OTL Extras logfile created on: 8/2/2011 10:11:46 PM - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.43 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 76.65% Memory free 4.76 Gb Paging File | 4.15 Gb Available in Paging File | 87.17% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 232.88 Gb Total Space | 142.91 Gb Free Space | 61.36% Space Free | Partition Type: NTFS Computer Name: VAR10-0304L | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] "PolicyVersion" = 522 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] "EnableFirewall" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications] "Enabled" = 1 "AllowUserPrefMerge" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List] "C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:enabled:McAfee" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:enabled:McAfee -- (McAfee, Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts] "AllowUserPrefMerge" = 1 "Enabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List] "137:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:UPD137_Dameware" = 137:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:UPD137_Dameware "138:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_UDP138" = 138:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_UDP138 "139:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_TCP139" = 139:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_TCP139 "26675:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:ActiveSync Service" = 26675:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:ActiveSync Service "445:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_TCP445" = 445:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware_TCP445 "6129:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:DameWare" = 6129:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:DameWare [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging] "LogDroppedPackets" = 0 "LogSuccessfulConnections" = 0 "LogFileSize" = 4096 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings] "Enabled" = 1 "RemoteAddresses" = 172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16,172.30.0.0/16 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint] "Enabled" = 1 "RemoteAddresses" = 172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16,172.30.0.0/16 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop] "Enabled" = 1 "RemoteAddresses" = 172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16,172.30.0.0/16 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications] "AllowUserPrefMerge" = 1 "Enabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts] "AllowUserPrefMerge" = 1 "Enabled" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List] "26675:TCP:*:enabled:ActiveSync Service" = 26675:TCP:*:enabled:ActiveSync Service "2080:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:epo" = 2080:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:epo "5900:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:vnc" = 5900:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:vnc "6129:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware" = 6129:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:Dameware "8530:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:wsus" = 8530:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:wsus "135:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 135:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "443:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 443:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "445:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 445:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "2701:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 2701:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "2702:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 2702:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "3389:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 3389:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "8530:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 8530:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "8531:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 8531:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "67:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 67:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "68:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 68:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "69:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 69:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "135:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 135:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "2701:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 2701:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "2702:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 2702:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "4011:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 4011:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "63000:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 63000:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "64000:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm" = 64000:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:sccm "2701:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_Ping" = 2701:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_Ping "2702:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_RemoteControl" = 2702:TCP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_RemoteControl "2701:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_Ping" = 2701:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_Ping "2702:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_RemoteControl" = 2702:UDP:172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16:enabled:RemoteTool_RemoteControl [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings] "AllowOutboundDestinationUnreachable" = 0 "AllowOutboundSourceQuench" = 0 "AllowRedirect" = 0 "AllowInboundEchoRequest" = 0 "AllowInboundRouterRequest" = 0 "AllowOutboundTimeExceeded" = 0 "AllowOutboundParameterProblem" = 0 "AllowInboundTimestampRequest" = 0 "AllowInboundMaskRequest" = 0 "AllowOutboundPacketTooBig" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Logging] "LogDroppedPackets" = 0 "LogSuccessfulConnections" = 0 "LogFileSize" = 4096 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings] "Enabled" = 1 "RemoteAddresses" = 172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16,172.30.0.0/16 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint] "Enabled" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop] "Enabled" = 1 "RemoteAddresses" = 172.17.0.0/16,172.18.0.0/16,172.19.0.0/16,172.20.0.0/16,172.21.0.0/16,172.22.0.0/16,172.23.0.0/16,172.30.0.0/16 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework] "Enabled" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management "80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In) "135:TCP" = 135:TCP:*:Enabled:Remote Assistance "137:UDP" = 137:UDP:LocalSubnet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubnet:Enabled:@xpsp2res.dll,-22002 "139:TCP" = 139:TCP:172.0.0.0/255.0.0.0:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubnet:Enabled:@xpsp2res.dll,-22005 "1900:UDP" = 1900:UDP:LocalSubnet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubnet:Enabled:@xpsp2res.dll,-22008 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.) "C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation) "C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare "C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:PCSM_http_ss_win_pro "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20080709-200808010926\jre\bin\javaw.exe" = C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20080709-200808010926\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (IBM) "C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20080709-200808010926\jre\bin\notes2w.exe" = C:\Program Files\IBM\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20080709-200808010926\jre\bin\notes2w.exe:*:Enabled:Lotus Notes -- (IBM) "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus -- (Vuze Inc.) "C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Office Communicator -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\McAfee\Common Framework\FrameworkService.exe" = C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service -- (McAfee, Inc.) "C:\Programme\Castelware\CW2\RScan2.exe" = C:\Programme\Castelware\CW2\RScan2.exe:172.0.0.0/255.0.0.0:Enabled:CW Invetory Remote Scan "C:\Programme\Reflection\rftpc.exe" = C:\Programme\Reflection\rftpc.exe:*:Enabled:Reflection FTP Client "C:\Programme\Castelware\CW2\RSrv.exe" = C:\Programme\Castelware\CW2\RSrv.exe:172.0.0.0/255.0.0.0:Enabled:CWI Agent Server "C:\sappc\sapgui\saplgpad.exe" = C:\sappc\sapgui\saplgpad.exe:172.0.0.0/255.0.0.0:Enabled:SAP Logon Pad for Windows "C:\sappc\sapgui\saplogon.exe" = C:\sappc\sapgui\saplogon.exe:172.0.0.0/255.0.0.0:Enabled:SAP Logon for Windows "%programfiles%\sap\frontend\sapgui\saplgpad.exe" = %programfiles%\sap\frontend\sapgui\saplgpad.exe:172.0.0.0/255.0.0.0:Enabled:SAP Logon Pad 7.1 for Windows -- (SAP AG, Walldorf) "%programfiles%\sap\frontend\sapgui\saplogon.exe" = %programfiles%\sap\frontend\sapgui\saplogon.exe:172.0.0.0/255.0.0.0:Enabled:SAP Logon 7.1 for Windows -- (SAP AG, Walldorf) "%programfiles%\Network Associates\VirusScan\mcconsol.exe" = %programfiles%\Network Associates\VirusScan\mcconsol.exe:172.0.0.0/255.0.0.0:Enabled:VirusScan-Konsole "%programfiles%\Network Associates\Common Framework\FrameworkService.exe" = %programfiles%\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service "%programfiles%\Network Associates\Common Framework\CmdAgent.exe" = %programfiles%\Network Associates\Common Framework\CmdAgent.exe:172.0.0.0/255.0.0.0:Enabled:McAfee Common Framework "C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:Programm zur Dateiübertragung -- (Microsoft Corporation) "C:\Programme\Reflection\Rx.exe" = C:\Programme\Reflection\Rx.exe:172.0.0.0/255.0.0.0:Enabled:Reflection X "C:\sappc\sapgui\SAPgui.exe" = C:\sappc\sapgui\SAPgui.exe:172.0.0.0/255.0.0.0:Enabled:SAPGUI for Win32 "C:\Programme\Castelware\CW2\cwitbna.exe" = C:\Programme\Castelware\CW2\cwitbna.exe:172.0.0.0/255.0.0.0:Enabled:Castelware Inventory Agent "C:\Programme\Castelware\CW2\cwitbnasrv.exe" = C:\Programme\Castelware\CW2\cwitbnasrv.exe:172.0.0.0/255.0.0.0:Enabled:Castelware Inventory Agent Service "C:\Programme\AKI\PMC GUI\pmcontrol.exe" = C:\Programme\AKI\PMC GUI\pmcontrol.exe:172.0.0.0/255.0.0.0:Enabled:Print Management Control - GUI "C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation) "C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:AllShare "C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe" = C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:PCSM_http_ss_win_pro "E:\HARDDRIVE\EVE(tranq)\bin\ExeFile.exe" = E:\HARDDRIVE\EVE(tranq)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "E:\EVE(tranq)\bin\ExeFile.exe" = E:\EVE(tranq)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "C:\Private\EVE(tranq)\bin\ExeFile.exe" = C:\Private\EVE(tranq)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.) "F:\EVE(tranq)\bin\ExeFile.exe" = F:\EVE(tranq)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "F:\EVE macro\bin\ExeFile.exe" = F:\EVE macro\bin\ExeFile.exe:*:Enabled:CCP ExeFile "C:\Program Files\Psi\Psi.exe" = C:\Program Files\Psi\Psi.exe:*:Enabled:Psi "C:\WINDOWS\system32\winver.exe" = C:\WINDOWS\system32\winver.exe:*:Enabled:winver -- (Microsoft Corporation) "F:\EVE hunter\bin\ExeFile.exe" = F:\EVE hunter\bin\ExeFile.exe:*:Enabled:CCP ExeFile "F:\EVE (Black Ice)\bin\ExeFile.exe" = F:\EVE (Black Ice)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe" = C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine -- () "E:\EVE (Black Ice)\bin\ExeFile.exe" = E:\EVE (Black Ice)\bin\ExeFile.exe:*:Enabled:CCP ExeFile "F:\World_of_Tanks\WOTLauncher.exe" = F:\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher "F:\World_of_Tanks\WorldOfTanks.exe" = F:\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks "C:\Program Files\Microsoft Office Communicator\communicator.exe" = C:\Program Files\Microsoft Office Communicator\communicator.exe:*:Enabled:Office Communicator -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0003C1E0-E0E7-49BB-A0F6-4AE6D2B09202}" = UPEK TouchChip Fingerprint Reader "{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software "{0876FD34-9953-4BE6-AA77-C98D3E88EBDB}" = Dell ControlPoint System Manager "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "{0D1CBBB9-F4A8-45B6-95E7-202BA61D7AF4}" = Microsoft Office Communicator 2007 R2 "{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise "{1C5EC8F6-5C5F-421F-85BE-919B5D0CAD4C}" = Adobe Flash Player 10 Plugin "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.5 "{23170F69-40C1-2701-0465-000001000000}" = 7-Zip 4.65 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26 "{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime "{32BAA3AE-458F-46CC-9D3C-64EC21C039D9}" = SO32MMWrapper "{34588D7D-2B47-4E47-96E2-0304F0472B38}" = Dell Control Point "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35748B06-FCFC-4700-8285-DAD41689E4FE}" = Broadcom TPM Driver Installer "{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A553AB2-A652-47FD-8BEF-3795A961C56A}" = Wave Infrastructure Installer "{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite "{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup "{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support "{555F08C0-4695-47BB-8D9A-8E9BE43DD4E3}" = Proxy Switcher "{560DCF39-61D1-43B0-86DA-5EFF8F7A5144}" = AuthenTec Fingerprint Software "{6BD243B6-E560-45A0-BBF9-C6F0618D58C6}" = iPassConnect "{791E3589-57B2-4F09-87EA-3C20B8174007}" = DCP32MMWrapper "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86) "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007 "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007 "{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{1946D7A5-00A6-47F9-B1EC-DCCED9C8B1F3}" = "{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_STANDARD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001C-0409-0000-0000000FF1CE}" = Microsoft Office Access Runtime (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARD_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_STANDARD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{95EF5536-580A-4E57-8EF3-B6ACBFBFAF96}" = O2Micro OZ776 SCR Driver "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A7091E1D-36A4-47F1-A739-173CC341414F}" = Cisco Systems VPN Client 5.0.03.0560 "{AB6FFA58-F491-11D3-8951-000000015799}" = iPassConnect "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5 "{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9 "{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9 "{AC76BA86-7AD7-5676-5A64-900000000003}" = Adobe Reader Extended Language Support Font Pack "{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9 "{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser "{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework "{B104C813-FB09-4B7B-B675-5EF0C176AF66}" = Microsoft Conferencing Add-in for Microsoft Office Outlook "{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3 "{B63321BA-4512-42B2-A312-C1ED194C5761}" = SMS Client Setup Bootstrap "{B639A4DE-A375-47D3-89C3-DDCF98D992F7}" = McAfee Agent "{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack "{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto "{BE66348A-E83F-4982-941F-DFF2F742B851}" = Microsoft Office Live Meeting 2007 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CAE5379F-5C3D-4D0D-AA57-DC1134125BA5}" = Configuration Manager Client "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEECF731-3F08-4210-8073-7E87F58C01D3}" = Microsoft Office Communicator 2007 R2, MUI "{D671062E-44AF-4DC6-AD89-92921D1E1779}" = Lotus Notes 8.0.2 "{DDD6BE8C-9AFA-48F1-A6AE-3BD596E2EB0B}" = Trusted Drive Manager "{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin "{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards "{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center "{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.210 "{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager "{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack "8461-7759-5462-8226" = Vuze "9512AA21B791B05A54E27065C45BBC417AB282DF" = Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "D3F88C3864C8C031A7C5D5E63A76571EC1B047DF" = Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) "EVEMon" = EVEMon "Ferro Backup System_is1" = Ferro Backup System "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software "InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager "InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite "InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup "InstallShield_{95EF5536-580A-4E57-8EF3-B6ACBFBFAF96}" = O2Micro OZ776 SCR Driver "InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin "InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards "InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center "Lexmark Printer Software Uninstall" = Lexmark Printer Software Uninstall "Macro Express Pro" = Macro Express Pro "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800 "McAfee Anti-Spyware Enterprise Module" = McAfee AntiSpyware Enterprise Module "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NapiProjekt_is1" = NapiProjekt 1.0.6.9 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Perpetuum" = Perpetuum "PROPLUS" = Microsoft Office Professional Plus 2007 "RDC" = RDC "SAPACF" = SAP Active Components Framework "SAPACF_ADOBE" = SAP Active Components Framework for Adobe "SAPBI" = SAP Business Explorer "SAPGUI710" = SAP GUI 7.10 "Spyware Doctor" = Spyware Doctor 8.0 "STANDARD" = Microsoft Office Standard 2007 "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Update Engine" = Sony Ericsson Update Engine "VLC media player" = VLC media player 1.1.0 "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Wisdom-soft ScreenHunter 5.0 Free" = Wisdom-soft ScreenHunter 5.0 Free "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 8/2/2011 3:42:59 PM | Computer Name = VAR10-0304L | Source = Userenv | ID = 1054 Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. Error - 8/2/2011 3:43:01 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script ePOAgent_Deployment.bat. The system cannot find the file specified. . Error - 8/2/2011 3:43:01 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script UpdateApoCrm.vbe. The system cannot find the file specified. . Error - 8/2/2011 3:43:01 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script \\Lyo35nt\pcc-gpo$\Apps\SAP_710_AutoUpdate_Server_Neutral\SAP_710_AutoUpdate_Server_Neutral.cmd. The network location cannot be reached. For information about network troubleshooting, see Windows Help. . Error - 8/2/2011 3:43:08 PM | Computer Name = VAR10-0304L | Source = Lotus Notes Network Provider | ID = 2 Description = Notes Single Logon will not function properly: Service is not available to accept credentials Error - 8/2/2011 3:57:41 PM | Computer Name = VAR10-0304L | Source = Userenv | ID = 1054 Description = Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. Error - 8/2/2011 3:57:42 PM | Computer Name = VAR10-0304L | Source = AutoEnrollment | ID = 15 Description = Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed. Error - 8/2/2011 4:00:36 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script ePOAgent_Deployment.bat. The system cannot find the file specified. . Error - 8/2/2011 4:00:36 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script UpdateApoCrm.vbe. The system cannot find the file specified. . Error - 8/2/2011 4:00:52 PM | Computer Name = VAR10-0304L | Source = UserInit | ID = 1000 Description = Could not execute the following script \\Lyo35nt\pcc-gpo$\Apps\SAP_710_AutoUpdate_Server_Neutral\SAP_710_AutoUpdate_Server_Neutral.cmd. The network path was not found. . [ OSession Events ] Error - 10/6/2010 5:37:14 AM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 352 seconds with 180 seconds of active time. This session ended with a crash. Error - 3/14/2011 7:57:54 AM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 332 seconds with 180 seconds of active time. This session ended with a crash. Error - 5/6/2011 12:14:27 PM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3159 seconds with 1680 seconds of active time. This session ended with a crash. Error - 5/12/2011 12:48:43 PM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9501 seconds with 3960 seconds of active time. This session ended with a crash. Error - 8/2/2011 4:30:57 AM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2128 seconds with 1140 seconds of active time. This session ended with a crash. Error - 8/2/2011 4:32:38 AM | Computer Name = VAR10-0304L | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 8/2/2011 3:57:40 PM | Computer Name = VAR10-0304L | Source = sr | ID = 1 Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. Error - 8/2/2011 3:57:40 PM | Computer Name = VAR10-0304L | Source = ACPIEC | ID = 327681 Description = \Device\ACPIEC: The embedded controller (EC) hardware didn't respond within the timeout period. This may indicate an error in the EC hardware or firmware, or possibly a poorly designed BIOS which accesses the EC in an unsafe manner. The EC driver will retry the failed transaction if possible. Error - 8/2/2011 3:57:41 PM | Computer Name = VAR10-0304L | Source = NETLOGON | ID = 5719 Description = No Domain Controller is available for domain EU due to the following: %%1311. Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator. Error - 8/2/2011 3:58:02 PM | Computer Name = VAR10-0304L | Source = DCOM | ID = 10016 Description = The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool. Error - 8/2/2011 3:58:02 PM | Computer Name = VAR10-0304L | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 8/2/2011 3:58:02 PM | Computer Name = VAR10-0304L | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time. Error - 8/2/2011 4:00:20 PM | Computer Name = VAR10-0304L | Source = Service Control Manager | ID = 7026 Description = The following boot-start or system-start driver(s) failed to load: abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 atapi cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x PCIIde perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx Symmpi sym_hi sym_u3 TosIde ultra viaagp ViaIde Error - 8/2/2011 4:02:50 PM | Computer Name = VAR10-0304L | Source = DCOM | ID = 10016 Description = The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {24FF4FDC-1D9F-4195-8C79-0DA39248FF48} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool. Error - 8/2/2011 4:05:00 PM | Computer Name = VAR10-0304L | Source = Schedule | ID = 7901 Description = The At23.job command failed to start due to the following error: %%2147942402 Error - 8/2/2011 4:13:06 PM | Computer Name = VAR10-0304L | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 29 minutes. NtpClient has no source of accurate time. < End of report >