Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4311
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/14/2010 9:05:11 AM
mbam-log-2010-07-14 (09-05-11).txt
Scan type: Quick scan
Objects scanned: 181430
Time elapsed: 27 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\JDK5SWFMZY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL.LOG
OTL logfile created on: 7/14/2010 9:10:05 AM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Sync Data\LBerry's Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 29.14 Gb Free Space | 26.08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USHOU03-1LB01
Current User Name: LBerry
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/07/14 09:09:17 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Sync Data\LBerry's Documents\Downloads\OTL.exe
PRC - [2010/06/16 17:20:50 | 000,624,056 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
PRC - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2010/04/29 15:39:32 | 000,437,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/02/14 21:33:22 | 001,864,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/02/14 21:33:22 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/02/14 21:33:22 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/02/14 21:33:22 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2010/02/14 21:33:20 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2009/10/01 10:53:04 | 000,403,015 | ---- | M] (Plaxo, Inc.) -- C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe
PRC - [2009/07/31 22:02:48 | 000,891,680 | ---- | M] (Centered Systems) -- C:\Program Files\SecCopy\SecCopy.exe
PRC - [2009/06/09 17:30:44 | 000,068,888 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe
PRC - [2009/06/09 17:30:42 | 000,437,528 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe
PRC - [2009/06/09 17:30:38 | 000,336,152 | ---- | M] (AT&T) -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe
PRC - [2009/06/05 07:40:40 | 000,372,736 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\softmon.exe
PRC - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
PRC - [2009/03/30 16:28:36 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/07/23 08:27:06 | 001,171,456 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\LDISCN32.EXE
PRC - [2008/06/02 10:42:32 | 000,155,648 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\Shared Files\residentAgent.exe
PRC - [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/24 07:05:26 | 000,406,528 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\issuser.exe
PRC - [2008/03/11 06:45:00 | 000,118,784 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\policy.client.invoker.exe
PRC - [2008/03/04 09:57:28 | 000,258,048 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\rcgui.exe
PRC - [2008/02/22 12:43:38 | 001,245,184 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2008/02/12 12:01:48 | 000,666,176 | ---- | M] (Check Point Software Tech Ltd) -- C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe
PRC - [2008/02/12 12:01:40 | 000,367,168 | ---- | M] () -- C:\WINDOWS\system32\Prot_srv.exe
PRC - [2008/02/12 12:01:40 | 000,145,984 | ---- | M] () -- C:\WINDOWS\system32\pstartSr.exe
PRC - [2007/12/06 15:16:56 | 000,225,280 | ---- | M] () -- C:\Program Files\LANDesk\LDClient\LDRegWatch.exe
PRC - [2007/11/30 05:25:18 | 000,192,512 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\tmcsvc.exe
PRC - [2007/11/30 05:22:44 | 000,196,608 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\LocalSch.EXE
PRC - [2007/11/30 05:09:10 | 000,262,144 | ---- | M] (LANDesk Software, Ltd.) -- C:\Program Files\LANDesk\LDClient\collector.exe
PRC - [2007/10/23 09:45:40 | 001,336,632 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\U3\U3Launcher\LaunchU3.exe
PRC - [2007/09/06 16:47:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2007/08/31 07:13:00 | 000,032,819 | ---- | M] (LANDesk Software Ltd.) -- C:\WINDOWS\system32\cba\pds.exe
PRC - [2007/08/31 07:12:56 | 000,028,729 | ---- | M] (LANDesk Software Ltd.) -- C:\WINDOWS\system32\msgsys.exe
PRC - [2007/07/31 22:10:04 | 000,065,536 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/07/30 22:54:38 | 002,158,592 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2007/07/20 16:48:00 | 002,170,880 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2007/07/20 16:30:28 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2007/07/10 12:00:24 | 000,045,056 | R--- | M] (BVM Limited) -- C:\WINDOWS\system32\pclnksvc.exe
PRC - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/12/18 15:22:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006/10/27 20:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006/09/28 21:08:46 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006/08/23 13:11:38 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
PRC - [2006/01/23 23:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2001/12/06 02:13:50 | 000,110,592 | ---- | M] (Captaris, Inc.) -- C:\Program Files\RightFax\FaxCtrl.exe
========== Modules (SafeList) ==========
MOD - [2010/07/14 09:09:17 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Sync Data\LBerry's Documents\Downloads\OTL.exe
MOD - [2010/04/01 09:57:36 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/10/01 10:49:26 | 000,043,585 | ---- | M] (Plaxo, Inc.) -- C:\Program Files\Plaxo\3.23.0.11\plx_hook.dll
MOD - [2008/04/14 05:42:02 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/14 05:40:22 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV - [2010/04/29 15:39:34 | 000,304,464 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010/03/26 11:16:04 | 000,093,320 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/02/14 21:33:22 | 001,864,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/02/14 21:33:22 | 000,341,320 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/02/14 21:33:22 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/02/14 21:33:22 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2010/02/14 21:33:20 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/12/29 16:21:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/10/09 18:59:22 | 000,121,416 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe -- (ATTRcAppSvc)
SRV - [2009/07/13 12:06:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2009/06/09 17:30:44 | 000,068,888 | ---- | M] (AT&T) [On_Demand | Running] -- C:\Program Files\AT&T Global Network Client\NetLogSvc.exe -- (NetLogSvc)
SRV - [2009/06/09 17:30:42 | 000,437,528 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\netcfgsvr.exe -- (netcfgsvr)
SRV - [2009/06/09 17:30:38 | 000,336,152 | ---- | M] (AT&T) [Auto | Running] -- C:\Program Files\AT&T Global Network Client\NetClientSvc.exe -- (NetClientSvc)
SRV - [2009/06/05 07:40:40 | 000,372,736 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\LDCLient\softmon.exe -- (Softmon) LANDesk®
SRV - [2009/03/30 16:28:36 | 001,533,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/06/02 10:42:32 | 000,155,648 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\Shared Files\residentagent.exe -- (CBA8) LANDesk®
SRV - [2008/03/24 07:05:26 | 000,406,528 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\LDClient\issuser.exe -- (ISSUSER)
SRV - [2008/03/11 06:45:00 | 000,118,784 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\LDClient\policy.client.invoker.exe -- (LANDesk Policy Invoker)
SRV - [2008/02/22 12:40:20 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2008/02/12 12:01:40 | 000,367,168 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\Prot_srv.exe -- (Pointsec)
SRV - [2008/02/12 12:01:40 | 000,145,984 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\pstartSr.exe -- (Pointsec_start)
SRV - [2007/11/30 05:25:18 | 000,192,512 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\LDClient\tmcsvc.exe -- (Intel Targeted Multicast)
SRV - [2007/11/30 05:22:44 | 000,196,608 | ---- | M] (LANDesk Software, Ltd.) [Auto | Running] -- C:\Program Files\LANDesk\LDClient\LocalSch.EXE -- (Intel Local Scheduler Service)
SRV - [2007/09/06 16:47:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/08/31 07:13:00 | 000,032,819 | ---- | M] (LANDesk Software Ltd.) [Auto | Running] -- C:\WINDOWS\system32\cba\pds.exe -- (Intel PDS)
SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/07/10 12:00:24 | 000,045,056 | R--- | M] (BVM Limited) [Auto | Running] -- C:\WINDOWS\system32\pclnksvc.exe -- (PCLink for Windows)
SRV - [2007/05/10 10:23:50 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys -- (HSF_DPV)
DRV - [2010/07/13 03:00:00 | 001,362,608 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100713.040\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/07/13 03:00:00 | 000,085,424 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100713.040\NAVENG.SYS -- (NAVENG)
DRV - [2010/06/17 08:56:42 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\eeCtrl.sys -- (eeCtrl)
DRV - [2010/06/02 19:59:06 | 000,161,920 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/04/01 09:23:21 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/02/14 21:33:26 | 000,042,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010/02/14 21:33:24 | 000,320,560 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/02/14 21:33:24 | 000,281,648 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/02/14 21:33:24 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/02/14 21:33:22 | 000,092,488 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2010/02/14 21:33:22 | 000,050,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2010/02/14 21:33:18 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2010/02/14 21:33:18 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/02/14 21:33:18 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2009/10/09 18:47:40 | 000,024,064 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2009/10/09 18:44:10 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2009/06/23 12:03:16 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/06/09 17:32:56 | 000,019,328 | R--- | M] (AT&T) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\agnwifi.sys -- (agnwifi)
DRV - [2009/06/09 17:32:38 | 000,011,392 | R--- | M] (AT&T) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avpnnic.sys -- (avpnnic)
DRV - [2009/06/09 17:11:16 | 000,219,648 | ---- | M] (AT&T) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\agnfilt.sys -- (agnfilt)
DRV - [2009/05/04 16:57:18 | 000,148,096 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swumxa3.sys -- (SWUMXA3) Sierra Wireless USB MUX Driver (UMTSA3)
DRV - [2009/04/30 14:51:28 | 001,952,512 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2009/03/31 15:45:42 | 000,190,080 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3) Sierra Wireless MUX NDIS Driver (UMTSA3)
DRV - [2008/09/04 14:03:54 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/08/22 10:05:42 | 000,026,760 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2008/04/13 22:06:06 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/03/21 07:42:00 | 000,088,896 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2008/02/12 12:00:38 | 000,220,096 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prot_2k.sys -- (prot_2k)
DRV - [2007/11/09 14:04:28 | 000,105,216 | R--- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2007/11/09 14:04:28 | 000,059,264 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007/08/31 11:58:20 | 000,018,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2007/06/11 14:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/05/31 15:50:20 | 006,727,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/05/30 16:23:04 | 000,011,904 | ---- | M] (LANDesk Software, Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ldblank.sys -- (ldblank)
DRV - [2007/05/30 16:23:04 | 000,003,712 | ---- | M] (LANDesk Software, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mirrorflt.sys -- (mirrorflt)
DRV - [2007/05/30 16:23:04 | 000,003,328 | ---- | M] (LANDesk Software, Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ldmirror.sys -- (ldmirror)
DRV - [2007/05/24 14:27:00 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/04/27 07:40:00 | 000,035,328 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2007/04/24 13:20:00 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/24 11:33:46 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mgmt.sys -- (s125mgmt) Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/24 11:33:46 | 000,098,696 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125obex.sys -- (s125obex)
DRV - [2007/04/24 11:33:44 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007/04/24 11:33:42 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007/04/24 11:33:34 | 000,083,336 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus) Sony Ericsson Device 125 driver (WDM)
DRV - [2007/04/15 22:03:04 | 000,056,576 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/04/15 21:49:08 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/30 12:38:14 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/03/18 15:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/03/01 16:53:00 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2006/11/20 17:55:00 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 19:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 11:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006/07/21 11:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/08/12 16:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/07/11 18:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/01/06 13:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/08/04 05:00:00 | 000,008,832 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://dial.sbc.yahoo.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.99
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..keyword.URL: "http://search.yahoo....h?fr=mcafee&p="
FF - HKLM\software\mozilla\Firefox\extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/07/13 12:27:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/27 12:28:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/03 08:34:44 | 000,000,000 | ---D | M]
[2010/02/07 20:54:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Mozilla\Extensions
[2010/07/14 09:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Mozilla\Firefox\Profiles\s1hh9hel.default\extensions
[2010/07/09 16:07:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\LBerry\Application Data\Mozilla\Firefox\Profiles\s1hh9hel.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/13 12:06:54 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\LBerry\Application Data\Mozilla\Firefox\Profiles\s1hh9hel.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/09/09 22:25:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/08/07 02:37:06 | 000,053,355 | ---- | M] (Oracle Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPJinit13129.dll
[2010/07/13 23:13:34 | 000,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
O1 HOSTS File: ([2010/07/12 23:58:34 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Pointsec Tray] C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe (Check Point Software Tech Ltd)
O4 - HKLM..\Run: [RightFAX Print-to-Fax Driver] C:\Program Files\RightFax\FaxCtrl.exe (Captaris, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [PlaxoSysTray] C:\Program Files\Plaxo\3.23.0.11\plaxosystray.exe (Plaxo, Inc.)
O4 - HKCU..\Run: [PlaxoUpdate] C:\Program Files\Plaxo\3.23.0.11\PlaxoHelper_en.exe (Plaxo, Inc.)
O4 - HKCU..\Run: [Second Copy] C:\Program Files\SecCopy\SecCopy.exe (Centered Systems)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk = C:\WINDOWS\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O15 - HKCU\..Trusted Domains: emersonprocess.com ([sp] http in Local intranet)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell....iler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.4.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1252554721213 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1252554793761 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFECAFE-0013-0001-0029-ABCDEFABCDEF} Reg Error: Value error. (JInitiator 1.3.1.29)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://join-test.we...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.21.128.22 66.163.0.161 216.123.198.243
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emrsn.org
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (pssogina.dll) - C:\WINDOWS\System32\PssoGina.dll (Check Point Software Tech Ltd)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\LBerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\LBerry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2010/07/13 12:22:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/07/13 12:21:36 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/07/13 12:21:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2010/07/11 00:51:10 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/10 11:04:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/10 11:04:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/10 11:04:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/10 11:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/10 11:00:01 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/07/09 16:23:41 | 000,000,000 | ---D | C] -- C:\Sync Data\LBerry's Documents\Downloads
[2010/07/09 15:31:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\LBerry\Recent
[2010/07/08 19:28:04 | 000,000,000 | ---D | C] -- C:\Program Files\FCU Configuration
[2010/06/28 14:54:28 | 000,000,000 | R--D | C] -- C:\Sync Data\LBerry's Documents\My Videos
[2010/06/21 16:12:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bg-bg
[2010/06/21 16:12:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-cn
[2010/06/21 16:12:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2010/06/21 16:11:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\et-ee
[2010/06/21 16:11:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hu-hu
[2010/06/21 16:11:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\hr-hr
[2010/06/21 16:11:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2010/06/21 16:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lv-lv
[2010/06/21 16:11:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\lt-lt
[2010/06/21 16:11:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2010/06/21 16:11:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-pt
[2010/06/21 16:11:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ru-ru
[2010/06/21 16:11:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ro-ro
[2010/06/21 16:11:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sk-sk
[2010/06/21 16:11:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sl-si
[2010/06/21 16:11:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\th-th
[2010/06/18 10:55:28 | 000,000,000 | ---D | C] -- C:\Sync Data\LBerry's Documents\Trade Shows and Meetings
[2010/06/15 16:59:14 | 000,000,000 | ---D | C] -- C:\Sync Data\LBerry's Documents\Customers
[2010/06/15 15:08:42 | 000,588,969 | ---- | C] (Macromedia, Inc.) -- C:\WINDOWS\Pink Floyd.exe
[2010/06/15 15:08:42 | 000,407,240 | ---- | C] (MacSourcery) -- C:\WINDOWS\Pink Floyd.scr
[2010/06/15 15:08:42 | 000,040,960 | ---- | C] (MacSourcery) -- C:\WINDOWS\Pink Floyd.dll
[2010/05/13 10:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LBerry\Application Data\Xerox
[2010/05/08 13:04:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\U3
[2010/04/27 12:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/27 12:26:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
========== Files - Modified Within 90 Days ==========
[2010/07/14 09:46:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{ABC8ADFD-81D4-42F3-A9C6-265B25C4C745}.job
[2010/07/14 00:26:32 | 000,023,543 | ---- | M] () -- C:\Documents and Settings\LBerry\Desktop\Receipt - PayPal.pdf
[2010/07/13 23:23:52 | 000,002,533 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2010/07/13 20:38:01 | 000,002,575 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/07/13 20:36:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/07/13 20:31:48 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/13 20:31:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/07/13 19:16:19 | 009,175,040 | -H-- | M] () -- C:\Documents and Settings\LBerry\NTUSER.DAT
[2010/07/13 19:16:19 | 000,000,268 | -HS- | M] () -- C:\Documents and Settings\LBerry\ntuser.ini
[2010/07/13 12:01:03 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\defrag.job
[2010/07/13 11:00:14 | 000,115,520 | ---- | M] () -- C:\Documents and Settings\LBerry\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/07/13 10:47:54 | 000,400,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/07/13 10:36:49 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/07/13 01:59:52 | 000,168,250 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/07/12 23:59:15 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/07/12 23:58:34 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/07/11 00:51:19 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/07/10 14:42:56 | 000,054,503 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Hello and thanks for the help in advance.docx
[2010/07/09 15:32:51 | 000,030,060 | ---- | M] () -- C:\Sync Data\LBerry's Documents\cc_20100709_153239.reg
[2010/07/09 15:14:50 | 000,000,603 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/07/09 15:14:50 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2010/07/09 11:05:59 | 000,002,491 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2010/07/08 19:28:12 | 000,000,762 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\FCU Configuration.lnk
[2010/07/08 19:28:11 | 000,000,191 | ---- | M] () -- C:\WINDOWS\{0E2FEC12-96B8-465A-82E6-85011A52CC6F}_WiseFW.ini
[2010/07/08 13:07:27 | 000,168,250 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/07/03 12:23:24 | 000,000,857 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\MyScribe.lnk
[2010/07/02 08:57:27 | 000,002,501 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office PowerPoint 2007.lnk
[2010/06/28 23:34:26 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\LBerry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/24 06:44:35 | 000,005,817 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Lance.Theme
[2010/06/23 12:32:24 | 000,614,884 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/23 12:32:24 | 000,525,898 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/23 12:32:24 | 000,095,588 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/22 08:29:24 | 000,005,817 | ---- | M] () -- C:\Sync Data\LBerry's Documents\My Favorite Theme.theme
[2010/06/18 09:18:21 | 000,028,160 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Copy of Copy of RTG-HOU Discounts - Under Construction.xls
[2010/06/18 08:44:13 | 000,010,722 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Bookings Forecast - United States - World Areas.xlsx
[2010/06/17 08:58:14 | 000,002,280 | RHS- | M] () -- C:\Documents and Settings\LBerry\ntuser.pol
[2010/06/16 13:48:30 | 000,357,355 | ---- | M] () -- C:\Sync Data\LBerry's Documents\FHR_MN_PROPANE_QTE300556.pdf
[2010/06/16 09:00:55 | 000,345,919 | ---- | M] () -- C:\Sync Data\LBerry's Documents\453703-TOPSCAR061010GM.pdf
[2010/06/15 15:08:43 | 000,588,969 | ---- | M] (Macromedia, Inc.) -- C:\WINDOWS\Pink Floyd.exe
[2010/06/15 15:08:42 | 000,407,240 | ---- | M] (MacSourcery) -- C:\WINDOWS\Pink Floyd.scr
[2010/06/15 15:08:42 | 000,040,960 | ---- | M] (MacSourcery) -- C:\WINDOWS\Pink Floyd.dll
[2010/06/14 15:38:33 | 000,094,208 | ---- | M] () -- C:\Documents and Settings\LBerry\Desktop\blank-letter-head-RTG-EPM.doc
[2010/06/11 09:32:36 | 000,416,287 | ---- | M] () -- C:\Sync Data\LBerry's Documents\PDS_OPC_Mirror.pdf
[2010/06/10 10:36:18 | 000,018,104 | RHS- | M] () -- C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
[2010/06/07 14:53:45 | 000,006,566 | ---- | M] () -- C:\Sync Data\LBerry's Documents\1424 US-77, Denton, TX 76201 to Fredericksburg Inn and Suites.htm
[2010/06/07 14:53:13 | 000,013,577 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Fredericksburg Inn and Suites to 1424 US-77, Denton, TX 76201.pdf
[2010/06/02 19:59:06 | 000,161,920 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\WpsHelper.sys
[2010/06/02 09:25:03 | 000,041,325 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Think customer.docx
[2010/05/28 14:09:34 | 000,017,408 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Copy of CTRL_Saab_Level_08.xls
[2010/05/27 15:13:27 | 000,000,173 | ---- | M] () -- C:\WINDOWS\contain.INI
[2010/05/18 19:04:13 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2010/05/13 18:18:34 | 000,002,317 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\AT&T Global Network Client.lnk
[2010/05/05 16:26:57 | 000,016,212 | ---- | M] () -- C:\Sync Data\LBerry's Documents\sunoco.docx
[2010/05/05 14:40:41 | 000,002,393 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Visio 2003.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/27 10:03:18 | 000,017,961 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Astoria Generating Company LP Terms and Conditions.doc
[2010/04/26 14:52:10 | 000,025,633 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Astoria Generating Company, LP Terms and Conditions.pdf
[2010/04/24 10:47:43 | 000,000,000 | ---- | M] () -- C:\settings.mmp
[2010/04/24 10:00:45 | 000,000,088 | ---- | M] () -- C:\Documents and Settings\LBerry\Application Data\usb.inf
[2010/04/23 13:45:58 | 000,085,504 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Rosemount Tank Gauging BLANK Representative Agreement.doc
[2010/04/21 10:10:15 | 000,194,767 | ---- | M] () -- C:\Sync Data\LBerry's Documents\AGC REVISED T&C'S.pdf
[2010/04/21 09:08:21 | 000,473,664 | ---- | M] () -- C:\Sync Data\LBerry's Documents\P300494_Cert.pdf
[2010/04/20 12:45:03 | 000,028,160 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Copy of Delayed orders.xls
[2010/04/19 16:11:53 | 000,048,299 | ---- | M] () -- C:\Sync Data\LBerry's Documents\Sunoco Nederland.QTE300447.pdf
[2010/04/19 11:10:01 | 000,010,599 | ---- | M] () -- C:\Sync Data\LBerry's Documents\RTG-HOU Disscounts.xlsx
[2010/04/19 07:22:56 | 000,058,880 | ---- | M] () -- C:\Sync Data\LBerry's Documents\AGC Supplier Qualification Form 12Aug08.xls
[2010/04/15 17:14:54 | 000,017,408 | ---- | M] () -- C:\Sync Data\LBerry's Documents\LanceCFS repdist list.xls
========== Files Created - No Company Name ==========
[2010/07/14 00:26:32 | 000,023,543 | ---- | C] () -- C:\Documents and Settings\LBerry\Desktop\Receipt - PayPal.pdf
[2010/07/13 10:36:49 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/07/11 00:51:19 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/11 00:51:17 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/10 14:42:56 | 000,054,503 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Hello and thanks for the help in advance.docx
[2010/07/09 15:32:45 | 000,030,060 | ---- | C] () -- C:\Sync Data\LBerry's Documents\cc_20100709_153239.reg
[2010/07/08 19:28:12 | 000,000,762 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\FCU Configuration.lnk
[2010/07/08 19:27:50 | 000,000,191 | ---- | C] () -- C:\WINDOWS\{0E2FEC12-96B8-465A-82E6-85011A52CC6F}_WiseFW.ini
[2010/07/03 12:23:24 | 000,000,857 | ---- | C] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\MyScribe.lnk
[2010/06/24 06:44:35 | 000,005,817 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Lance.Theme
[2010/06/22 08:29:24 | 000,005,817 | ---- | C] () -- C:\Sync Data\LBerry's Documents\My Favorite Theme.theme
[2010/06/18 09:18:20 | 000,028,160 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Copy of Copy of RTG-HOU Discounts - Under Construction.xls
[2010/06/18 08:44:13 | 000,010,722 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Bookings Forecast - United States - World Areas.xlsx
[2010/06/16 13:47:03 | 000,357,355 | ---- | C] () -- C:\Sync Data\LBerry's Documents\FHR_MN_PROPANE_QTE300556.pdf
[2010/06/16 09:00:55 | 000,345,919 | ---- | C] () -- C:\Sync Data\LBerry's Documents\453703-TOPSCAR061010GM.pdf
[2010/06/11 09:32:36 | 000,416,287 | ---- | C] () -- C:\Sync Data\LBerry's Documents\PDS_OPC_Mirror.pdf
[2010/06/07 14:53:45 | 000,006,566 | ---- | C] () -- C:\Sync Data\LBerry's Documents\1424 US-77, Denton, TX 76201 to Fredericksburg Inn and Suites.htm
[2010/06/07 14:53:13 | 000,013,577 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Fredericksburg Inn and Suites to 1424 US-77, Denton, TX 76201.pdf
[2010/06/02 09:24:10 | 000,041,325 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Think customer.docx
[2010/05/28 14:09:34 | 000,017,408 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Copy of CTRL_Saab_Level_08.xls
[2010/05/24 08:45:43 | 000,000,461 | ---- | C] () -- C:\Documents and Settings\LBerry\Application Data\Microsoft\Internet Explorer\Quick Launch\Drivers & Downloads - Public Sector.url
[2010/05/08 13:04:35 | 000,002,575 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\LaunchU3.exe.lnk
[2010/05/05 16:26:30 | 000,016,212 | ---- | C] () -- C:\Sync Data\LBerry's Documents\sunoco.docx
[2010/04/27 10:03:12 | 000,017,961 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Astoria Generating Company LP Terms and Conditions.doc
[2010/04/24 10:47:43 | 000,000,000 | ---- | C] () -- C:\settings.mmp
[2010/04/24 10:00:45 | 000,000,088 | ---- | C] () -- C:\Documents and Settings\LBerry\Application Data\usb.inf
[2010/04/23 16:26:32 | 000,473,664 | ---- | C] () -- C:\Sync Data\LBerry's Documents\P300494_Cert.pdf
[2010/04/23 13:47:47 | 000,085,504 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Rosemount Tank Gauging BLANK Representative Agreement.doc
[2010/04/21 10:10:15 | 000,194,767 | ---- | C] () -- C:\Sync Data\LBerry's Documents\AGC REVISED T&C'S.pdf
[2010/04/20 12:45:03 | 000,028,160 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Copy of Delayed orders.xls
[2010/04/19 14:54:56 | 000,048,299 | ---- | C] () -- C:\Sync Data\LBerry's Documents\Sunoco Nederland.QTE300447.pdf
[2010/04/19 11:10:00 | 000,010,599 | ---- | C] () -- C:\Sync Data\LBerry's Documents\RTG-HOU Disscounts.xlsx
[2010/04/19 07:22:56 | 000,058,880 | ---- | C] () -- C:\Sync Data\LBerry's Documents\AGC Supplier Qualification Form 12Aug08.xls
[2010/04/15 17:14:53 | 000,017,408 | ---- | C] () -- C:\Sync Data\LBerry's Documents\LanceCFS repdist list.xls
[2010/02/23 14:45:03 | 000,000,173 | ---- | C] () -- C:\WINDOWS\contain.INI
[2010/01/19 18:34:39 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2009/09/28 11:13:50 | 000,354,304 | ---- | C] () -- C:\WINDOWS\System32\WCT32DX.DLL
[2009/09/28 11:13:50 | 000,300,544 | ---- | C] () -- C:\WINDOWS\System32\WRT32DX.DLL
[2009/09/28 11:13:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\strbatch_ps.dll
[2009/09/28 11:13:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\strSrvCalc_ps.dll
[2009/09/28 11:13:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\strsrv_ps.dll
[2009/09/10 12:28:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2009/09/10 11:58:45 | 000,026,760 | R--- | C] () -- C:\WINDOWS\System32\drivers\swmsflt.sys
[2009/09/10 11:00:47 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2009/09/10 11:00:40 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2009/09/09 23:54:05 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2009/09/09 18:52:55 | 000,000,500 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/09/09 18:25:48 | 000,000,473 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/02/12 12:01:44 | 000,141,888 | ---- | C] () -- C:\WINDOWS\System32\NovPwd32.dll
[2008/02/12 12:00:38 | 000,220,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\prot_2k.sys
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/30 18:33:07 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2007/08/30 18:33:07 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2007/08/30 18:33:07 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/08/30 18:33:06 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/11/09 16:07:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2005/09/02 14:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/04 05:00:00 | 000,008,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasacd.sys
[2004/07/20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
========== LOP Check ==========
[2009/09/09 20:17:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AGNS
[2009/09/24 09:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Applications
[2010/02/03 18:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AT&T
[2009/09/09 19:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Autodesk
[2009/11/19 11:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CardScan
[2009/12/29 16:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Citrix
[2009/10/04 13:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GARMIN
[2009/09/10 09:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GroupPolicy
[2009/09/23 09:11:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\LANDesk
[2009/09/25 13:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Pointsec
[2009/10/31 09:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Research In Motion
[2009/11/19 09:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft
[2009/09/20 13:24:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Teleca
[2010/07/12 06:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2010/07/14 08:58:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\vulScan
[2010/02/07 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\AT&T
[2010/02/07 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Bytemobile
[2010/02/07 20:54:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\CardScan
[2010/02/07 20:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Corex
[2010/02/07 20:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\DBUpdater
[2010/02/07 20:54:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\GARMIN
[2010/02/07 20:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\MyScribe
[2010/02/07 20:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Research In Motion
[2010/02/07 20:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Sierra Wireless
[2010/02/07 20:54:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Teleca
[2010/02/10 21:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\webex
[2010/02/07 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Windows Desktop Search
[2010/02/07 20:54:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Windows Search
[2010/05/13 10:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LBerry\Application Data\Xerox
[2010/07/13 12:01:03 | 000,000,268 | ---- | M] () -- C:\WINDOWS\Tasks\defrag.job
[2010/07/14 09:46:00 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{ABC8ADFD-81D4-42F3-A9C6-265B25C4C745}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 142 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:EA029835
< End of report >
EXTRA.LOG
OTL Extras logfile created on: 7/14/2010 9:10:11 AM - Run 1
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Sync Data\LBerry's Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 53.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 29.14 Gb Free Space | 26.08% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: USHOU03-1LB01
Current User Name: LBerry
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Corel Paint Shop Pro Photo X2] -- "C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\Corel Paint Shop Pro Photo.exe" "%L" (Corel, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"67:TCP" = 67:TCP:*:enabled:LANDesk® PXE TCP Port
"67:UDP" = 67:UDP:*:enabled:LANDesk® PXE UDP Port
"9535:TCP" = 9535:TCP:*:enabled:LANDesk® Remote Control Agent TCP Port
"9535:UDP" = 9535:UDP:*:enabled:LANDesk® Remote Control Agent UDP Port
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"137:UDP" = 137:UDP:*:enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:*:enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:enabled:@xpsp2res.dll,-22005
"67:TCP" = 67:TCP:*:enabled:LANDesk® PXE TCP Port
"67:UDP" = 67:UDP:*:enabled:LANDesk® PXE UDP Port
"9535:TCP" = 9535:TCP:*:enabled:LANDesk® Remote Control Agent TCP Port
"9535:UDP" = 9535:UDP:*:enabled:LANDesk® Remote Control Agent UDP Port
"18248:UDP" = 18248:UDP:*:Enabled:PC Link
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\AT&T Global Network Client\NetClient.exe" = C:\Program Files\AT&T Global Network Client\NetClient.exe:*:Enabled:AT&T Global Network Client -- (AT&T)
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Program Files\LANDesk\LDCLient\AdvanceAgent.exe" = C:\Program Files\LANDesk\LDCLient\AdvanceAgent.exe:*:Enabled:LANDesk Advance Agent -- File not found
"C:\WINDOWS\system32\cba\pds.exe" = C:\WINDOWS\system32\CBA\pds.exe:*:enabled:LANDesk® Ping Discovery Service -- (LANDesk Software Ltd.)
"C:\WINDOWS\system32\msgsys.exe" = C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service -- (LANDesk Software Ltd.)
"C:\Program Files\LANDesk\LDClient\issuser.exe" = C:\Program Files\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent -- (LANDesk Software, Ltd.)
"C:\Program Files\LANDesk\LDClient\tmcsvc.exe" = C:\Program Files\LANDesk\LDCLient\tmcsvc.exe:*:enabled:LANDesk® Targeted Multicast Client -- (LANDesk Software, Ltd.)
"%windir%\system32\msgsys.exe" = %windir%\system32\msgsys.exe:*:enabled:LANDesk® CBA Message System -- (LANDesk Software Ltd.)
"C:\Program Files\LANDesk\LDCLient\wuser32.exe" = C:\Program Files\LANDesk\LDCLient\wuser32.exe:*:enabled:Remote Control Agent -- File not found
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\LANDesk\Shared Files\residentagent.exe" = C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk® Management Agent -- (LANDesk Software, Ltd.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\WINDOWS\system32\CBA\pds.exe" = C:\WINDOWS\system32\CBA\pds.exe:*:enabled:LANDesk® Ping Discovery Service -- (LANDesk Software Ltd.)
"C:\Program Files\LANDesk\LDCLient\tmcsvc.exe" = C:\Program Files\LANDesk\LDCLient\tmcsvc.exe:*:enabled:LANDesk® Targeted Multicast Client -- (LANDesk Software, Ltd.)
"%windir%\system32\msgsys.exe" = %windir%\system32\msgsys.exe:*:enabled:LANDesk® CBA Message System -- (LANDesk Software Ltd.)
"C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe" = C:\Program Files\AT&T\Communication Manager\SwiApiMux.exe:*:Enabled:SwiApiMux -- (Sierra Wireless, Inc.)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\LANDesk\Shared Files\residentagent.exe" = C:\Program Files\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk® Management Agent -- (LANDesk Software, Ltd.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E2FEC12-96B8-465A-82E6-85011A52CC6F}" = Configuration Tool
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID Sign-in Assistant
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25BEC3AB-5CD4-481D-9143-215C1BBB189E}" = Sony Ericsson PC Suite
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16
"{26E76762-7F20-4694-AD06-CC3A9B547A71}" = Microsoft Office Live Meeting 2007
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2E56775F-12A6-44CB-A969-3C2CEB371313}" = Dexterity Shared Components 10.0
"{2EFCC193-D915-4CCB-9201-31773A27BC06}" = Symantec Endpoint Protection
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31B33270-24D7-4307-84F2-A3288636B83A}" = Pointsec PC
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{433657FC-710A-4A06-85FD-709C3F98D3DB}" = AT&T Global Network Client Managed VPN Edition
"{45734758-4041-4EA8-8E62-DE661FC3879C}" = LANDesk® Common Base Agent 8
"{4CB47111-82EB-4796-83AE-99B27A602BA6}" = CardScan 8.0.5
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5783F2D6-7028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2009
"{5B7CF62F-D339-4FAA-A610-372ED5A2787F}" = BlackBerry Desktop Software 5.0.1
"{5DB161C0-7C9C-41D7-8DA1-CB112F60946B}" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66A9D30D-1464-4C7F-B2F3-507DADAF2595}" = Microsoft IntelliPoint 6.3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A69D94E-C569-4154-9643-72E94D1DDFDA}" = XPS Essentials Pack
"{7304D7E6-765C-4981-82DD-656DE1CB46DB}" = RFClient8.01
"{753D852A-D86D-42C9-9978-40AE66FB8985}" = Driver Installer
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E8833A1-AF24-4CAE-82DF-CFE14C14B94D}" = LANDesk Advance Agent
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{896DCCC7-9749-4DD6-BAEF-49F9A9CEE295}" = Microsoft Dynamics GP 10.0
"{896DCCC7-9749-4DD6-BAEF-49F9A9CEE295}_Ex" = Microsoft Dynamics GP 10.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91530409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Standard 2003
"{91710409-8000-11D3-8CFE-0150048383C9}" = Microsoft Application Error Reporting
"{94824ADD-8F26-43D2-84DB-22E11F377E5E}" = Microsoft English TTS Engine
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9579E862-5FC7-4337-B1CC-5E37451524C5}" = Motorola Driver Installation
"{96172E04-BB14-45F6-A77B-8EE7A421B903}" = SAPI Wrapper
"{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154}" = TTS Wrapper
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A58F2B4A-ABAC-479E-83CE-F3AF284C9737}" = Sentinel System Driver Installer 7.4.2
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-0000-BA7E-000000000003}" = Adobe Acrobat 8 Standard
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2E8B236-7554-45FE-92C0-94EF76E4D182}" = Garmin City Navigator North America NT 2010.20
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C82185E8-C27B-4EF4-2008-4444BC2C2B6D}" = Microsoft Streets & Trips 2008
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CAFECAFE-0013-0001-0129-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.29
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D4B6D71F-3DDC-48AF-8275-D1FE81AA1CFE}" = LANDesk Advance Agent
"{D689B418-235A-4290-A0A5-A75E490E0351}" = Symantec Endpoint Protection
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E3C3831A-079A-4105-96BE-A74169D62087}" = Rosemount TankMaster
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E52E5DD7-58CD-439E-8941-5C8EA370C44D}" = AMS Wireless SNAP-ON
"{E9EB1566-BA9E-458D-9EF3-5776FE58FC69}" = AT&T Communication Manager
"{EFF87108-C9D0-43F1-BEE1-28DA87778F1A}" = Garmin Communicator Plugin
"{F1BA3CD5-89DC-4273-8603-A75F33E9B335}" = Nokia Connectivity Adapter Cable DKU-5
"{F804CAE5-50B2-4646-803A-A428325237CA}" = Driver Installer
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"ActiveTouchMeetingClient" = WebEx
"Adobe Acrobat 8 Standard" = Adobe Acrobat 8.2.3 Standard
"Adobe Acrobat 8 Standard_823" = Adobe Acrobat 8.2.3 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Algebrator_is1" = Algebrator 4.0
"BlackBerry_{5B7CF62F-D339-4FAA-A610-372ED5A2787F}" = BlackBerry Desktop Software 5.0.1
"Broadcom 802.11 Application" = Dell Wireless WLAN Card Utility
"CCleaner" = CCleaner
"DWG TrueView 2009" = DWG TrueView 2009
"ERUNT_is1" = ERUNT 1.1j
"FLV Player" = FLV Player 2.0 (build 25)
"GoToAssist" = GoToAssist 8.0.0.514
"ie8" = Windows Internet Explorer 8
"InstallShield_{E52E5DD7-58CD-439E-8941-5C8EA370C44D}" = AMS Wireless SNAP-ON
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack" = Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyDefrag_is1" = MyDefrag v4.1.2
"MyScribe" = MyScribe
"NVIDIA Drivers" = NVIDIA Drivers
"Outlook Attachment Remover_is1" = Outlook Attachment Remover 2.0
"Plaxo" = Plaxo Toolbar for Windows
"Second Copy 7" = Second Copy 7
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEP" = XPS Essentials Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"309a46b1dc89b774" = Dell Driver Download Manager
"f031ef6ac137efc5" = Dell Driver Download Manager - 1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/13/2010 9:36:12 PM | Computer Name = USHOU03-1LB01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 7/13/2010 9:37:30 PM | Computer Name = USHOU03-1LB01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for EMRSN\LBerry failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 7/13/2010 9:42:41 PM | Computer Name = USHOU03-1LB01 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 7/13/2010 10:11:12 PM | Computer Name = USHOU03-1LB01 | Source = Inventory Scanner | ID = 25
Description = LDIScn32: Failed to resolve the Host Nam
Error - 7/13/2010 10:42:34 PM | Computer Name = USHOU03-1LB01 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 7/13/2010 11:42:34 PM | Computer Name = USHOU03-1LB01 | Source = SescLU | ID = 13
Description = LiveUpdate returned a non-critical error. Available content updates
may have failed to install.
Error - 7/14/2010 1:27:10 AM | Computer Name = USHOU03-1LB01 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LBERRY\DESKTOP\RECEIPT - PAYPAL.PDF>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 7/14/2010 1:27:10 AM | Computer Name = USHOU03-1LB01 | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\LBERRY\DESKTOP\RECEIPT - PAYPAL.PDF>
in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details:
A
device attached to the system is not functioning. (0x8007001f)
Error - 7/14/2010 9:59:09 AM | Computer Name = USHOU03-1LB01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 7/14/2010 10:00:20 AM | Computer Name = USHOU03-1LB01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for EMRSN\LBerry failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
[ OSession Events ]
Error - 10/11/2009 3:38:16 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 0
seconds with 0 seconds of active time. This session ended with a crash.
Error - 2/15/2010 6:31:23 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 9775
seconds with 4200 seconds of active time. This session ended with a crash.
Error - 4/12/2010 2:13:43 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15171
seconds with 1740 seconds of active time. This session ended with a crash.
Error - 4/21/2010 10:51:52 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 408
seconds with 300 seconds of active time. This session ended with a crash.
Error - 5/11/2010 3:24:33 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 231
seconds with 60 seconds of active time. This session ended with a crash.
Error - 6/8/2010 10:28:05 AM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/23/2010 12:57:50 PM | Computer Name = USHOU03-1LB01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2129
seconds with 720 seconds of active time. This session ended with a crash.
[ Pointsec Events ]
Error - 12/12/2009 1:16:44 PM | Computer Name = USHOU03-1LB01 | Source = prot_srv | ID = 462754
Description = The recovery file could not be created: path not found.
Error - 12/13/2009 3:01:44 AM | Computer Name = USHOU03-1LB01 | Source = prot_srv | ID = 462754
Description = The recovery file could not be created: path not found.
Error - 12/14/2009 2:10:14 AM | Computer Name = USHOU03-1LB01 | Source = prot_srv | ID = 462754
Description = The recovery file could not be created: path not found.
[ System Events ]
Error - 7/13/2010 8:06:17 PM | Computer Name = USHOU03-1LB01 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000243'
while processing the file 'SrtETmp' on the volume 'HarddiskVolume2'. It has stopped
monitoring the volume.
Error - 7/13/2010 8:07:42 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058
Error - 7/13/2010 8:07:42 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/13/2010 8:09:01 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
RasAcd
Error - 7/13/2010 9:31:53 PM | Computer Name = USHOU03-1LB01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain EMRSN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 7/13/2010 9:34:10 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7000
Description = The Parallel port driver service failed to start due to the following
error: %%1058
Error - 7/13/2010 9:34:10 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.
Error - 7/13/2010 9:35:25 PM | Computer Name = USHOU03-1LB01 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
RasAcd
Error - 7/14/2010 1:35:57 AM | Computer Name = USHOU03-1LB01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain EMRSN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 7/14/2010 9:58:48 AM | Computer Name = USHOU03-1LB01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain EMRSN due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
< End of report >