A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.VISIO_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.PROPLUS_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0409-1000-0000000FF1CE}_Office14.VISIO_{FCD1C311-8B02-4DBD-BA46-1079C629577E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0409-1000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2010
"{90140000-0054-0409-1000-0000000FF1CE}_Office14.VISIO_{7DC2B20B-31B9-4C7C-B8DC-8492A9A3095E}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{90140000-0057-0000-1000-0000000FF1CE}_Office14.VISIO_{9081486B-B26D-42DB-8D31-81C525A9526A}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.PROPLUS_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-1000-0000000FF1CE}_Office14.VISIO_{516CA4A9-98E6-4F77-A863-CBD8487368E4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}_Office14.PROPLUS_{EC583796-6BBB-47DD-B9CE-B5DA12D71135}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{A3E89C5B-BB3A-433A-A878-D1310BB13EAD}" = HP Deskjet 1000 J110 series Basic Device Software
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D5526B83-25C4-88A8-A984-98F871DA1415}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIO" = Microsoft Visio Premium 2010
"PROSet" = Intel® Network Connections Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08E8F1F2-6E5B-C5A4-A5FD-B76CCF833F21}" = CCC Help Finnish
"{09045BEA-1D64-4496-B0D5-B0021C6D95CA}" = Malwarebytes' Managed Client
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E8DE6AB-5193-A885-A550-7B26858FFF74}" = Catalyst Control Center Localization All
"{11C8CD1B-B0F8-D6F5-3E5D-6103FA7A2740}" = CCC Help English
"{1267DA48-A6EA-3202-6C02-0AD5D3AAF360}" = Catalyst Control Center InstallProxy
"{13C96625-28E4-4c58-ADE0-CDAFC64752EB}" = JMicron 1394 Filter Driver
"{14FDECFD-FBA1-5D0A-16FE-51621197077E}" = CCC Help Norwegian
"{1E8D5440-0CC6-6E2D-7A1A-1B02699C76DE}" = CCC Help Danish
"{2041A685-F8DC-A7C7-2AF4-CE646D1E2161}" = CCC Help Thai
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{26A24AE4-039D-4CA4-87B4-2F83217045F0}" = Java 7 Update 45
"{2F36E5A1-A627-3736-D4BC-7962DD22EE0B}" = CCC Help Polish
"{39705143-74BD-1E99-5952-22764AD6DED9}" = ccc-core-static
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3C213840-A3A6-FD8C-91E5-AC7566FCB71B}" = CCC Help Czech
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{44C72B93-46FA-6D17-4020-E796E8D9C808}" = CCC Help German
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5681FF4A-5469-D41F-F990-D1AC1037AB02}" = CCC Help Korean
"{5A6CB42D-AFB6-989E-E7EB-B3FF928C707F}" = Catalyst Control Center Profiles Mobile
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63240320-9946-4A11-5135-DB66D8113842}" = CCC Help Japanese
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{68DDF0E0-42D9-B5C3-AD7A-3E1DCCE8D2E3}" = CCC Help Turkish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{879F7C80-BCA3-4A11-BDB1-658252ECD7E0}" = HP Product Detection
"{8F023021-A7EB-45D3-9269-D65264C81729}" = Kaspersky Anti-Virus 6.0 for Windows Workstations
"{92F8E311-1A2C-41BA-A3E0-82E829AFF10B}" = Mozilla Firefox (en-US)
"{93139A49-0360-4718-8B93-C1F9EB12E3D8}" = Roxio Secure Burn
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CB4FBA9-45C0-41AA-97CC-283B42E1A21E}" = Roxio MyDVD Business 2010
"{9F7E4DF2-1795-99AD-CDD7-29F440B61088}" = CCC Help Hungarian
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A79846AB-AE6A-C993-71DF-99FF8E559613}" = CCC Help Chinese Traditional
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{AFF6CCCD-2C82-CF3F-58AD-1766D370622F}" = CCC Help French
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Secure Burn
"{BACE8BFA-8F39-421D-BEF1-6E78632BDC90}" = Roxio MyDVD Business 2010
"{C0116FFA-6568-B16B-09EF-01E97CEF89E9}" = CCC Help Chinese Standard
"{C501064B-0925-A417-D08B-A96C07D11E01}" = CCC Help Italian
"{CDF2096F-1FBD-C097-15BC-8BC64AF0B6F7}" = CCC Help Spanish
"{CE7AE690-57AF-286B-B022-A808D30F08F2}" = CCC Help Greek
"{CFC1988A-F492-4BC5-B6F7-683A95718AE9}" = HP ESU for Microsoft Windows 7
"{D9965E8E-496F-F5E4-D8FF-78FB7EBE6ABA}" = CCC Help Swedish
"{DA8B96DE-3FE5-2079-D33B-7152C13AFC73}" = CCC Help Portuguese
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Help
"{E1625943-425A-6675-6A52-6AE98AC3080F}" = CCC Help Dutch
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E755FF48-9936-FE6B-3910-490DFB39F56D}" = Catalyst Control Center Graphics Previews Common
"{F24F876B-7D71-4BD6-88E9-614D3BB84216}" = Alcor Micro Smart Card Reader Driver
"{F70487C4-B639-5576-6DE1-2D2D790AC51A}" = CCC Help Russian
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PDF Complete" = PDF Complete Special Edition
"SZCCID" = Alcor Micro Smart Card Reader Driver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/1/2014 4:54:03 PM | Computer Name = it5001186.CITYELM.com | Source = VSS | ID = 8193
Description =
Error - 12/4/2014 9:05:55 AM | Computer Name = it5001186.CITYELM.com | Source = SceCli | ID = 1001
Description = Security policy cannot be propagated. Cannot access the template. Error
code = 3. \\CITYELM.COM\SysVol\CITYELM.COM\Policies\{43F1557D-DE29-4F25-92E6-625693A033A5}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
Error - 12/4/2014 9:05:55 AM | Computer Name = it5001186.CITYELM.com | Source = SceCli | ID = 1001
Description = Security policy cannot be propagated. Cannot access the template. Error
code = 3. \\CITYELM.COM\sysvol\CITYELM.COM\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\Machine\Microsoft\Windows
NT\SecEdit\GptTmpl.inf.
Error - 12/4/2014 10:31:16 AM | Computer Name = it5001186.CITYELM.com | Source = MBAMService | ID = 131073
Description =
Error - 12/4/2014 12:57:27 PM | Computer Name = it5001186.CITYELM.com | Source = VSS | ID = 8193
Description =
Error - 12/8/2014 9:23:32 AM | Computer Name = it5001186.CITYELM.com | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: stobject.dll, version: 6.1.7601.17514,
time stamp: 0x4ce7c9c9 Exception code: 0xc0000005 Fault offset: 0x0000000000002c68
Faulting
process id: 0x428 Faulting application start time: 0x01d012ea219edebe Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\stobject.dll
Report
Id: 6722a62a-7edd-11e4-bc80-402cf428014a
Error - 12/8/2014 9:27:38 AM | Computer Name = it5001186.CITYELM.com | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000026000000902 Faulting process
id: 0x11d4 Faulting application start time: 0x01d012eab044136f Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: unknown Report Id: fa10e83a-7edd-11e4-b91c-402cf428014a
Error - 12/9/2014 9:21:08 AM | Computer Name = it5001186.CITYELM.com | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
time stamp: 0x4d672ee4 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000000000000 Faulting process
id: 0x1084 Faulting application start time: 0x01d013b2ee18fad7 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: unknown Report Id: 3c3267e3-7fa6-11e4-a82a-402cf428014a
Error - 12/11/2014 9:12:03 AM | Computer Name = it5001186.CITYELM.com | Source = Application Error | ID = 1000
Description = Faulting application name: OUTLOOK.EXE, version: 14.0.7109.5000, time
stamp: 0x522a32e6 Faulting module name: OUTLOOK.EXE, version: 14.0.7109.5000, time
stamp: 0x522a32e6 Exception code: 0xc0000005 Fault offset: 0x00000000000952d2 Faulting
process id: 0x1790 Faulting application start time: 0x01d015440a31bb33 Faulting application
path: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE Faulting module path:
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE Report Id: 4bda4544-8137-11e4-ad2a-402cf428014a
Error - 12/11/2014 9:15:28 AM | Computer Name = it5001186.CITYELM.com | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Outlook: Rejected Safe Mode action : Outlook failed to start
correctly last time. Starting Outlook in safe mode will help you correct or isolate
a startup problem in order to successfully start the program. Some functionality
may be disabled in this mode. Do you want to start Outlook in safe mode?.
[ Broadcom Wireless LAN Events ]
Error - 10/1/2012 2:12:10 PM | Computer Name = it5001183 | Source = WLAN-Tray | ID = 0
Description = 13:12:10, Mon, Oct 01, 12 Error - Unable to gain access to user store
Error - 5/2/2013 2:36:47 PM | Computer Name = it5001088.CITYELM.com | Source = WLAN-Tray | ID = 0
Description = 13:36:47, Thu, May 02, 13 Error - Unable to gain access to user store
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 2/25/2015 10:27:00 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1336 NULL object. Cannot establish a connection at this time.
Error - 2/25/2015 10:27:08 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1509 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391706
(0xFE210026) Description: CERTIFICATE_ERROR_VERIFY_POLICY_FAILED:Certificate failed
a policy check server name: 65.36.59.34
Error - 2/25/2015 10:27:28 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 2/25/2015 10:27:28 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 2/25/2015 10:27:59 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::analyzeHttpResponse File: .\NetEnvironment.cpp
Line:
1509 Invoked Function: CCertHelper::VerifyServerCertificate Return Code: -31391706
(0xFE210026) Description: CERTIFICATE_ERROR_VERIFY_POLICY_FAILED:Certificate failed
a policy check server name: 65.36.59.34
Error - 2/25/2015 10:28:19 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp
Line:
1323 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899
(0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could
not contact target
Error - 2/25/2015 10:28:19 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108866
Description = Function: CNetEnvironment::testNetwork File: .\NetEnvironment.cpp Line:
772 Invoked Function: CNetEnvironment::IsSGAccessible Return Code: -28966899 (0xFE46000D)
Description:
NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target
Error - 2/25/2015 10:30:52 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 2/25/2015 10:30:52 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL
Error - 2/25/2015 10:30:52 AM | Computer Name = it5001186.CITYELM.com | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL
[ HP Connection Manager Events ]
Error - 5/2/2013 10:48:38 AM | Computer Name = it5001088.CITYELM.com | Source = hpMobile | ID = 5
Description = 2013/05/02 09:48:38.549|00001118|Error |[HP.Mobile]Wlan::a{void()}|The
data is invalid. (Exception from HRESULT: 0x8007000D)
Error - 5/2/2013 12:05:38 PM | Computer Name = it5001088.CITYELM.com | Source = hpMobile | ID = 5
Description = 2013/05/02 11:05:38.426|00001324|Error |[HP.Mobile]Wlan::a{void()}|The
data is invalid. (Exception from HRESULT: 0x8007000D)
Error - 5/2/2013 12:06:44 PM | Computer Name = it5001088.CITYELM.com | Source = hpMobile | ID = 5
Description = 2013/05/02 11:06:44.307|00001324|Error |[HP.Mobile]Wlan::a{void()}|The
data is invalid. (Exception from HRESULT: 0x8007000D)
Error - 5/2/2013 12:07:40 PM | Computer Name = it5001088.CITYELM.com | Source = hpMobile | ID = 5
Description = 2013/05/02 11:07:40.505|00001324|Error |[HP.Mobile]Wlan::a{void()}|The
data is invalid. (Exception from HRESULT: 0x8007000D)
Error - 5/2/2013 3:09:37 PM | Computer Name = it5001088.CITYELM.com | Source = hpCMSrv | ID = 5
Description = 2013/05/02 14:09:37.957|000010F0|Error |CBluetooth::StateChanged|Fire_StateChanged
failed [hr:0x800706BA]
Error - 5/3/2013 10:04:03 AM | Computer Name = it5001088.CITYELM.com | Source = hpCMSrv | ID = 5
Description = 2013/05/03 09:04:03.942|00001368|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 5/3/2013 10:04:06 AM | Computer Name = it5001088.CITYELM.com | Source = hpCMSrv | ID = 5
Description = 2013/05/03 09:04:06.906|00001368|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged
failed [hr:0x800706BA]
Error - 5/13/2013 4:45:52 PM | Computer Name = it5001088.CITYELM.com | Source = hpCMSrv | ID = 5
Description = 2013/05/13 15:45:52.638|000016F0|Error |CWWANInterface::Start|GetWmiState
failed with 0x80004005
Error - 5/13/2013 4:45:52 PM | Computer Name = it5001088.CITYELM.com | Source = hpCMSrv | ID = 5
Description = 2013/05/13 15:45:52.716|000016F0|Error |ChpCMSrvModule::Run|Failed
PreMessageLoop hr:0x80004005
Error - 5/13/2013 4:46:22 PM | Computer Name = it5001088.CITYELM.com | Source = hpMobile | ID = 5
Description = 2013/05/13 15:46:22.565|000017E8|Error |[HP.Mobile]Wwan::.ctor{}|Retrieving
the COM class factory for component with CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D}
failed due to the following error: 80080005.
[ HP Power Assistant Events ]
Error - 11/17/2014 5:30:40 PM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Could not find file 'C:\Users\htaylor\AppData\Local\Temp\ypjisupq.dll'.DAT
File Error
Error - 11/17/2014 5:30:40 PM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Could not find file 'C:\Users\htaylor\AppData\Local\Temp\rfupi1vg.dll'.Error
Loading dat file
Error - 11/17/2014 5:30:40 PM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS The operation completed successfully
Error - 11/18/2014 5:39:29 PM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS The type initializer for 'hp.PSG.UI.Controls.StyleWindow' threw
an exception.
Error - 12/8/2014 9:29:30 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS The operation completed successfully
Error - 1/30/2015 9:03:20 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Exception has been thrown by the target of an invocation.
Error - 2/3/2015 9:07:35 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Could not find file 'C:\Users\htaylor\AppData\Local\Temp\z4h27j7o.dll'.DAT
File Error
Error - 2/3/2015 9:07:36 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1009
Description = A required file is either invalid or cannot be loaded. Power Assistant
cannot function properly. Please restart HP Power Assistant application. Additional
details may be available in the Details section. DETAILS Could not find file 'C:\Users\htaylor\AppData\Local\Temp\4k4fsgan.dll'.Error
Loading dat file
Error - 2/3/2015 9:07:36 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS The operation completed successfully
Error - 2/19/2015 8:55:48 AM | Computer Name = it5001186.CITYELM.com | Source = HP PA Application | ID = 1001
Description = An error occurred in HP Power Assistant application. Please restart
HP Power Assistant application. Additional details may be available in the Details
section. DETAILS Exception has been thrown by the target of an invocation.
[ HP Software Framework Events ]
Error - 2/12/2015 9:10:40 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/12 07:10:40.848|00001024|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.
Error - 2/12/2015 9:29:09 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/12 07:29:09.647|00000BD0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.
Error - 2/12/2015 9:29:09 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/12 07:29:09.678|00000BD0|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.
Error - 2/16/2015 5:13:45 PM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/16 15:13:45.468|0000112C|Error |Program::RegisterEvents{hpCasl.enReturnCode()}|Exception
occurred: Failed to create system events window thread.
Error - 2/17/2015 10:34:14 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/17 08:34:14.573|00001160|Error |Program::RegisterEvents{hpCasl.enReturnCode()}|Exception
occurred: Failed to create system events window thread.
Error - 2/19/2015 8:53:50 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/19 06:53:50.805|000013E0|Error |[CaslWmi]B::B{void()}|Exception:
The operation completed successfully
Error - 2/19/2015 8:58:30 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/19 06:58:30.198|000013F4|Error |[CaslWmi]B::B{void()}|Exception:
The operation completed successfully
Error - 2/24/2015 9:37:05 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/24 07:37:05.164|00000910|Error |Program::RegisterEvents{hpCasl.enReturnCode()}|Exception
occurred: Failed to create system events window thread.
Error - 2/24/2015 9:39:35 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/24 07:39:35.657|00001158|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the PMC.Data event. Exception: Object reference not set to an instance
of an object.
Error - 2/24/2015 9:39:35 AM | Computer Name = it5001186.CITYELM.com | Source = Casl | ID = 5
Description = 2015/02/24 07:39:35.673|00001158|Error |[CaslWmi]A::Unregister{hpCasl.enReturnCode(string)}|Error
unregistering the Wireless.GlobalChanged event. Exception: Object reference not
set to an instance of an object.
[ RMM System Events ]
Error - 6/17/2014 2:44:32 PM | Computer Name = it5001186.CITYELM.com | Source = Agent | ID = 5001
Description = Test Tunnels Error: Unable to cast COM object of type 'WODVPNCOMLib.wodVPNComClass'
to interface type 'WODVPNCOMLib.IwodVPNCom'. This operation failed because the
QueryInterface call on the COM component for the interface with IID '{B8218469-6598-4D1A-83A4-7759F3740236}'
failed due to the following error: No such interface supported (Exception from
HRESULT: 0x80004002 (E_NOINTERFACE)). v60.262
[ System Events ]
Error - 2/20/2015 10:46:31 AM | Computer Name = it5001186.CITYELM.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.
Error - 2/20/2015 10:48:24 AM | Computer Name = it5001186.CITYELM.com | Source = TermService | ID = 1067
Description =
Error - 2/20/2015 12:42:48 PM | Computer Name = it5001186.CITYELM.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.
Error - 2/25/2015 9:11:07 AM | Computer Name = it5001186.CITYELM.com | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:51:18 AM on ?2/?24/?2015 was unexpected.
Error - 2/25/2015 10:25:49 AM | Computer Name = it5001186.CITYELM.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain CITYELM due to the following: %%1311 This may lead to authentication problems.
Make sure that this computer is connected to the network. If the problem persists,
please
contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller
for the specified domain, it sets up the secure session to the primary domain controller
emulator in the specified domain. Otherwise, this computer sets up the secure session
to any domain controller in the specified domain.
Error - 2/25/2015 10:25:51 AM | Computer Name = it5001186.CITYELM.com | Source = Microsoft-Windows-GroupPolicy | ID = 1055
Description = The processing of Group Policy failed. Windows could not resolve the
computer name. This could be caused by one of more of the following: a) Name Resolution
failure on the current domain controller. b) Active Directory Replication Latency
(an account created on another domain controller has not replicated to the current
domain controller).
Error - 2/25/2015 10:26:46 AM | Computer Name = it5001186.CITYELM.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.
Error - 2/25/2015 10:28:47 AM | Computer Name = it5001186.CITYELM.com | Source = TermService | ID = 1067
Description =
Error - 2/25/2015 12:07:52 PM | Computer Name = it5001186.CITYELM.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.
Error - 2/25/2015 2:58:34 PM | Computer Name = it5001186.CITYELM.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain CITYELM due to the following: %%1311 This may lead to authentication problems.
Make sure that this computer is connected to the network. If the problem persists,
please
contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller
for the specified domain, it sets up the secure session to the primary domain controller
emulator in the specified domain. Otherwise, this computer sets up the secure session
to any domain controller in the specified domain.
< End of report >