Thanks
OTL logfile created on: 4/19/2011 8:47:33 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\mcmahfr\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 119.05 Gb Total Space | 49.72 Gb Free Space | 41.77% Space Free | Partition Type: NTFS
Computer Name: US011031032-01 | User Name: mcmahfr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/04/19 08:46:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mcmahfr\Desktop\OTL.exe
PRC - [2011/03/23 12:24:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/20 19:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\explorer.exe.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/12 14:50:16 | 000,240,816 | ---- | M] (Aventail Corporation) -- C:\WINDOWS\system32\ngvpnmgr.exe
PRC - [2010/06/09 02:28:22 | 000,931,184 | ---- | M] (Juniper Networks, Inc.) -- C:\Program Files\Juniper Networks\Odyssey Access Client\odTray.exe
PRC - [2010/06/09 02:28:18 | 000,193,904 | ---- | M] (Juniper Networks, Inc.) -- C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe
PRC - [2010/06/09 01:58:00 | 000,152,944 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe
PRC - [2010/06/08 19:54:12 | 000,398,704 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\Endpoint Defense\dsEES.exe
PRC - [2010/05/31 13:28:10 | 000,344,064 | ---- | M] () -- C:\Program Files\Polar\Daemon\polard.exe
PRC - [2010/05/21 02:05:10 | 000,198,000 | ---- | M] (Juniper Networks) -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/01 13:15:56 | 000,125,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\VPTray.exe
PRC - [2009/09/01 13:15:50 | 000,116,664 | ---- | M] (symantec) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe
PRC - [2009/09/01 13:15:46 | 001,966,008 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe
PRC - [2009/09/01 13:15:38 | 000,031,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe
PRC - [2009/08/03 13:23:34 | 000,169,320 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2009/08/03 13:23:30 | 000,191,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2009/08/03 13:23:30 | 000,053,096 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2008/12/11 09:45:28 | 000,292,136 | ---- | M] () -- C:\Program Files\CheckPoint\Tray\DNTray.exe
PRC - [2008/12/11 09:45:06 | 000,530,728 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files\CheckPoint\Pointsec Protector Client\disknet.exe
PRC - [2008/12/03 14:40:26 | 000,674,368 | ---- | M] (Check Point Software Tech Ltd) -- C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe
PRC - [2008/12/03 14:40:14 | 000,154,176 | ---- | M] () -- C:\WINDOWS\system32\pstartSr.exe
PRC - [2008/12/03 14:40:12 | 000,621,120 | ---- | M] () -- C:\WINDOWS\system32\Prot_srv.exe
PRC - [2008/11/25 16:38:12 | 000,114,688 | ---- | M] (Ernst & Young) -- C:\Program Files\RBManager\RBManager.exe
PRC - [2008/11/09 21:38:40 | 006,608,192 | ---- | M] (Iron Mountain Incorporated) -- C:\Program Files\Iron Mountain\Connected BackupPC\AgentService.exe
PRC - [2008/11/09 21:38:40 | 000,244,536 | ---- | M] (Iron Mountain Incorporated) -- C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe
PRC - [2008/10/23 21:09:18 | 001,607,208 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KHost.exe
PRC - [2008/10/23 21:07:02 | 003,298,856 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
PRC - [2008/10/02 16:34:20 | 000,081,920 | ---- | M] (InfoExpress) -- C:\Program Files\CyberArmor\pcshelp.exe
PRC - [2008/10/02 15:04:50 | 000,954,416 | ---- | M] (InfoExpress) -- C:\Program Files\CyberArmor\pcs.exe
PRC - [2008/10/02 14:56:14 | 000,077,824 | ---- | M] (InfoExpress) -- C:\Program Files\CyberArmor\casvc.exe
PRC - [2008/09/29 10:15:56 | 000,093,472 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
PRC - [2008/09/22 13:08:46 | 000,065,536 | ---- | M] (Ernst & Young) -- C:\Program Files\eyutils\SMSTOOLS\EYSelectTrayApp.exe
PRC - [2008/05/08 18:16:06 | 000,098,304 | ---- | M] (iPass, Inc.) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe
PRC - [2008/05/08 18:15:46 | 000,155,648 | ---- | M] (iPass, Inc.) -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe
PRC - [2008/04/26 01:06:22 | 000,049,152 | ---- | M] (Documentum, a division of EMC Corporation) -- c:\Program Files\Documentum\AppConnector\Documentum.AppConnector.CredentialService.exe
PRC - [2008/04/26 01:06:22 | 000,045,056 | ---- | M] (Documentum, a division of EMC Corporation) -- C:\Program Files\Documentum\AppConnector\Documentum.AppConnector.LocaleManager.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/03/14 15:12:24 | 000,102,400 | ---- | M] (Configuresoft, Inc.) -- C:\Program Files\Configuresoft\CSI Remote Client\CSIRemoteCSvc.exe
PRC - [2007/11/03 11:01:28 | 000,032,768 | ---- | M] (Configuresoft, Inc) -- C:\WINDOWS\ECM4\Installer\CFC\2.0\bin\CsiWin32SocketListener.exe
PRC - [2007/04/13 03:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2006/12/05 09:36:10 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxcqcoms.exe
PRC - [2006/01/25 13:55:04 | 000,495,616 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fppdis2a.exe
PRC - [2006/01/10 13:30:04 | 000,491,520 | ---- | M] (FinePrint Software, LLC) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\fpdisp5a.exe
PRC - [2004/03/19 05:21:38 | 000,208,967 | ---- | M] (Netopia, Inc.) -- C:\Program Files\Timbuktu Pro\tb2launch.exe
PRC - [2002/08/29 08:00:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sndvol32.exe
========== Modules (SafeList) ==========
MOD - [2011/04/19 08:46:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mcmahfr\Desktop\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/07/01 10:38:58 | 000,151,552 | ---- | M] (InfoExpress) -- C:\WINDOWS\system32\cahooknt.dll
MOD - [2008/07/01 10:38:56 | 000,163,840 | ---- | M] (InfoExpress) -- C:\WINDOWS\system32\cahookd.dll
MOD - [2008/04/14 05:42:12 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/18 09:34:58 | 000,073,728 | ---- | M] (Ernst & Young) [On_Demand | Stopped] -- C:\Program Files\Ernst & Young\EY Tune Up\EYTuneUpService.exe -- (EY Tune Up Service)
SRV - [2010/07/12 14:50:16 | 000,240,816 | ---- | M] (Aventail Corporation) [Auto | Running] -- C:\WINDOWS\system32\ngvpnmgr.exe -- (NgVpnMgr)
SRV - [2010/06/09 02:28:18 | 000,193,904 | ---- | M] (Juniper Networks, Inc.) [Auto | Running] -- C:\Program Files\Juniper Networks\Odyssey Access Client\odClientService.exe -- (odClientService)
SRV - [2010/06/09 01:58:00 | 000,152,944 | ---- | M] (Juniper Networks) [On_Demand | Running] -- C:\Program Files\Common Files\Juniper Networks\TNC Client\jTnccService.exe -- (EacService)
SRV - [2010/05/31 13:28:10 | 000,344,064 | ---- | M] () [Auto | Running] -- C:\Program Files\Polar\Daemon\polard.exe -- (Polar Daemon)
SRV - [2010/05/21 02:05:10 | 000,198,000 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe -- (JuniperAccessService)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/01 13:15:50 | 000,116,664 | ---- | M] (symantec) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2009/09/01 13:15:46 | 001,966,008 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2009/09/01 13:15:38 | 000,031,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2009/08/03 13:23:34 | 000,169,320 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2009/08/03 13:23:30 | 000,191,848 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2009/07/06 19:12:32 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/03/20 19:10:15 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/12/17 15:21:08 | 000,214,408 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2008/12/11 09:45:06 | 000,530,728 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files\CheckPoint\Pointsec Protector Client\disknet.exe -- (DisknetClient)
SRV - [2008/12/03 14:40:14 | 000,154,176 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\pstartSr.exe -- (Pointsec_start)
SRV - [2008/12/03 14:40:12 | 000,621,120 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\Prot_srv.exe -- (Pointsec)
SRV - [2008/11/09 21:38:40 | 006,608,192 | ---- | M] (Iron Mountain Incorporated) [Auto | Running] -- C:\Program Files\Iron Mountain\Connected BackupPC\AgentService.exe -- (AgentService)
SRV - [2008/10/23 21:07:02 | 003,298,856 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2008/10/02 14:56:14 | 000,077,824 | ---- | M] (InfoExpress) [Auto | Running] -- C:\Program Files\CyberArmor\casvc.exe -- (CyberArmorRunService)
SRV - [2008/08/08 15:53:16 | 000,031,624 | ---- | M] (IBM Corp) [Disabled | Stopped] -- C:\Lotus\Notes\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2008/06/12 22:57:44 | 001,720,320 | ---- | M] (iPass, Inc.) [On_Demand | Stopped] -- C:\Program Files\iPass\iPassConnect\iPassConnectEngine.exe -- (iPassConnectEngine)
SRV - [2008/05/09 06:53:32 | 000,262,360 | ---- | M] (Data Perceptions / PowerProgrammer) [Disabled | Stopped] -- C:\WINDOWS\system32\WebUpdateSvc4.exe -- (WebUpdate4)
SRV - [2008/05/08 18:16:06 | 000,098,304 | ---- | M] (iPass, Inc.) [Auto | Running] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateService.exe -- (iPassPeriodicUpdateService)
SRV - [2008/05/08 18:15:46 | 000,155,648 | ---- | M] (iPass, Inc.) [On_Demand | Running] -- C:\Program Files\iPass\iPassConnect\iPassPeriodicUpdateApp.exe -- (iPassPeriodicUpdateApp)
SRV - [2008/04/26 01:06:22 | 000,049,152 | ---- | M] (Documentum, a division of EMC Corporation) [Auto | Running] -- c:\Program Files\Documentum\AppConnector\Documentum.AppConnector.CredentialService.exe -- (Documentum Application Connector Credential Service)
SRV - [2008/03/14 15:12:24 | 000,102,400 | ---- | M] (Configuresoft, Inc.) [Auto | Running] -- C:\Program Files\Configuresoft\CSI Remote Client\CSIRemoteCSvc.exe -- (CSIRemoteC)
SRV - [2007/11/03 11:01:28 | 000,032,768 | ---- | M] (Configuresoft, Inc) [Auto | Running] -- C:\WINDOWS\ECM4\Installer\CFC\2.0\bin\CsiWin32SocketListener.exe -- (CSI Socket Listener)
SRV - [2007/07/26 19:25:20 | 001,181,016 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2007/04/13 03:50:00 | 000,590,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2006/12/05 09:36:10 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxcqcoms.exe -- (lxcq_device)
SRV - [2004/03/19 05:21:38 | 000,208,967 | ---- | M] (Netopia, Inc.) [Auto | Running] -- C:\Program Files\Timbuktu Pro\tb2launch.exe -- (Tb2Launch)
SRV - [2000/01/25 18:00:16 | 000,408,568 | ---- | M] () [On_Demand | Stopped] -- C:\Oracle\Ora81\bin\ONRSD.EXE -- (OracleOraHome81ClientCache)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Running] -- -- (Tb2MirrorSys)
DRV - File not found [Kernel | System | Running] -- -- (Tb2Device)
DRV - [2011/03/04 17:49:53 | 001,393,144 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110417.004\navex15.sys -- (NAVEX15)
DRV - [2011/03/04 17:49:49 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20110417.004\naveng.sys -- (NAVENG)
DRV - [2010/11/17 12:31:08 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/07/12 14:49:30 | 000,025,160 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ngwfp.sys -- (NgWfp)
DRV - [2010/07/12 14:49:20 | 000,022,600 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ngfilter.sys -- (NgFilter)
DRV - [2010/07/12 14:49:10 | 000,079,944 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ngvpn.sys -- (NgVpn)
DRV - [2010/07/12 14:47:00 | 000,027,208 | ---- | M] (Aventail Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nglog.sys -- (NgLog)
DRV - [2010/06/17 07:28:15 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/06/09 01:40:12 | 000,282,496 | ---- | M] (Juniper Networks, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\odFips2.sys -- (odFips2)
DRV - [2010/06/09 01:40:12 | 000,009,856 | ---- | M] (Juniper Networks, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\odFips.sys -- (odFips)
DRV - [2010/05/21 18:41:04 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/04/21 00:01:34 | 000,420,336 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jnprna.sys -- (jnprna)
DRV - [2010/04/21 00:01:34 | 000,029,312 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jnprvamgr.sys -- (JnprVaMgr)
DRV - [2010/04/21 00:01:34 | 000,012,288 | ---- | M] (Juniper Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\jnprva.sys -- (jnprva)
DRV - [2009/07/06 18:58:52 | 000,021,393 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\iPassP.sys -- (iPassP) iPass Protocol (IEEE 802.1x)
DRV - [2009/06/14 10:47:12 | 000,055,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2009/06/14 10:47:10 | 000,339,328 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2009/03/31 11:08:50 | 004,202,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2009/03/20 19:03:36 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Verizon Wireless\VZAccess Manager\SMSIVZAM5.sys -- (SMSIVZAM5)
DRV - [2009/02/16 10:32:32 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2009/02/06 11:39:02 | 000,809,984 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAU32.sys -- (CnxtHdAudService)
DRV - [2008/12/17 15:20:40 | 000,188,808 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/12/11 09:36:30 | 000,045,696 | ---- | M] (Check Point Software Technologies Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\PSG.sys -- (PSG)
DRV - [2008/12/11 09:36:26 | 000,019,072 | ---- | M] (Check Point Software Technologies Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\rmm.sys -- (rmm)
DRV - [2008/12/11 09:36:22 | 000,029,312 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\kaeon.sys -- (KAEON)
DRV - [2008/12/11 09:36:18 | 000,056,960 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dvrem.sys -- (dvrem)
DRV - [2008/12/11 09:36:16 | 000,027,136 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\DNPFW.sys -- (DNPFW)
DRV - [2008/12/11 09:34:50 | 000,046,592 | ---- | M] (Reflex Magnetics Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rxaes100.sys -- (rxAES100)
DRV - [2008/12/03 14:39:08 | 000,218,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prot_2k.sys -- (prot_2k)
DRV - [2008/11/09 21:38:40 | 000,045,384 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV_Tracker.sys -- (LV_Tracker)
DRV - [2008/10/03 14:09:16 | 000,424,495 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\viexpf2k.sys -- (Viexpf2k)
DRV - [2008/09/19 17:29:54 | 000,243,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel®
DRV - [2008/07/01 10:50:34 | 000,021,504 | ---- | M] (InfoExpress) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\viexca2k.sys -- (Viexca2k)
DRV - [2008/04/09 07:16:48 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/04/09 07:16:48 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/04/09 07:16:48 | 000,210,560 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2008/03/26 02:21:06 | 000,013,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tpm.sys -- (tpm)
DRV - [2008/03/26 02:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel®
DRV - [2007/07/26 19:25:18 | 000,400,216 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/04/13 03:50:00 | 000,023,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2006/08/17 09:51:04 | 000,217,216 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)
DRV - [2004/08/03 17:29:50 | 000,019,455 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 17:29:48 | 000,012,063 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 17:29:46 | 000,025,471 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv10nt.sys -- (iAimTV5)
DRV - [2004/08/03 17:29:46 | 000,023,615 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 17:29:46 | 000,022,271 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv06nt.sys -- (iAimTV6)
DRV - [2004/08/03 17:29:44 | 000,033,599 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 17:29:44 | 000,019,551 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 17:29:42 | 000,029,311 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 17:29:42 | 000,011,871 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv09nt.sys -- (iAimFP7)
DRV - [2004/08/03 17:29:40 | 000,011,807 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv07nt.sys -- (iAimFP5)
DRV - [2004/08/03 17:29:40 | 000,011,295 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv08nt.sys -- (iAimFP6)
DRV - [2004/08/03 17:29:38 | 000,161,020 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 17:29:38 | 000,012,415 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 17:29:38 | 000,012,127 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 17:29:38 | 000,011,775 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2001/08/17 08:11:36 | 000,065,278 | ---- | M] (Compaq Computer Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetFlx3.sys -- (netflx3)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.iweb.ey.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [String data over 1000 bytes]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=USWEB:80;http=USWEB:80;https=USWEB:443
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AOL Search"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.co...50CLie7&query="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "AOL Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "http://search.aol.co...B50CLab&query="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/23 12:24:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/23 12:24:33 | 000,000,000 | ---D | M]
[2009/07/16 21:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Extensions
[2009/10/28 11:07:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\eclipse\extensions
[2009/07/15 13:35:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\eclipse1\extensions
[2011/04/18 21:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Firefox\Profiles\y0tk9qyi.default\extensions
[2010/09/03 13:49:06 | 000,000,000 | ---D | M] ("Garmin Communicator") -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Firefox\Profiles\y0tk9qyi.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010/08/23 11:11:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Firefox\Profiles\y0tk9qyi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/11/19 17:49:01 | 000,000,000 | ---D | M] (Panda3D Game Engine Plug-In) -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Firefox\Profiles\y0tk9qyi.default\extensions\[email protected]
[2009/09/01 13:24:31 | 000,001,725 | ---- | M] () -- C:\Documents and Settings\mcmahfr\Application Data\Mozilla\Firefox\Profiles\y0tk9qyi.default\searchplugins\aol-search.xml
[2011/04/18 21:26:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/07 09:48:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/07 09:47:54 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/12/07 09:47:54 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/04/18 11:26:06 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (LexLink IE ToolBar) - {CBAA6F21-985C-11D4-A02B-00B0D073E889} - C:\Program Files\LexisNexis\CheckCite\llieobj.dll (LexisNexis)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AgentUiRunKey] C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe (Iron Mountain Incorporated)
O4 - HKLM..\Run: [AppConnectorLocaleMgr] C:\Program Files\Documentum\AppConnector\Documentum.AppConnector.LocaleManager.exe (Documentum, a division of EMC Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CyberArmorHelper] C:\Program Files\CyberArmor\pcshelp.exe (InfoExpress)
O4 - HKLM..\Run: [DN4TRAY] C:\Program Files\CheckPoint\Tray\DNTray.exe ()
O4 - HKLM..\Run: [ey_kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [LXCQCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCQtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [OdTray.exe] C:\Program Files\Juniper Networks\Odyssey Access Client\OdTray.exe (Juniper Networks, Inc.)
O4 - HKLM..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [Pointsec Tray] C:\Program Files\Pointsec\Pointsec for PC\P95tray.exe (Check Point Software Tech Ltd)
O4 - HKLM..\Run: [Recycle Bin Manager] C:\Program Files\RBManager\RBManager.exe (Ernst & Young)
O4 - HKLM..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [ZEYViewer] C:\Program Files\eyutils\SMSTOOLS\EYSelectTrayApp.exe (Ernst & Young)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Download present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Download present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKLM\..Trusted Domains: com.mx ([www.tuproteccion] https in Trusted sites)
O15 - HKLM\..Trusted Domains: eformRS.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: elementk.com ([contentserver] http in Trusted sites)
O15 - HKLM\..Trusted Domains: ey.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: ey.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: ey.net ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: ey.net ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: eygtt.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: eyleads.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: eylink.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: eyqa.net ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: eyqa.net ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: eyua.net ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: eyua.net ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: fasttax.com ([gosystemrs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: fincad.com ([ey] http in Trusted sites)
O15 - HKLM\..Trusted Domains: intellinex.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: intellinex.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: intellinex-asp.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: lexis.com ([web] http in Trusted sites)
O15 - HKLM\..Trusted Domains: raindance.com ([intellinex] http in Trusted sites)
O15 - HKLM\..Trusted Domains: riahome.com ([insourcers] https in Trusted sites)
O15 - HKLM\..Trusted Domains: riahome.com ([support2] https in Trusted sites)
O15 - HKLM\..Trusted Domains: smarttrainer4.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: surveymonkey.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: taleo.net ([ey] http in Trusted sites)
O15 - HKLM\..Trusted Domains: thomson.com ([gosystem] https in Trusted sites)
O15 - HKLM\..Trusted Domains: thomsonib.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: xtremelearning.com ([cserver] http in Trusted sites)
O16 - DPF: {12BE5614-761F-42A0-8458-ED2009EB1366} https://print-global...n/ADPrtCTRL.CAB (ADPrtCTRL.ucADPrtctrl)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.micr...78f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {329ADA79-A81B-42DA-BFF4-DC124B075EF0} http://gfisclienteng...SZIPUtility.CAB (GFISZipUtility.GFISZIP)
O16 - DPF: {51B217FA-AA53-11D1-8295-006097970389} http://home.iweb.ey....b/notesuser.cab (NotesUserCtrl Class)
O16 - DPF: {759FD3DE-F0EF-4A76-909C-88CF840D4173} https://edocs.us.na....dkPluginCab.CAB (DmDragDrop Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {BAC4A6B1-588F-495C-9074-B1C3A50AB3B7} https://gfis.iweb.ey...ex/AuthPost.CAB (AuthPost.Class1)
O16 - DPF: {C5A27D6A-4659-4351-9B7F-45E40BE42715} https://print-global...ugin/EYGPWS.CAB (gpwsx.plugin)
O16 - DPF: {CAFEEFAC-0011-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://bettycam.axis...activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://ey.webex.com...ent/ieatgpc.cab (GpcContainer Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.129 167.206.251.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = us.na.ey.net
O20 - AppInit_DLLs: (C:\WINDOWS\system32\cahooknt.dll) - C:\WINDOWS\system32\cahooknt.dll (InfoExpress)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (pssogina.dll) - C:\WINDOWS\System32\PssoGina.dll (Check Point Software Tech Ltd)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O20 - Winlogon\Notify\OdysseyClient: DllName - odyEvent.dll - C:\WINDOWS\System32\odyEvent.dll (Juniper Networks, Inc.)
O20 - Winlogon\Notify\Timbuktu Pro: DllName - C:\Program Files\Timbuktu Pro\Hook32.dll - C:\Program Files\Timbuktu Pro\HOOK32.DLL (Netopia, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\mcmahfr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\mcmahfr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {0cab0400-7395-11d0-a5e5-0020afe2fdd9} - Reg Error: Key error. File not found
O28 - HKCU ShellExecuteHooks: {0cab0400-7395-11d0-a5e5-0020afe2fdd9} - C:\Program Files\Quick View Plus\Support\qvphook.dll (Stellent, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/15 20:54:29 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/04/19 08:46:58 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\mcmahfr\Desktop\OTL.exe
[2011/04/18 11:26:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/04/18 08:40:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\kBk06504aNdHo06504
[2011/04/15 10:18:46 | 000,000,000 | ---D | C] -- C:\Program Files\TaxApps
[2011/04/15 09:52:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\mcmahfr\Desktop\Pictures April 2011
[2011/03/24 12:15:53 | 000,000,000 | ---D | C] -- C:\ProWin10
[2011/03/23 14:25:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AnswerWorks 4.0
[2011/03/23 14:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ProSeries Basic Edition 2010
[2011/03/23 14:25:14 | 000,000,000 | ---D | C] -- C:\ProPDF
[2011/03/23 14:24:15 | 000,000,000 | ---D | C] -- C:\BasWin10
[2011/03/22 04:04:44 | 000,014,088 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP141.SYS
[2010/10/30 07:40:38 | 001,224,704 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqserv.dll
[2010/10/30 07:40:38 | 000,991,232 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqusb1.dll
[2010/10/30 07:40:38 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqhbn3.dll
[2010/10/30 07:40:38 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomc.dll
[2010/10/30 07:40:38 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpmui.dll
[2010/10/30 07:40:38 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqlmpm.dll
[2010/10/30 07:40:38 | 000,537,520 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcoms.exe
[2010/10/30 07:40:38 | 000,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcomm.dll
[2010/10/30 07:40:38 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqinpa.dll
[2010/10/30 07:40:38 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqiesc.dll
[2010/10/30 07:40:38 | 000,385,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqih.exe
[2010/10/30 07:40:38 | 000,381,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqcfg.exe
[2010/10/30 07:40:38 | 000,323,584 | ---- | C] ( ) -- C:\WINDOWS\System32\LXCQhcp.dll
[2010/10/30 07:40:38 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqprox.dll
[2010/10/30 07:40:38 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcqpplc.dll
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/04/19 08:46:59 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\mcmahfr\Desktop\OTL.exe
[2011/04/19 07:54:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/19 04:03:03 | 000,014,088 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP141.SYS
[2011/04/19 01:55:35 | 000,000,184 | ---- | M] () -- C:\WINDOWS\hpbafd.ini
[2011/04/18 22:58:10 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/18 22:58:10 | 000,000,495 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2011/04/18 22:55:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/18 22:55:10 | 2038,411,264 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/18 11:43:31 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1E966DD4-AA5B-4E9E-B973-2B8ED1C074AB}.job
[2011/04/18 11:32:41 | 000,026,917 | ---- | M] () -- C:\Documents and Settings\mcmahfr\Desktop\McMahon Empire Correspondence 4.18.11.pdf
[2011/04/18 11:26:06 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/04/18 11:05:26 | 000,292,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/18 10:37:55 | 000,444,756 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/18 10:37:55 | 000,072,710 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/16 23:21:43 | 000,093,730 | ---- | M] () -- C:\Documents and Settings\mcmahfr\Desktop\Eric Hodska Training- Enjoy the Journey.pdf
[2011/04/16 16:13:27 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\mcmahfr\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/04/16 15:19:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/04/16 12:20:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/15 23:09:34 | 003,175,424 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2011/04/15 23:09:28 | 007,094,272 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2011/04/15 09:49:37 | 000,094,838 | ---- | M] () -- C:\Documents and Settings\mcmahfr\My Documents\ETU.pdf
[2011/04/13 13:43:55 | 000,025,244 | RHS- | M] () -- C:\Documents and Settings\mcmahfr\ntuser.pol
[2011/04/13 03:57:50 | 000,303,022 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2011/04/01 13:23:09 | 000,000,224 | ---- | M] () -- C:\WINDOWS\WTXI.INI
[2011/03/24 12:46:49 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/21 10:23:36 | 000,098,844 | ---- | M] () -- C:\Documents and Settings\mcmahfr\Desktop\X5 tires Order Placed.pdf
[1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/04/18 11:32:41 | 000,026,917 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Desktop\McMahon Empire Correspondence 4.18.11.pdf
[2011/04/18 10:33:47 | 2038,411,264 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/16 23:21:43 | 000,093,730 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Desktop\Eric Hodska Training- Enjoy the Journey.pdf
[2011/04/15 09:49:37 | 000,094,838 | ---- | C] () -- C:\Documents and Settings\mcmahfr\My Documents\ETU.pdf
[2011/03/24 14:30:25 | 004,163,472 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/03/21 10:23:36 | 000,098,844 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Desktop\X5 tires Order Placed.pdf
[2010/10/30 07:41:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcqvs.dll
[2010/10/30 07:41:08 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxcqcoin.dll
[2010/10/30 07:40:58 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcqdrs.dll
[2010/10/30 07:40:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcqcaps.dll
[2010/10/30 07:40:58 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcqcnv4.dll
[2010/10/30 07:40:49 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\lxcqrwrd.ini
[2010/10/30 07:40:38 | 000,274,432 | ---- | C] () -- C:\WINDOWS\System32\LXCQinst.dll
[2010/10/30 07:40:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\lxcqgrd.dll
[2010/10/28 03:23:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\UnivMgr.INI
[2010/07/31 18:47:35 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Local Settings\Application Data\kodakpcd.ini
[2010/07/12 14:53:48 | 000,127,664 | ---- | C] () -- C:\WINDOWS\ngmsi.dll
[2010/07/12 14:52:20 | 000,015,024 | ---- | C] () -- C:\WINDOWS\ngutil.exe
[2010/06/09 01:40:12 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\odFIPS2.sys.icv
[2010/03/27 08:02:03 | 000,000,224 | ---- | C] () -- C:\WINDOWS\WTXI.INI
[2010/03/13 19:14:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/03/01 08:04:34 | 000,084,992 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/28 05:35:08 | 000,167,252 | ---- | C] () -- C:\WINDOWS\Rem_EY_eDocs.EXE
[2009/10/28 01:09:14 | 000,047,633 | ---- | C] () -- C:\WINDOWS\System32\wuwuninst.exe
[2009/10/12 11:21:16 | 000,060,096 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/10/07 14:11:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tb2pro.INI
[2009/09/09 12:27:34 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/09/08 13:20:53 | 000,000,184 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2009/08/13 10:45:01 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2009/07/21 10:03:53 | 000,001,304 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2009/07/16 21:52:39 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/07/16 15:33:56 | 000,000,099 | ---- | C] () -- C:\WINDOWS\notesnsd.ini
[2009/07/06 20:36:19 | 000,982,192 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009/07/06 20:36:13 | 000,417,344 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2009/07/06 19:17:48 | 000,000,070 | ---- | C] () -- C:\WINDOWS\init.ini
[2009/07/06 19:16:54 | 000,000,022 | ---- | C] () -- C:\WINDOWS\WINMSG.INI
[2009/07/06 19:16:48 | 000,103,936 | ---- | C] () -- C:\WINDOWS\System32\NCALLS.DLL
[2009/07/06 19:16:48 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\guidgen.dll
[2009/07/06 19:08:39 | 000,547,164 | ---- | C] () -- C:\WINDOWS\RemCFIT1137.EXE
[2009/07/06 19:06:22 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\mcmahfr\Local Settings\Application Data\fusioncache.dat
[2009/07/06 19:03:51 | 000,531,239 | ---- | C] () -- C:\WINDOWS\RemLNCT87.EXE
[2009/07/06 19:03:32 | 000,531,133 | ---- | C] () -- C:\WINDOWS\RemEYPeerConnectv1.0.EXE
[2009/07/06 19:01:04 | 000,154,152 | ---- | C] () -- C:\WINDOWS\RemRBMgr.EXE
[2009/07/06 18:58:52 | 000,356,352 | ---- | C] () -- C:\WINDOWS\System32\iPassI5Installer.exe
[2009/07/06 18:56:45 | 000,000,011 | ---- | C] () -- C:\WINDOWS\NetWare.INI
[2009/07/06 18:45:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\eyprobe.exe
[2008/12/03 14:40:18 | 000,137,792 | ---- | C] () -- C:\WINDOWS\System32\NovPwd32.dll
[2008/12/03 14:40:14 | 000,154,176 | ---- | C] () -- C:\WINDOWS\System32\pstartSr.exe
[2008/12/03 14:40:12 | 000,621,120 | ---- | C] () -- C:\WINDOWS\System32\Prot_srv.exe
[2008/12/03 14:39:08 | 000,218,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\prot_2k.sys
[2008/11/09 21:38:40 | 000,045,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\LV_Tracker.sys
[2008/05/09 06:53:34 | 000,418,008 | ---- | C] () -- C:\WINDOWS\System32\WuWUI.exe
[2007/10/31 10:56:34 | 000,000,647 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dat
[2007/04/04 15:13:56 | 000,000,142 | ---- | C] () -- C:\WINDOWS\GemSignPdf.ini
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\WINDOWS\System32\hppapr04.dll
[2005/05/18 14:16:51 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/05/17 20:18:46 | 000,000,495 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/05/17 19:32:15 | 000,146,432 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/05/16 20:27:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Tb2Desk.INI
[2005/05/16 19:54:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\VPC32.INI
[2005/05/16 04:38:47 | 000,000,526 | ---- | C] () -- C:\WINDOWS\LOADSET.INI
[2005/05/16 04:38:00 | 000,444,756 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/05/16 04:38:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/05/16 04:38:00 | 000,072,710 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/05/16 04:38:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/05/16 04:37:58 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/05/16 04:37:56 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/05/16 04:37:53 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/05/16 04:37:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/05/16 04:37:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/05/16 04:37:31 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/05/16 04:37:18 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/05/15 21:53:06 | 000,568,493 | ---- | C] () -- C:\WINDOWS\REMKontiki.EXE
[2005/05/15 21:51:39 | 000,111,276 | ---- | C] () -- C:\WINDOWS\RemFF.EXE
[2005/05/15 21:48:19 | 000,320,512 | ---- | C] () -- C:\WINDOWS\System32\Libjcc.dll
[2005/05/15 21:48:19 | 000,067,306 | ---- | C] () -- C:\WINDOWS\System32\pbodb70.ini
[2005/05/15 21:43:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/15 21:42:33 | 000,292,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/05/15 21:42:18 | 000,424,495 | ---- | C] () -- C:\WINDOWS\System32\drivers\viexpf2k.sys
[2005/05/15 21:42:18 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\vsctool.dll
[2005/05/15 21:33:07 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/05/15 21:15:11 | 000,000,453 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/15 21:13:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/05/15 21:02:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/15 20:49:21 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/04/29 14:09:30 | 000,004,743 | ---- | C] () -- C:\WINDOWS\SigPlus.ini
[2004/08/02 09:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[1999/05/24 03:26:42 | 000,317,440 | ---- | C] () -- C:\WINDOWS\System32\FdfTk.dll
[1999/05/24 03:23:36 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\FdfAcX.dll
========== LOP Check ==========
[2010/12/05 09:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aventail
[2010/08/26 19:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Email Backup Optimization
[2009/07/06 18:58:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iPass
[2010/12/06 16:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2011/04/18 15:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kBk06504aNdHo06504
[2011/04/19 08:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kontiki
[2009/07/06 18:02:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pointsec
[2010/01/18 19:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2009/09/01 12:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/11/09 13:49:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2010/09/05 07:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/12 08:15:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/04 15:37:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\.oit
[2011/02/13 09:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Aventail
[2011/02/25 15:03:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Blackberry Desktop
[2009/07/16 08:16:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Documentum
[2009/07/06 18:38:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Ernst & Young
[2009/07/06 20:16:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Funk Software
[2010/09/03 13:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\GARMIN
[2009/07/06 18:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\InterVideo
[2009/08/05 09:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Kontiki
[2009/07/06 18:54:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Local Settings
[2010/12/06 16:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Polar WebSync
[2009/07/15 12:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Research in Motion
[2009/08/05 13:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Skinux
[2010/06/23 19:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Smith Micro
[2010/11/29 06:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Trondent Development Corp
[2009/09/09 21:22:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Viewpoint
[2010/09/10 08:34:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\webex
[2010/10/13 16:18:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mcmahfr\Application Data\Xerox
[2011/04/18 11:43:31 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1E966DD4-AA5B-4E9E-B973-2B8ED1C074AB}.job
========== Purity Check ==========
< End of report >
OTL Extras logfile created on: 4/19/2011 8:47:33 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\mcmahfr\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 41.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 119.05 Gb Total Space | 49.72 Gb Free Space | 41.77% Space Free | Partition Type: NTFS
Computer Name: US011031032-01 | User Name: mcmahfr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"135:TCP" = 135:TCP:*:Enabled:TCP Port 135
"5000:TCP" = 5000:TCP:*:Enabled:TCP Port 5000
"5001:TCP" = 5001:TCP:*:Enabled:TCP Port 5001
"5002:TCP" = 5002:TCP:*:Enabled:TCP Port 5002
"5003:TCP" = 5003:TCP:*:Enabled:TCP Port 5003
"5004:TCP" = 5004:TCP:*:Enabled:TCP Port 5004
"5005:TCP" = 5005:TCP:*:Enabled:TCP Port 5005
"5006:TCP" = 5006:TCP:*:Enabled:TCP Port 5006
"5007:TCP" = 5007:TCP:*:Enabled:TCP Port 5007
"5008:TCP" = 5008:TCP:*:Enabled:TCP Port 5008
"5009:TCP" = 5009:TCP:*:Enabled:TCP Port 5009
"5010:TCP" = 5010:TCP:*:Enabled:TCP Port 5010
"5011:TCP" = 5011:TCP:*:Enabled:TCP Port 5011
"5012:TCP" = 5012:TCP:*:Enabled:TCP Port 5012
"5013:TCP" = 5013:TCP:*:Enabled:TCP Port 5013
"5014:TCP" = 5014:TCP:*:Enabled:TCP Port 5014
"5015:TCP" = 5015:TCP:*:Enabled:TCP Port 5015
"5016:TCP" = 5016:TCP:*:Enabled:TCP Port 5016
"5017:TCP" = 5017:TCP:*:Enabled:TCP Port 5017
"5018:TCP" = 5018:TCP:*:Enabled:TCP Port 5018
"5019:TCP" = 5019:TCP:*:Enabled:TCP Port 5019
"5020:TCP" = 5020:TCP:*:Enabled:TCP Port 5020
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe" = C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe:*:Enabled:Connected Backup Agent -- (Iron Mountain Incorporated)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe" = C:\Program Files\Iron Mountain\Connected BackupPC\Agent.exe:*:Enabled:Connected Backup Agent -- (Iron Mountain Incorporated)
"C:\WINDOWS\system32\lxcqcoms.exe" = C:\WINDOWS\system32\lxcqcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20090219c-200908151410\jre\bin\notes2w.exe" = C:\Lotus\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.j2se.win32.x86_1.6.0.20090219c-200908151410\jre\bin\notes2w.exe:*:Enabled:Lotus Notes -- (IBM)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{03DF638A-D61C-4893-B8B9-845900C03163}" = TurboTax 2010 wnyiper
"{050569C7-DA4C-49C7-B672-C435B7BCFFBC}" = Tax Screen Saver 3.0
"{0527509C-2381-48BA-87A0-DBC92A8FFE81}" = EY Workplace - At Your Service
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{0608812E-E2BB-416B-AFB8-51F30CC78431}" = ZipMail V10 for Lotus Notes
"{0E040783-972F-4F83-A6FA-8C6001DCE715}" = Cassetica Software NotesMedic 5.0
"{0FC8BB98-79D2-4441-B9F8-8BD15F7AC2C8}" = Oracle LDAP Update 3.2009
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{12711EB8-DA8C-4378-A4C5-0EF8C778E072}" = BlackBerry Device Software v4.7.1 for the BlackBerry 9630 smartphone
"{140070AB-53AC-4B00-B818-0037791577A0}" = X1
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{17E67191-2F5E-45D4-A8A7-BF7238818CBE}" = iPassConnect
"{18E46A14-0067-4362-BE12-980B90A23601}" = EY Peer Connect
"{236B146C-B504-411B-A993-5085235E9F5F}" = Time Tracker Excel Template P1
"{24EDE4DA-3852-4BCA-BE6C-04D43BBDB2DF}" = EYRC Route Program
"{258F6CA9-894A-4818-9ED9-081755CCFD3E}" = Infuzer
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java 6 Update 21
"{27579b3c-5470-4496-be6c-0c872674f19f}" = Macromedia Flash Player
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2D39B47A-56AF-45E5-ACC9-821FC92A7F80}" = EY Americas Desktop Reference 4.2
"{2D41D8AE-F122-413E-A7C5-B6D86F22F5CA}" = Visual Identity Templates 2009
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{31B33270-24D7-4307-84F2-A3288636B83A}" = Pointsec PC
"{32B47B57-F395-4C16-86C9-C9D54DF60B06}" = Global Self Help
"{34843AB3-8DBA-4388-8838-080635E1EDB6}" = SwiftFile 4.0
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{360EDFB0-EAA2-012B-AD16-000000000000}" = TurboTax 2009 wcaiper
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{393E4C89-67E9-43BF-AD29-94D19F7624F7}" = EY Personal Backup Agent
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3C5CBA9D-11D6-4652-A03E-4B41D17F06CD}" = EY Tune Up
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows Journal Viewer
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{45534579-B75B-4A42-953B-2EF8E1DEB4F3}" = Microsoft XML Parser
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{48336530-E7A6-4D90-8B5E-2B3DB0FE5210}" = ECMAgent4.9.0.54
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A39A27F-005B-407E-8CF5-F4D8065658E4}" = SMS Advanced Client
"{4CCA10F5-40E2-439E-9D82-67F70A292CCC}" = Polar WebSync
"{4D9029D3-D12C-4786-94F5-FF158FDB9470}" = VZAccess Manager
"{4E4E3C9D-42CF-4A9E-AE65-4E741EA59216}" = BTS - Winning Annuity Relationships 2009.04
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{4FD4C0D3-DA93-4132-82C6-177385E41868}" = EY Branding Zone
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5C94EAEB-D776-4164-BBD1-B6B99BAA5290}" = IP Presence
"{5ECC898D-84FD-43AE-96D5-12DF9AD8A52D}" = Circular 230 Ver 2.1
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{6123B6B5-65AE-4094-9AD0-0100598C728A}" = GAAIT Online
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64637CA5-2EC1-4077-889A-2359D9E6BE8C}" = TRAX Personal 8.00
"{68BFB7FA-39DB-438F-894F-18A831AD94AC}" = WinDVD 4 for IBM Systems
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6BF89F80-9696-4F3A-A61B-B02E1CECBA02}" = Pointsec Protector Client
"{6D3E9027-5DD4-43F7-8C3B-43D7B936F9D7}" = Timbuktu Pro for Windows build 933
"{6EFD662B-6954-460A-8A55-05638D1FF622}" = Tax Practice Guidance & Tools
"{72D96FC4-BD07-4376-BACB-42A215E74F31}" = ECF-Acrobat 8 Integration 2.4.0.94
"{73868DD9-CC9A-4F7F-B708-99F096DEAB6D}" = Adobe Shockwave Player 11.5
"{743D18E2-1B67-4AA9-9E74-B392505A3565}" = Aventail OPSWAT End Point Control
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{7C4A7CB9-C388-46D8-95F3-5FB8AA5CE873}" = Soap Took Kit
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7E35E114-A869-4434-AE5C-8DB606DF3944}" = Adobe SVG Viewer 3.03
"{7E396E6A-0555-47D1-8AFD-A8BE834899A7}" = Prohibitive Word Checker
"{8155DE72-3F2A-404F-BF87-08EE0C827B7E}" = WinDVD 4 for Dell Systems
"{82AFAC3E-A0EA-11D3-BFAC-00C04F60824A}" = Sametime Print Capture
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{837D3763-297C-4DC4-A165-F0B17F4C61DA}" = Analyze Workbook
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{858B0B8C-4C88-4044-9A6A-42902D4D59A6}" = Visual Identity Fonts 2009
"{863998CC-4552-43BB-82F2-4BD2AE737196}" = EY AD Password Expiration Tool 1.4.1
"{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{885F5AC6-4413-4D30-99A9-F4494BFA4923}" = Logitech Harmony Remote Software 7
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2860A67F-F7F6-497B-BF16-1CADCBBFA8C6}" =
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{902E0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2000 Web Components
"{90FF8B1D-1A81-476C-83F3-1F8D71C1CFC0}" = ACS Offline Course Manager
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{98BCB68E-274F-11D4-B2FA-00105AA9021A}" = DR Systems Web Ambassador
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D814802-307C-450E-9B83-6BB13E29994F}" = ECF24VPN
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{9EA5C213-9DCA-4B2E-BC93-A6454AE194E8}" = Infuzer
"{9F3E3C1B-6964-48D6-84C8-925C9A5A8229}" = Polar Daemon
"{9F91B6C4-E892-4978-A571-B5A32BC2082C}" = Symantec AntiVirus
"{A1BC9F13-59FE-43E4-8498-DF5A721196C5}" = BlackBerry USB Drivers
"{A243DEB6-E5D6-40CF-A888-A8E1995C5C40}" = LDI eDocs
"{A2A78788-2792-49BF-AF22-5E9296E568F3}" = Aventail Connect
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6334245-D9F3-4E15-A8C8-A7BF98D6E7E9}" = EY Signer 1.4
"{B8341C05-AFB8-43D2-A977-40A5126944F8}" = Kontiki Delivery Manager
"{BA9E20A1-3C1E-4DA8-80D1-C250A0F8DB87}" = EY Reserve Personal Access 5.0.1
"{BB3FF061-EF82-4858-A4DD-6A4E6425EEAE}" = Topaz Systems SigPlus & Addins 1.1
"{BB75CCF7-5020-4258-A755-86D300774F55}" = EYHelp3 Fast Path 11.2008
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C10C13CD-9130-4D30-ADD8-5D348A6556DE}" = Visual Identity Americas Wallpaper
"{C2ECAB8C-C48D-4C43-B268-C0360E7DC20B}" = SALT Tools 2011.2
"{C3DE07CB-036F-45BC-85BD-D6FFC5D33603}" = TurboTax 2008 wnyiper
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{C813D88E-938A-42D5-95B9-64831E119DCA}" = Tax Interest 2011.2
"{C9603D6E-FC80-452E-A85D-CE29D4302AAD}" = Microsoft WSE 2.0 SP1 Runtime
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD804DF4-B486-4A13-B74C-E0EFB5E556A4}" = State Bonus Depreciation 2010.8
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D178299E-39AE-416E-9E53-B0A3C2586CBA}" = Lotus Notes 8.0.2
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4756C12-4517-42DD-9641-0D131B1B9467}" = EMC Documentum Application Connectors 5.3
"{D91EEFEB-965F-4975-9094-14808CC0D651}" = Windows Media Player 11
"{D9D59F48-E4AC-4106-8B50-907BF0349CDC}" = QuickView Plus
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E4052E8B-8E57-4385-B049-2E58820CEFEB}" = Analyze Workbook
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}" = BlackBerry Desktop Software 5.0.1
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA0092C2-C0FE-40DA-A79E-E4C0FCA129F9}" = Intuit Entitlement Client
"{FB0BB7E4-1FE8-402F-91C6-664ACCEF9070}" = Loadset Information
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF4FA23E-C8E1-403B-91DE-9014D0B8DD2C}" = ECM Remote Client
"ActiveTouchMeetingClient" = WebEx
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.2.5 Standard
"Adobe Acrobat 8 Standard - English, Français, Deutsch_825" = Adobe Acrobat 8.2.5 - CPSID_83708
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Aventail10" = Aventail Connect 10.0.4.35
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"BlackBerry_{EE024764-FA19-4CD4-AA9E-E06DE4B766E8}" = BlackBerry Desktop Software 5.0.1
"CleanUp!" = CleanUp!
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem Adapter
"Connection Wizard" = Connection Wizard
"CyberArmor" = CyberArmor 3.5.8.701
"Digital Editions" = Adobe Digital Editions
"EY eDocs" = EY eDocs
"EY Peer Connect v1.0" = EY Peer Connect v1.0
"FinePrint" = FinePrint
"HDMI" = Intel® Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Juniper Odyssey Access Client" = Juniper Odyssey Access Client 5.2
"Lexis Citation Tools 2003" = LexLink v8.4
"LexisNexis Citation Tools v8.7" = LexisNexis Citation Tools v8.7
"Lexmark 9300 Series" = Lexmark 9300 Series
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micrografx FlowCharter Viewer 7" = Micrografx FlowCharter Viewer 7
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"MS Fax Viewer" = MS Fax Viewer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oracle Client 8.1.6" = Oracle Client 8.1.6
"pdfFactory Pro" = pdfFactory Pro
"PIXresizer_is1" = PIXresizer 2.0.4
"Power Management Driver" = ThinkPad Power Management Driver
"PROPLUS" = Microsoft Office Professional Plus 2007
"ProSeries Basic Edition 2010" = ProSeries Basic Edition 2010
"PROSet" = Intel® Network Connections Drivers
"Software Update Wizard (Redistributable)" = Software Update Wizard (Redistributable) 4.5
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ST6UNST #1" = Custom Import Tool 1.1.37
"TrackPoint" = ThinkPad TrackPoint Driver
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZipMail V8 for Lotus Notes" = ZipMail V8 for Lotus Notes
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8e1cbb738e2e082e" = EPIC Americas
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/20/2011 11:54:03 AM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script ecmadmin1.bat. The system cannot
find the file specified. .
Error - 2/20/2011 11:54:03 AM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/20/2011 11:55:13 AM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for US\mcmahfr failed to contact
the active directory (0x8007054b). The specified domain either does not exist or
could not be contacted. Enrollment will not be performed.
Error - 2/21/2011 10:17:21 PM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/21/2011 10:17:22 PM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 2/21/2011 10:17:47 PM | Computer Name = US011031032-01 | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 2/21/2011 10:20:20 PM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script ecmadmin1.bat. The system cannot
find the file specified. .
Error - 2/21/2011 10:20:21 PM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/21/2011 10:20:24 PM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script KIX32.EXE. The system cannot
find the file specified. .
Error - 2/21/2011 10:21:34 PM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for US\mcmahfr failed to contact
the active directory (0x8007054b). The specified domain either does not exist or
could not be contacted. Enrollment will not be performed.
[ Application Events ]
Error - 2/20/2011 11:54:03 AM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script ecmadmin1.bat. The system cannot
find the file specified. .
Error - 2/20/2011 11:54:03 AM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/20/2011 11:55:13 AM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for US\mcmahfr failed to contact
the active directory (0x8007054b). The specified domain either does not exist or
could not be contacted. Enrollment will not be performed.
Error - 2/21/2011 10:17:21 PM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/21/2011 10:17:22 PM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.
Error - 2/21/2011 10:17:47 PM | Computer Name = US011031032-01 | Source = PerfNet | ID = 2004
Description = Unable to open the Server service. Server performance data will not
be returned. Error code returned is in data DWORD 0.
Error - 2/21/2011 10:20:20 PM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script ecmadmin1.bat. The system cannot
find the file specified. .
Error - 2/21/2011 10:20:21 PM | Computer Name = US011031032-01 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
network. (The specified domain either does not exist or could not be contacted.
). Group Policy processing aborted.
Error - 2/21/2011 10:20:24 PM | Computer Name = US011031032-01 | Source = UserInit | ID = 1000
Description = Could not execute the following script KIX32.EXE. The system cannot
find the file specified. .
Error - 2/21/2011 10:21:34 PM | Computer Name = US011031032-01 | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for US\mcmahfr failed to contact
the active directory (0x8007054b). The specified domain either does not exist or
could not be contacted. Enrollment will not be performed.
[ OSession Events ]
Error - 11/3/2009 5:18:04 PM | Computer Name = US011031032-01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 979
seconds with 60 seconds of active time. This session ended with a crash.
Error - 7/13/2010 9:59:30 AM | Computer Name = US011031032-01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 9/29/2010 12:05:22 PM | Computer Name = US011031032-01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2754
seconds with 900 seconds of active time. This session ended with a crash.
Error - 11/8/2010 9:09:04 AM | Computer Name = US011031032-01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 135
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 4/18/2011 11:28:48 AM | Computer Name = US011031032-01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain US due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 4/18/2011 11:29:24 AM | Computer Name = US011031032-01 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {7E89FF0B-F649-4F9A-A9C3-F05DFAAA3DA1}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.
Error - 4/18/2011 11:30:52 AM | Computer Name = US011031032-01 | Source = Service Control Manager | ID = 7022
Description = The Documentum Application Connector Credential Service service hung
on starting.
Error - 4/18/2011 5:12:41 PM | Computer Name = US011031032-01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain US due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 4/18/2011 10:55:31 PM | Computer Name = US011031032-01 | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC0000001'
while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring
the volume.
Error - 4/18/2011 10:55:35 PM | Computer Name = US011031032-01 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be
modified using the Component Services administrative tool.
Error - 4/18/2011 10:55:39 PM | Computer Name = US011031032-01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain US due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
Error - 4/18/2011 10:57:44 PM | Computer Name = US011031032-01 | Source = Service Control Manager | ID = 7022
Description = The Documentum Application Connector Credential Service service hung
on starting.
Error - 4/18/2011 10:57:44 PM | Computer Name = US011031032-01 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
abp480n5 adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p
asc3550
atapi
cbidf
cd20xrnt
CmdIde
Cpqarray
dac2w2k
dac960nt
dpti2o
hpn
i2omp
ini910u
IntelIde
mraid35x
PCIIde
perc2
perc2hib
ql1080
Ql10wnt
ql12160
ql1240
ql1280
sisagp
Sparrow
symc810
symc8xx
sym_hi
sym_u3
TosIde
ultra
viaagp
ViaIde
Error - 4/19/2011 8:42:29 AM | Computer Name = US011031032-01 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain US due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.
< End of report >