Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE redirect problem (Happili, Gimmesomeanswers, etc.)


  • Please log in to reply

#1
flem16

flem16

    New Member

  • Member
  • Pip
  • 3 posts
For several days Internet Explorer has been redirected to Happili, Gimmesomeanswers and Yellowpages.

I ran the OTL scan and here are my logs:

OTL logfile created on: 3/25/2012 10:08:12 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\rfleming\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.72 Gb Available Physical Memory | 62.15% Memory free
11.96 Gb Paging File | 9.33 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.80 Gb Total Space | 537.72 Gb Free Space | 91.95% Space Free | Partition Type: NTFS

Computer Name: FO187-RFLEMIN | User Name: rfleming | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/25 22:05:46 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\rfleming\Desktop\OTL.exe
PRC - [2012/02/09 09:35:36 | 001,597,496 | ---- | M] (Laser App Software Inc.) -- C:\Program Files (x86)\Laser App Enterprise\uformagent.exe
PRC - [2012/01/22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/22 11:59:57 | 002,477,304 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2011/11/22 11:59:57 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
PRC - [2011/11/22 11:59:57 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2011/11/22 11:59:56 | 000,050,544 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe
PRC - [2011/11/07 11:54:40 | 000,030,016 | ---- | M] (Ebix CRM) -- C:\Program Files (x86)\Ebix Inc\Common Files\SOFileManager.exe
PRC - [2011/03/05 17:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/03/05 17:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/23 15:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/18 12:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/15 17:30:18 | 000,047,104 | ---- | M] () -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
PRC - [2011/02/15 12:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011/02/14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010/11/07 15:16:00 | 000,137,216 | ---- | M] (ScriptLogic Software Corporation) -- C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\CBM\ScriptLogic.CBM.UserExperience.exe
PRC - [2010/11/07 15:15:58 | 000,427,008 | ---- | M] (ScriptLogic Software Corporation) -- C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\CBM\ScriptLogic.CBM.Agent.exe
PRC - [2010/11/07 14:49:00 | 000,557,920 | ---- | M] (ScriptLogic Software Corporation) -- C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\SLClient.exe
PRC - [2010/11/07 12:05:32 | 000,557,920 | ---- | M] (ScriptLogic Software Corporation) -- c:\Windows\SysWOW64\slinstall.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 19:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/05/20 17:15:00 | 000,110,736 | R--- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2010/03/11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2008/05/12 00:11:50 | 001,523,712 | ---- | M] (Altiris, Inc.) -- C:\Program Files (x86)\Altiris\Altiris Agent\AeXNSAgent.exe
PRC - [2008/05/12 00:09:14 | 000,163,840 | ---- | M] (Altiris, Inc.) -- C:\Program Files (x86)\Altiris\Altiris Agent\AeXAgentUIHost.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/09 19:52:21 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c6b914d595e5b00ae540004a71c6c3a2\IAStorUtil.ni.dll
MOD - [2012/03/09 19:52:21 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\ebfad289d9759034cd3a887802fadb5b\IAStorCommon.ni.dll
MOD - [2012/03/08 12:58:49 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/03/08 12:58:28 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012/03/08 12:58:22 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012/03/08 12:58:11 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012/03/08 12:58:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/03/08 12:58:03 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/03/08 12:58:02 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2012/03/08 12:57:56 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/10/27 17:12:16 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/05/19 20:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/02/28 11:29:18 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2011/02/18 23:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011/01/29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011/01/20 13:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/02/27 15:27:46 | 001,096,456 | ---- | M] (Altiris, Inc.) [Auto | Running] -- C:\Program Files\Altiris\Dagent\dagent.exe -- (Altiris Deployment Agent)
SRV - [2012/01/22 08:40:04 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/11/22 11:59:57 | 003,197,256 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2011/11/22 11:59:57 | 002,477,304 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2011/11/22 11:59:57 | 000,411,976 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE -- (SNAC)
SRV - [2011/11/22 11:59:57 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2011/11/22 11:59:57 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2011/03/28 23:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/03/05 17:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/03/01 22:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/23 15:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/18 12:19:06 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/02/15 17:30:18 | 000,047,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe -- (Oasis2Service)
SRV - [2011/02/01 14:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2011/02/01 14:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2011/01/20 13:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/11/07 15:15:58 | 000,427,008 | ---- | M] (ScriptLogic Software Corporation) [Auto | Running] -- C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\CBM\ScriptLogic.CBM.Agent.exe -- (ScriptLogic CBM Service)
SRV - [2010/11/07 14:49:00 | 000,557,920 | ---- | M] (ScriptLogic Software Corporation) [Auto | Running] -- C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\SLClient.exe -- (SLClient)
SRV - [2010/11/07 12:05:32 | 000,557,920 | ---- | M] (ScriptLogic Software Corporation) [Auto | Running] -- c:\Windows\SysWOW64\slinstall.exe -- (SLInstall)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel®
SRV - [2010/05/20 17:15:00 | 000,110,736 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/30 17:36:35 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/05/12 00:11:50 | 001,523,712 | ---- | M] (Altiris, Inc.) [Auto | Running] -- C:\Program Files (x86)\Altiris\Altiris Agent\AeXNSAgent.exe -- (AeXNSClient)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/08 20:25:18 | 000,225,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpshelper.sys -- (WpsHelper)
DRV:64bit: - [2012/03/08 15:03:24 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/03/04 19:31:17 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2012/03/04 19:31:17 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2012/03/04 19:31:17 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2011/11/22 11:59:58 | 000,052,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\WPSDRVnt.sys -- (WPS)
DRV:64bit: - [2011/11/22 11:59:57 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\srtspl64.sys -- (SRTSPL)
DRV:64bit: - [2011/11/22 11:59:57 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/11/22 11:59:57 | 000,062,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Teefer2.sys -- (Teefer2)
DRV:64bit: - [2011/11/22 11:59:57 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/08/29 16:20:37 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/08/01 15:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/05/18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/03/29 02:14:07 | 000,173,160 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/03/28 23:51:30 | 000,425,064 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/28 23:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/03/28 20:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 20:06:44 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/02/16 05:50:45 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 20:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 17:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010/04/26 13:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/12/31 03:04:57 | 000,360,712 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 15:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/04/17 12:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2012/02/13 13:38:28 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120322.019\EX64.SYS -- (NAVEX15)
DRV - [2012/02/13 13:38:28 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/02/13 13:38:28 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/13 13:38:28 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20120322.019\ENG64.SYS -- (NAVENG)
DRV - [2011/11/22 11:59:57 | 000,481,840 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\srtspl64.sys -- (SRTSPL)
DRV - [2011/11/22 11:59:57 | 000,443,952 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\drivers\srtsp64.sys -- (SRTSP)
DRV - [2011/11/22 11:59:57 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\srtspx64.sys -- (SRTSPX)
DRV - [2011/11/02 10:13:12 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2011/05/19 13:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2009/12/16 16:27:00 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/12/16 16:26:58 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/16 16:26:56 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
IE - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-515967899-963894560-682003330-2809\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-515967899-963894560-682003330-2809\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [DagentUI] C:\Program Files\Altiris\Dagent\dagentui.exe (Altiris, Inc.)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AeXAgentLogon] C:\Program Files (x86)\Altiris\Altiris Agent\AeXAgentActivate.exe (Altiris, Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DesktopAuthority User Experience] C:\Program Files (x86)\ScriptLogic\Desktop Authority\Client Files\8.10.255\CBM\ScriptLogic.CBM.UserExperience.exe (ScriptLogic Software Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Update] C:\Users\rfleming\AppData\Roaming\Media Center Programs\Media Center Programs\vubjh.dll (Lame)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Update] C:\Users\rfleming\AppData\Roaming\Media Center Programs\Media Center Programs\vubjh.dll (Lame)
O4 - HKU\S-1-5-21-515967899-963894560-682003330-2809..\Run: [LaserAppUpdate] C:\Program Files (x86)\Laser App Enterprise\uformagent.exe (Laser App Software Inc.)
O4 - HKU\S-1-5-21-515967899-963894560-682003330-2809..\Run: [SmartOffice Desktop Integrations] C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ebix Inc\SmartOffice Desktop Integration - Installer.appref-ms ()
O4 - HKU\S-1-5-21-515967899-963894560-682003330-2809..\Run: [SOFileManager] C:\Program Files (x86)\Ebix Inc\Common Files\SOFileManager.exe (Ebix CRM)
O4 - HKU\S-1-5-21-515967899-963894560-682003330-2809..\Run: [Update] C:\Users\rfleming\AppData\Roaming\Media Center Programs\Media Center Programs\vubjh.dll (Lame)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4:64bit: - Startup: C:\Windows\SysNative\GroupPolicy\User\Scripts\Logoff\SLlogoffScript.cmd ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: MaxGPOScriptWait = 3600
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: 1 = user accounts (Microsoft Corporation)
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogonScripts = 0
O7 - HKU\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: ebix.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: ebixcrm.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: ezdata.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: ez-data.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: smartofficeonline.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: ebix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: ebixcrm.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: ezdata.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: ez-data.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: smartofficeonline.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-515967899-963894560-682003330-2809\..Trusted Domains: ebix.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-515967899-963894560-682003330-2809\..Trusted Domains: ebixcrm.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-515967899-963894560-682003330-2809\..Trusted Domains: ezdata.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-515967899-963894560-682003330-2809\..Trusted Domains: ez-data.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-515967899-963894560-682003330-2809\..Trusted Domains: smartofficeonline.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C8BF1F77-0A43-4AEC-A0AC-BEEE472B65C6} http://www.ez-data.c...tAnalyser64.cab (SmartAnalyze Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C8BF1F77-0A43-4AEC-A0AC-BEEE472B65C6} http://www.ez-data.c...artAnalyser.cab (SmartAnalyze Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pennmutual.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3CA66DBB-B230-4331-A5D4-38F85ADF967A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll) - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6b44564b-666b-11e1-916e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6b44564b-666b-11e1-916e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{6b44564b-666b-11e1-916e-806e6f6e6963}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{6b44564b-666b-11e1-916e-806e6f6e6963}\Shell\install\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{ca63ebce-6a1c-11e1-97b3-f0bf9701c849}\Shell - "" = AutoRun
O33 - MountPoints2\{ca63ebce-6a1c-11e1-97b3-f0bf9701c849}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/03/25 22:07:30 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\rfleming\Desktop\aswMBR.exe
[2012/03/25 22:05:39 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\rfleming\Desktop\OTL.exe
[2012/03/25 21:50:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/03/25 21:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2012/03/25 21:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/03/25 21:11:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/03/25 21:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012/03/25 21:10:20 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Downloads
[2012/03/25 21:10:18 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\GetRightToGo
[2012/03/25 18:19:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012/03/25 18:18:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012/03/25 18:18:53 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Anti-Malware
[2012/03/25 18:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/03/25 18:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/03/25 18:15:32 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\SUPERAntiSpyware.com
[2012/03/25 18:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2012/03/25 18:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2012/03/25 17:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/03/25 17:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/03/25 17:54:39 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Malwarebytes
[2012/03/25 17:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/25 17:54:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2012/03/25 17:54:30 | 000,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/03/25 17:54:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/03/25 17:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/03/24 19:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012/03/24 19:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012/03/24 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2012/03/24 19:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/03/24 19:50:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012/03/24 19:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2012/03/24 19:43:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012/03/24 19:43:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012/03/22 21:55:48 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/03/20 13:33:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ebix Inc
[2012/03/20 13:33:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ebix Inc
[2012/03/20 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Ebix Inc
[2012/03/20 13:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ebix Inc
[2012/03/20 13:21:11 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ebix Inc
[2012/03/20 13:19:00 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\join.me
[2012/03/20 12:44:09 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\InstallShield
[2012/03/20 12:31:44 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Apps
[2012/03/20 12:31:43 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Deployment
[2012/03/19 09:39:25 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Documents for SmartOffice
[2012/03/19 09:38:14 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012/03/19 09:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\E-Z Data
[2012/03/19 09:37:39 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\E-Z Data
[2012/03/19 09:37:28 | 000,000,000 | ---D | C] -- C:\SOInstall
[2012/03/19 08:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
[2012/03/19 08:53:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2012/03/16 21:16:11 | 000,000,000 | ---D | C] -- C:\Update
[2012/03/11 21:21:00 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\ElevatedDiagnostics
[2012/03/11 21:11:32 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Softland
[2012/03/11 21:11:30 | 000,024,912 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmn7.dll
[2012/03/11 21:11:30 | 000,021,328 | ---- | C] (Softland) -- C:\Windows\SysNative\dopdfmi7.dll
[2012/03/11 21:11:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 7
[2012/03/11 21:11:25 | 000,000,000 | ---D | C] -- C:\Program Files\Softland
[2012/03/11 17:22:42 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Unused Desktop Items
[2012/03/10 00:46:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012/03/10 00:18:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/03/09 16:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012/03/09 15:09:23 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Laser App Software
[2012/03/09 15:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laser App Enterprise
[2012/03/09 15:09:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Laser App Enterprise
[2012/03/09 15:07:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\{20056589-61C3-405C-BA14-A1673F21BB62}
[2012/03/09 15:06:57 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\PackageAware
[2012/03/09 13:33:08 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Pershing
[2012/03/09 13:32:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\SoftGrid Client
[2012/03/09 13:32:51 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\SoftGrid Client
[2012/03/09 13:31:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\IsolatedStorage
[2012/03/09 13:30:41 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\TP
[2012/03/09 13:28:33 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Travel
[2012/03/09 13:28:33 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\PNFOA
[2012/03/09 13:28:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\PML Docs
[2012/03/09 13:28:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Pictures
[2012/03/09 13:28:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\2009 Taxes
[2012/03/09 13:28:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\2008 Taxes
[2012/03/09 13:28:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\2007 Taxes
[2012/03/09 13:28:29 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\a-squared Free
[2012/03/09 13:28:29 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\412(i)
[2012/03/09 13:28:29 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\2010 Roth Conversion
[2012/03/09 13:28:29 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\2010 Philadelphia Residency
[2012/03/09 13:28:25 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Advocacy
[2012/03/09 13:28:25 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Advanced Markets Online
[2012/03/09 13:27:59 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Annual Planning - Kurt
[2012/03/09 13:27:59 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\AF2
[2012/03/09 13:27:58 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Bluetooth Exchange Folder
[2012/03/09 13:27:58 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Blackhawk Capital Managers
[2012/03/09 13:27:56 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Boats
[2012/03/09 13:27:55 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Business Card Front and Back
[2012/03/09 13:27:55 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Boston Residency
[2012/03/09 13:27:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Cover Letters
[2012/03/09 13:27:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Christmas Cards
[2012/03/09 13:27:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\BuyHighSellLowpiece pdf
[2012/03/09 13:27:52 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Business Portrait
[2012/03/09 13:27:51 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Curian Capital
[2012/03/09 13:27:50 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Dominique Cilento
[2012/03/09 13:27:50 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Dallas Presentation
[2012/03/09 13:27:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\ESP Networking Group
[2012/03/09 13:27:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\eMoney
[2012/03/09 13:27:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Fee-based Planning Presentation
[2012/03/09 13:27:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Fee-based Planning Documents
[2012/03/09 13:27:29 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\FFB 2011
[2012/03/09 13:27:27 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Genworth
[2012/03/09 13:27:27 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Fundquest
[2012/03/09 13:27:27 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Fleming Loan Documents
[2012/03/09 13:27:25 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Guide to the Markets
[2012/03/09 13:27:24 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\High School Officiating
[2012/03/09 13:27:23 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\HTK Docs
[2012/03/09 13:27:22 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Lionel Trains
[2012/03/09 13:27:22 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\HTK Forms
[2012/03/09 13:27:20 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Manning & Napier
[2012/03/09 13:27:17 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Mileage Run
[2012/03/09 13:27:15 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Documents\My Dropbox
[2012/03/09 13:27:15 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Nationwide 401(k)
[2012/03/09 13:27:15 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\NAEPC
[2012/03/09 13:27:14 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\NFL
[2012/03/09 13:27:13 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Pictures of Peter
[2012/03/09 13:27:03 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Survivor Standby Trusts
[2012/03/09 13:27:03 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Referee
[2012/03/09 13:27:01 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Vegas Presentation
[2012/03/09 13:27:01 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Topics of the Month
[2012/03/09 13:27:01 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Tax Files
[2012/03/09 13:26:59 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\World Cup 2010
[2012/03/09 13:26:58 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\World Cup 2014
[2012/03/09 13:26:57 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Documents\Client Builders
[2012/03/09 13:26:44 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Individual Client Files
[2012/03/09 13:26:42 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\HL Wealth Management
[2012/03/09 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Football 2011
[2012/03/09 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Fleming Consulting
[2012/03/09 13:26:22 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\Anti-virus Software
[2012/03/09 13:26:21 | 000,000,000 | ---D | C] -- C:\Users\rfleming\Desktop\419
[2012/03/09 13:08:10 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetX360
[2012/03/09 13:08:04 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Pershing
[2012/03/09 13:07:13 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Programs
[2012/03/09 12:45:28 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Adobe
[2012/03/09 11:37:30 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012/03/09 11:10:07 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\LogMeIn Rescue Applet
[2012/03/09 08:07:03 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Macromedia
[2012/03/09 08:07:02 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Adobe
[2012/03/08 16:10:37 | 000,000,000 | ---D | C] -- C:\Outlook2007
[2012/03/08 16:01:49 | 000,000,000 | ---D | C] -- C:\Program Files\Altiris
[2012/03/08 15:53:37 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Microsoft Help
[2012/03/08 15:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012/03/08 15:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Penn Mutual Illustrator
[2012/03/08 15:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Penn Mutual Life
[2012/03/08 15:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Penn Mutual Life
[2012/03/08 15:04:30 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Symantec
[2012/03/08 15:04:26 | 000,225,328 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\wpshelper.sys
[2012/03/08 15:03:12 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/03/08 15:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/03/08 15:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/03/08 15:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
[2012/03/08 14:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/03/08 14:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/03/08 14:56:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2012/03/08 14:23:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Altiris
[2012/03/08 14:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Altiris
[2012/03/08 14:23:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Altiris
[2012/03/08 14:23:26 | 006,431,064 | ---- | C] (Altiris, Inc) -- C:\Windows\SysWow64\aexnsc.exe
[2012/03/08 14:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScriptLogic
[2012/03/08 14:23:02 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Intel Corporation
[2012/03/08 14:22:47 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Virtual Machines
[2012/03/08 14:22:47 | 000,000,000 | R--D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/03/08 14:22:47 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Searches
[2012/03/08 14:22:47 | 000,000,000 | R--D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/03/08 14:22:47 | 000,000,000 | -H-D | C] -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/03/08 14:22:42 | 000,557,920 | ---- | C] (ScriptLogic Software Corporation) -- C:\Windows\SysWow64\slinstall.exe
[2012/03/08 14:22:41 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Identities
[2012/03/08 14:22:39 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Contacts
[2012/03/08 14:22:36 | 000,000,000 | ---D | C] -- C:\ScriptLogic
[2012/03/08 14:22:34 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Sony Corporation
[2012/03/08 14:22:31 | 000,000,000 | --SD | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Videos
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Saved Games
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Pictures
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Music
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Links
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Favorites
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Downloads
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Documents
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\Desktop
[2012/03/08 14:22:31 | 000,000,000 | R--D | C] -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\AppData\Local\Temporary Internet Files
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Templates
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Start Menu
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\SendTo
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Recent
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\PrintHood
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\NetHood
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Documents\My Videos
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Documents\My Pictures
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Documents\My Music
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\My Documents
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Local Settings
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\AppData\Local\History
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Cookies
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\Application Data
[2012/03/08 14:22:31 | 000,000,000 | -HSD | C] -- C:\Users\rfleming\AppData\Local\Application Data
[2012/03/08 14:22:31 | 000,000,000 | -H-D | C] -- C:\Users\rfleming\AppData
[2012/03/08 14:22:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Temp
[2012/03/08 14:22:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Local\Microsoft
[2012/03/08 14:22:31 | 000,000,000 | ---D | C] -- C:\Users\rfleming\AppData\Roaming\Media Center Programs
[2012/03/08 13:05:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2012/03/08 13:05:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2012/03/08 12:43:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012/03/08 12:02:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2012/03/08 12:02:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012/03/04 21:23:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/03/04 21:01:22 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/03/04 21:01:13 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2012/03/04 21:01:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2012/03/04 21:00:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2012/03/04 21:00:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012/03/04 20:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/03/04 20:58:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012/03/04 20:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2012/03/04 20:51:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2012/03/04 20:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2012/03/04 20:38:24 | 000,000,000 | -H-D | C] -- C:\SPLASH.000
[2012/03/04 20:38:05 | 000,000,000 | -H-D | C] -- C:\SPLASH.SYS
[2012/03/04 20:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations
[2012/03/04 20:26:52 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2012/03/04 20:26:50 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System\ArcSoftKsUFilter.dll
[2012/03/04 20:26:50 | 000,019,968 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys
[2012/03/04 20:24:49 | 000,014,112 | ---- | C] (InterVideo) -- C:\Windows\SysNative\drivers\regi.sys
[2012/03/04 20:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
[2012/03/04 20:24:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InterVideo
[2012/03/04 20:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2012/03/04 20:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012/03/04 20:24:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2012/03/04 20:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
[2012/03/04 20:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2012/03/04 20:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2012/03/04 20:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012/03/04 20:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/03/04 20:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/03/04 20:18:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012/03/04 20:16:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012/03/04 20:15:15 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2012/03/04 20:15:12 | 000,000,000 | ---D | C] -- C:\Documentation
[2012/03/04 20:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2012/03/04 20:11:43 | 000,000,000 | ---D | C] -- C:\Windows\KB977206
[2012/03/04 20:09:33 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2012/03/04 20:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2012/03/04 20:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012/03/04 20:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012/03/04 19:59:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/03/04 19:58:55 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2012/03/04 19:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/03/04 19:57:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/04 19:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/03/04 19:56:25 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/04 19:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2012/03/04 19:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2012/03/04 19:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2012/03/04 19:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2012/03/04 19:53:10 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint
[2012/03/04 19:53:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012/03/04 19:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/03/04 19:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012/03/04 19:51:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/03/04 19:51:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/03/04 19:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/03/04 19:50:41 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/03/04 19:50:41 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/03/04 19:50:39 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/03/04 19:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012/03/04 19:45:09 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/03/04 19:44:49 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/03/04 19:43:11 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/03/04 19:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/03/04 19:43:09 | 000,000,000 | ---D | C] -- C:\Intel
[2012/03/04 19:38:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/03/04 19:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DDNi
[2012/03/04 19:37:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DDNi
[2012/03/04 19:37:38 | 000,000,000 | -H-D | C] -- C:\ProgramData\{869D8A73-BD74-4AF4-B35D-FA3A4ACE3875}
[2012/03/04 19:32:54 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012/03/04 19:31:31 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2012/03/04 19:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2012/03/04 19:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2012/03/04 19:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2012/03/04 19:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2012/03/04 19:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en
[2012/03/04 19:29:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409
[2012/03/04 19:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2012/03/04 19:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\en-US
[2012/03/04 19:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en
[2012/03/04 19:28:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409
[2012/03/04 19:28:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2012/03/04 19:28:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2012/03/04 19:28:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US

========== Files - Modified Within 30 Days ==========

[2012/03/25 22:09:54 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\rfleming\Desktop\aswMBR.exe
[2012/03/25 22:05:46 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\rfleming\Desktop\OTL.exe
[2012/03/25 21:08:16 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/25 21:08:16 | 000,021,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/25 21:03:50 | 000,000,021 | ---- | M] () -- C:\Windows\tpcsd
[2012/03/25 20:27:15 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/25 20:27:15 | 000,664,872 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/25 20:27:15 | 000,122,698 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/25 20:21:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/25 20:21:10 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/25 18:19:12 | 000,001,111 | ---- | M] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/03/24 21:48:20 | 000,450,856 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/22 11:02:19 | 000,000,852 | ---- | M] () -- C:\Users\rfleming\Desktop\Scan.lnk
[2012/03/19 13:15:47 | 000,005,301 | ---- | M] () -- C:\Users\rfleming\Documents\Loan Extinguishment Notice - Fleming House Loan.pdf
[2012/03/19 08:55:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012/03/19 08:55:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/03/19 08:50:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/03/09 19:18:43 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\Laser App Enterprise Updates.job
[2012/03/09 13:31:11 | 000,802,826 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/09 12:34:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/03/08 20:25:18 | 000,225,328 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\wpshelper.sys
[2012/03/08 16:05:16 | 000,001,433 | ---- | M] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/08 15:51:45 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2012/03/08 15:51:45 | 000,000,128 | ---- | M] () -- C:\Windows\ODBC.INI
[2012/03/08 15:03:24 | 000,172,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/03/08 15:03:24 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/03/08 15:03:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/03/08 14:58:41 | 000,052,394 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012/03/08 14:23:34 | 000,003,892 | RHS- | M] () -- C:\Users\rfleming\ntuser.pol
[2012/03/08 12:03:05 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEH390X.mrk
[2012/03/08 12:03:05 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEH390X.mrk
[2012/03/08 12:01:05 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/03/08 12:01:05 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/03/05 07:59:50 | 000,455,540 | ---- | M] () -- C:\Users\rfleming\Desktop\8949 instructions.pdf
[2012/03/04 21:23:00 | 000,000,771 | ---- | M] () -- C:\Windows\SysNative\snyinst.oem
[2012/03/04 20:57:05 | 000,131,072 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2012/03/04 20:38:25 | 000,000,087 | -H-- | M] () -- C:\splash.idx
[2012/03/04 20:26:49 | 000,000,040 | -H-- | M] () -- C:\Windows\SysNative\ivireg.ivr
[2012/03/04 19:53:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012/03/04 19:38:15 | 000,000,226 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

========== Files Created - No Company Name ==========

[2012/03/25 21:03:50 | 000,000,021 | ---- | C] () -- C:\Windows\tpcsd
[2012/03/25 18:19:12 | 000,001,111 | ---- | C] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/03/22 11:02:19 | 000,000,852 | ---- | C] () -- C:\Users\rfleming\Desktop\Scan.lnk
[2012/03/20 13:19:01 | 000,000,933 | ---- | C] () -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk
[2012/03/19 13:15:44 | 000,005,301 | ---- | C] () -- C:\Users\rfleming\Documents\Loan Extinguishment Notice - Fleming House Loan.pdf
[2012/03/19 08:55:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012/03/19 08:55:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01009.Wdf
[2012/03/19 08:50:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01009.Wdf
[2012/03/11 21:11:30 | 000,007,549 | ---- | C] () -- C:\Windows\SysNative\dopdf7.ctm
[2012/03/09 19:42:17 | 000,323,072 | R--- | C] () -- C:\Windows\SysWow64\WgaTray.exe
[2012/03/09 19:42:16 | 000,190,976 | R--- | C] () -- C:\Windows\SysWow64\Wgalogon.dll
[2012/03/09 15:11:45 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\Laser App Enterprise Updates.job
[2012/03/09 13:26:57 | 002,670,176 | ---- | C] () -- C:\Users\rfleming\Documents\Ryan Fleming Background Documents.pdf
[2012/03/09 13:26:57 | 000,769,035 | ---- | C] () -- C:\Users\rfleming\Documents\Seattle zip code map.pdf
[2012/03/09 13:26:57 | 000,346,250 | ---- | C] () -- C:\Users\rfleming\Documents\Sailfishing in Florida.PDF
[2012/03/09 13:26:57 | 000,210,707 | ---- | C] () -- C:\Users\rfleming\Documents\WA State Life License.pdf
[2012/03/09 13:26:57 | 000,205,739 | ---- | C] () -- C:\Users\rfleming\Documents\RFleming_KirklandReporter_6.8.09.pdf
[2012/03/09 13:26:57 | 000,119,622 | ---- | C] () -- C:\Users\rfleming\Documents\RYAN Work Photo.jpg
[2012/03/09 13:26:57 | 000,092,983 | ---- | C] () -- C:\Users\rfleming\Documents\UW Top 10 Special Teams Article.pdf
[2012/03/09 13:26:57 | 000,028,934 | ---- | C] () -- C:\Users\rfleming\Documents\Seminar Selling.pdf
[2012/03/09 13:26:57 | 000,006,565 | ---- | C] () -- C:\Users\rfleming\Documents\Withdrawal_Authorization.pdf
[2012/03/09 13:26:56 | 001,717,893 | ---- | C] () -- C:\Users\rfleming\Documents\Missed Fortune.pdf
[2012/03/09 13:26:56 | 001,288,997 | ---- | C] () -- C:\Users\rfleming\Documents\Morningstar Options Guide.pdf
[2012/03/09 13:26:56 | 000,703,642 | ---- | C] () -- C:\Users\rfleming\Documents\New Tax Laws.PDF
[2012/03/09 13:26:56 | 000,504,322 | ---- | C] () -- C:\Users\rfleming\Documents\Invoice Receipt.PDF
[2012/03/09 13:26:56 | 000,215,791 | ---- | C] () -- C:\Users\rfleming\Documents\RFleming_BellevueReporter_6 12 09.pdf
[2012/03/09 13:26:56 | 000,073,786 | ---- | C] () -- C:\Users\rfleming\Documents\Phone Transfer.CSV
[2012/03/09 13:26:55 | 001,740,696 | ---- | C] () -- C:\Users\rfleming\Documents\IMG_0314.jpg
[2012/03/09 13:26:55 | 000,315,196 | ---- | C] () -- C:\Users\rfleming\Documents\Fleming Family Trust.asp
[2012/03/09 13:26:55 | 000,112,275 | ---- | C] () -- C:\Users\rfleming\Documents\Grandma Eileen's Obituary.pdf
[2012/03/09 13:26:55 | 000,090,521 | ---- | C] () -- C:\Users\rfleming\Documents\Husky Season Ticket Map.pdf
[2012/03/09 13:26:55 | 000,033,664 | ---- | C] () -- C:\Users\rfleming\Documents\Hidden Mutual Fund Expenses.pdf
[2012/03/09 13:26:55 | 000,010,340 | ---- | C] () -- C:\Users\rfleming\Documents\Fleming correct compliance DISCLOSURE
[2012/03/09 13:26:55 | 000,006,656 | ---- | C] () -- C:\Users\rfleming\Documents\Gift Log
[2012/03/09 13:26:54 | 000,687,550 | ---- | C] () -- C:\Users\rfleming\Documents\COMPENSATION SCHEDULES.pdf
[2012/03/09 13:26:54 | 000,021,319 | ---- | C] () -- C:\Users\rfleming\Documents\Cost of Owning A Mutual Fund.pdf
[2012/03/09 13:26:54 | 000,018,912 | ---- | C] () -- C:\Users\rfleming\Documents\CRD Snapshot.pdf
[2012/03/09 13:26:53 | 002,498,330 | ---- | C] () -- C:\Users\rfleming\Documents\BNY Mellon 2012 Global Outlook.pdf
[2012/03/09 13:26:53 | 000,780,215 | ---- | C] () -- C:\Users\rfleming\Documents\30 Years Without a Paycheck - Article.pdf
[2012/03/09 13:26:53 | 000,221,708 | ---- | C] () -- C:\Users\rfleming\Documents\CAS Annuity Payout.pdf
[2012/03/09 13:26:53 | 000,049,783 | ---- | C] () -- C:\Users\rfleming\Documents\Budget Worksheet.PDF
[2012/03/09 13:26:53 | 000,013,824 | ---- | C] () -- C:\Users\rfleming\Documents\Andrew's Withholding
[2012/03/09 13:26:52 | 004,309,000 | ---- | C] () -- C:\Users\rfleming\Documents\2011 Headshot-DN.jpg
[2012/03/09 13:26:52 | 000,101,361 | ---- | C] () -- C:\Users\rfleming\Documents\2009_10 E&O Insurance.pdf
[2012/03/09 13:26:52 | 000,075,550 | ---- | C] () -- C:\Users\rfleming\Documents\2010 E&O Insurance Cert.pdf
[2012/03/09 13:26:52 | 000,056,612 | ---- | C] () -- C:\Users\rfleming\Documents\2011 E&O Insurance Cert.pdf
[2012/03/09 13:26:52 | 000,011,536 | ---- | C] () -- C:\Users\rfleming\Documents\2011 Headshot-WEB.jpg
[2012/03/09 13:26:31 | 000,397,137 | ---- | C] () -- C:\Users\rfleming\Desktop\Field Guide to Market Conduct.pdf
[2012/03/09 12:34:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012/03/08 16:05:16 | 000,001,433 | ---- | C] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/03/08 15:51:45 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012/03/08 15:51:45 | 000,000,128 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/03/08 15:03:12 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/03/08 15:03:12 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/03/08 14:22:55 | 000,001,405 | ---- | C] () -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/03/08 14:22:51 | 000,001,439 | ---- | C] () -- C:\Users\rfleming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/03/08 14:22:34 | 000,003,892 | RHS- | C] () -- C:\Users\rfleming\ntuser.pol
[2012/03/08 14:22:31 | 000,000,290 | ---- | C] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/03/08 14:22:31 | 000,000,272 | ---- | C] () -- C:\Users\rfleming\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/03/08 13:44:32 | 000,052,394 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/03/08 12:03:05 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCEH390X.mrk
[2012/03/08 12:03:05 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCEH390X.mrk
[2012/03/08 11:59:42 | 522,604,543 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/05 07:59:50 | 000,455,540 | ---- | C] () -- C:\Users\rfleming\Desktop\8949 instructions.pdf
[2012/03/04 21:03:01 | 000,002,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
[2012/03/04 21:01:12 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/03/04 21:01:09 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/03/04 21:00:52 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012/03/04 21:00:48 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/03/04 20:56:50 | 000,131,072 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2012/03/04 20:51:38 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2012/03/04 20:40:48 | 000,001,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
[2012/03/04 20:39:45 | 000,002,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2012/03/04 20:24:50 | 000,000,040 | -H-- | C] () -- C:\Windows\SysNative\ivireg.ivr
[2012/03/04 20:18:52 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/03/04 20:15:35 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2012/03/04 20:15:19 | 000,001,991 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2012/03/04 20:13:08 | 000,001,527 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2012/03/04 20:07:34 | 000,000,869 | ---- | C] () -- C:\Windows\SysWow64\media_center.png
[2012/03/04 19:53:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012/03/04 19:52:58 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012/03/04 19:50:41 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/03/04 19:38:07 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/03/04 19:34:58 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/03/04 19:34:49 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/02/10 16:03:27 | 000,802,826 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012/03/20 12:44:33 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\E-Z Data
[2012/03/20 13:41:33 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\Ebix Inc
[2012/03/25 21:11:35 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\GetRightToGo
[2012/03/09 13:31:52 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\IsolatedStorage
[2012/03/09 13:33:08 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\Pershing
[2012/03/10 00:47:40 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\SoftGrid Client
[2012/03/11 21:11:32 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\Softland
[2012/03/09 13:33:51 | 000,000,000 | ---D | M] -- C:\Users\rfleming\AppData\Roaming\TP
[2012/03/09 19:18:43 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\Laser App Enterprise Updates.job
[2009/07/13 22:08:49 | 000,012,854 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/07/12 18:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/07/12 18:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/07/12 18:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/07/12 18:21:47 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 20:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/12 18:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/07/12 18:21:47 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 20:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 20:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 20:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 20:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 20:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 20:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 20:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: FO187-RFLEMIN
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 E DVD-ROM 0 B No Media
Volume 1 System Rese NTFS Partition 100 MB Healthy System
Volume 2 C NTFS Partition 584 GB Healthy Boot
Volume 3 Recovery NTFS Partition 11 GB Healthy Hidden

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements


#2
flem16

flem16

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Here is the "Extras.txt" logfile:

OTL Extras logfile created on: 3/25/2012 10:08:12 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\rfleming\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.98 Gb Total Physical Memory | 3.72 Gb Available Physical Memory | 62.15% Memory free
11.96 Gb Paging File | 9.33 Gb Available in Paging File | 77.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.80 Gb Total Space | 537.72 Gb Free Space | 91.95% Space Free | Partition Type: NTFS

Computer Name: FO187-RFLEMIN | User Name: rfleming | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DoNotAllowExceptions" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"Enabled" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"C:\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 1" = C:\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 1
"C:\Metafile\MetaViewer Enterprise\EntPrise.exe:*:enabled:Entprise" = C:\Metafile\MetaViewer Enterprise\EntPrise.exe:*:enabled:Entprise
"C:\Program Files\ACT\ACT for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe:172.21.35.0/24:enabled:ACT!_Network_Sync" = C:\Program Files\ACT\ACT for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe:172.21.35.0/24:enabled:ACT!_Network_Sync
"C:\Program Files\ACT\ACT for Windows\Act8.exe:172.21.35.0/24:enabled:Act!_8x/2006" = C:\Program Files\ACT\ACT for Windows\Act8.exe:172.21.35.0/24:enabled:Act!_8x/2006
"c:\program files\act\act for windows\actsage.exe:172.21.35.0/24:enabled:ACT9" = c:\program files\act\act for windows\actsage.exe:172.21.35.0/24:enabled:ACT9
"C:\Program Files\Altiris\Aclient\Aclient.exe:*:enabled:Altiris2" = C:\Program Files\Altiris\Aclient\Aclient.exe:*:enabled:Altiris2
"C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 2" = C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 2
"C:\Program Files\Altiris\Aclient\dagent.exe:*:enabled:Altiris for Vista" = C:\Program Files\Altiris\Aclient\dagent.exe:*:enabled:Altiris for Vista
"C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe:*:enabled:Altiris Service 7" = C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe:*:enabled:Altiris Service 7
"C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe:*:enabled:Altiris Service 5" = C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe:*:enabled:Altiris Service 5
"C:\Program Files\Altiris\eXpress\NS Client\AeXAgentUIHost.exe:*:enabled:Altiris Service 8" = C:\Program Files\Altiris\eXpress\NS Client\AeXAgentUIHost.exe:*:enabled:Altiris Service 8
"C:\Program Files\Altiris\eXpress\NS Client\AeXNSAgent.exe:*:enabled:Altiris Service 6" = C:\Program Files\Altiris\eXpress\NS Client\AeXNSAgent.exe:*:enabled:Altiris Service 6
"C:\Program Files\Casio\PC Connect for Cassiopeia\PCConnect.exe:*:enabled:CasioPeia" = C:\Program Files\Casio\PC Connect for Cassiopeia\PCConnect.exe:*:enabled:CasioPeia
"C:\Program Files\Client Marketing Systems\Advisors Assistant\AdvisorsAssistant.exe:172.20.4.0/24:enabled:AdvisorsAst" = C:\Program Files\Client Marketing Systems\Advisors Assistant\AdvisorsAssistant.exe:172.20.4.0/24:enabled:AdvisorsAst
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:enabled:ccApp" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:enabled:ccApp
"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe:*:enabled:ccEvtMgr" = C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe:*:enabled:ccEvtMgr
"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe:*:enabled:ccSetMgr" = C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe:*:enabled:ccSetMgr
"C:\Program Files\Imagistics\Desktop Document Manager\sdFTP.exe:*:enabled:Office 317 Imaging" = C:\Program Files\Imagistics\Desktop Document Manager\sdFTP.exe:*:enabled:Office 317 Imaging
"C:\Program Files\iTunes\iTunes.exe:*:enabled:Ipod" = C:\Program Files\iTunes\iTunes.exe:*:enabled:Ipod
"c:\program files\laserfiche\client 8\lf.exe:172.20.35.0/24:enabled:LaserFiche_81_FOC44" = c:\program files\laserfiche\client 8\lf.exe:172.20.35.0/24:enabled:LaserFiche_81_FOC44
"C:\Program Files\Laserfiche\Client\lf.exe:*.enabled:LaserficheClient" = C:\Program Files\Laserfiche\Client\lf.exe:*.enabled:LaserficheClient
"C:\program files\laserfiche\server\lfs.exe:*.enabled:LaserficheServer" = C:\program files\laserfiche\server\lfs.exe:*.enabled:LaserficheServer
"C:\Program Files\Microsoft ActiveSync\Rapimgr.exe:*:enabled:ActiveSync3" = C:\Program Files\Microsoft ActiveSync\Rapimgr.exe:*:enabled:ActiveSync3
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:enabled:ActiveSync2" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:enabled:ActiveSync2
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:enabled:ActiveSync1" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:enabled:ActiveSync1
"C:\Program Files\Microsoft Office\Office\Outlook.exe:*:enabled:Outlook" = C:\Program Files\Microsoft Office\Office\Outlook.exe:*:enabled:Outlook
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"c:\program files\microsoft sql server\90\shared\sqlbrowser.exe:172.21.35.0/24:enabled:SQLbrowser_for_ACT" = c:\program files\microsoft sql server\90\shared\sqlbrowser.exe:172.21.35.0/24:enabled:SQLbrowser_for_ACT
"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe:172.21.35.0/24:enabled:SQL_for_ACT" = c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe:172.21.35.0/24:enabled:SQL_for_ACT
"C:\Program Files\Morningstar\Principia\prncp40.exe:*:enabled:Morningstar" = C:\Program Files\Morningstar\Principia\prncp40.exe:*:enabled:Morningstar
"c:\Program Files\nucolp\LPlocal.exe:*:enabled:National Underwriter Field Guide" = c:\Program Files\nucolp\LPlocal.exe:*:enabled:National Underwriter Field Guide
"C:\Program Files\Palm\HOTSYNC.EXE:*:enabled:HotSync" = C:\Program Files\Palm\HOTSYNC.EXE:*:enabled:HotSync
"C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe:*:enabled:lservnt" = C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe:*:enabled:lservnt
"C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\WlmAdmin.exe:*:enabled:WlmAdmin" = C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\WlmAdmin.exe:*:enabled:WlmAdmin
"C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:enabled:WinVNC4" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:enabled:WinVNC4
"C:\Program Files\Schwab Performance Technologies\PortfolioCenter\PortfolioCenter.exe:*:enabled:PortfolioCenter" = C:\Program Files\Schwab Performance Technologies\PortfolioCenter\PortfolioCenter.exe:*:enabled:PortfolioCenter
"C:\Program Files\Schwab Performance Technologies\PortfolioCenter\SPTServer.exe:*:enabled:PortfolioCenter-SPT" = C:\Program Files\Schwab Performance Technologies\PortfolioCenter\SPTServer.exe:*:enabled:PortfolioCenter-SPT
"c:\Program Files\Skype\Phone\Skype.exe:*:enabled:Skype" = c:\Program Files\Skype\Phone\Skype.exe:*:enabled:Skype
"C:\Program Files\Sybase\SQL Anywhere 7\win32\dbeng7.exe:*:enabled:SQL7" = C:\Program Files\Sybase\SQL Anywhere 7\win32\dbeng7.exe:*:enabled:SQL7
"C:\Program Files\Sybase\SQL Anywhere 8\Win32\dbmlsrv8.exe:*:enabled:ADSMobilink" = C:\Program Files\Sybase\SQL Anywhere 8\Win32\dbmlsrv8.exe:*:enabled:ADSMobilink
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbmlsrv9.exe:*:enabled:CDS 4.3 Mobilink" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbmlsrv9.exe:*:enabled:CDS 4.3 Mobilink
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:enabled:ASA 9 Service" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:enabled:ASA 9 Service
"C:\Program Files\Symantec AntiVirus\RtvScan.exe:*:enabled:Rtvscan" = C:\Program Files\Symantec AntiVirus\RtvScan.exe:*:enabled:Rtvscan
"C:\Program Files\UltraVNC\vncviewer.exe:*:enabled:VNC Viewer" = C:\Program Files\UltraVNC\vncviewer.exe:*:enabled:VNC Viewer
"c:\Program Files\UPS 2010\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe:172.20.31.0/24:enabled:SQL_for_UPS_worldship_259" = c:\Program Files\UPS 2010\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe:172.20.31.0/24:enabled:SQL_for_UPS_worldship_259
"C:\Program Files\UVU\UVU Media Player\HSAudioPlayer.exe:*:enabled:HSMediaPlayer" = C:\Program Files\UVU\UVU Media Player\HSAudioPlayer.exe:*:enabled:HSMediaPlayer
"C:\Program Files\Whale Communications\Client Components\3.1.0\WhlClnt3.exe:*:enabled:WhaleVPN" = C:\Program Files\Whale Communications\Client Components\3.1.0\WhlClnt3.exe:*:enabled:WhaleVPN
"C:\WINDOWS\System32\java.exe:*:enabled:Java" = C:\WINDOWS\System32\java.exe:*:enabled:Java -- (Sun Microsystems, Inc.)
"C:\Winops\winops.exe:*:enabled:WinOPS" = C:\Winops\winops.exe:*:enabled:WinOPS
""C:\Program Files\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe:172.20.35.0/24:enabled:PCMeter_c44"" = "C:\Program Files\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe:172.20.35.0/24:enabled:PCMeter_c44"
""C:\Program Files (x86)\MoneyTrax\Presenter.exe":172.21.4.0/24:enabled:Circle_Of_Weath_1" = "C:\Program Files (x86)\MoneyTrax\Presenter.exe":172.21.4.0/24:enabled:Circle_Of_Weath_1
""C:\Program Files (x86)\MoneyTrax\CircleOfWealth.exe":172.21.4.0/24:enabled:Circle_Of_Weath_2" = "C:\Program Files (x86)\MoneyTrax\CircleOfWealth.exe":172.21.4.0/24:enabled:Circle_Of_Weath_2

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"Enabled" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:enabled:PortfolioCenter" = 135:TCP:*:enabled:PortfolioCenter
"1411:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1411:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem
"1433:TCP:*:enabled:ExpressSql" = 1433:TCP:*:enabled:ExpressSql
"1433:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 1433:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"1433:TCP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst" = 1433:TCP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst
"1433:TCP:172.21.35.0/24:enabled:SQL_for_ACT" = 1433:TCP:172.21.35.0/24:enabled:SQL_for_ACT
"1434:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 1434:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"1434:UDP:172.20.31.0/24:enabled:SQL_port_for_UPS_worldship_259" = 1434:UDP:172.20.31.0/24:enabled:SQL_port_for_UPS_worldship_259
"1434:UDP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst" = 1434:UDP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst
"1434:UDP:172.21.35.0/24:enabled:SQL_for_ACT" = 1434:UDP:172.21.35.0/24:enabled:SQL_for_ACT
"1500:TCP:*:enabled:SafeAccess" = 1500:TCP:*:enabled:SafeAccess
"1888:TCP:172.20.35.0/24:enabled:LaserFiche_foc44" = 1888:TCP:172.20.35.0/24:enabled:LaserFiche_foc44
"2638:TCP:*:enabled:SQL Anywhere" = 2638:TCP:*:enabled:SQL Anywhere
"26675:TCP:*:enabled:ActiveSync5" = 26675:TCP:*:enabled:ActiveSync5
"2967:TCP:*:enabled:SymantecAV" = 2967:TCP:*:enabled:SymantecAV
"5050:TCP:172.20.35.0/24:enabled:Laserfiche2_foc44" = 5050:TCP:172.20.35.0/24:enabled:Laserfiche2_foc44
"5051:TCP:172.20.35.0/24:enabled:Laserfiche3_foc44" = 5051:TCP:172.20.35.0/24:enabled:Laserfiche3_foc44
"5500:TCP:*:enabled:VNClisten" = 5500:TCP:*:enabled:VNClisten
"5678:TCP:*:enabled:ActiveSync3" = 5678:TCP:*:enabled:ActiveSync3
"5721:TCP:*:enabled:ActiveSync4" = 5721:TCP:*:enabled:ActiveSync4
"5800:TCP:*:enabled:VNC" = 5800:TCP:*:enabled:VNC
"5900:TCP:*:enabled:VNC" = 5900:TCP:*:enabled:VNC
"65100:TCP:172.21.35.0/24:enabled:Act_Sync" = 65100:TCP:172.21.35.0/24:enabled:Act_Sync
"8900:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 8900:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"9090:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 9090:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"9090:TCP:172.20.4.0/24:enabled:Scanning_for_AdvisorsAst" = 9090:TCP:172.20.4.0/24:enabled:Scanning_for_AdvisorsAst
"990:TCP:*:enabled:ActiveSync1" = 990:TCP:*:enabled:ActiveSync1
"999:TCP:*:enabled:ActiveSync2" = 999:TCP:*:enabled:ActiveSync2
"1434:UDP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1434:UDP:172.21.10.0/24:enabled:065-SecurityCardSystem
"1728:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1728:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = *

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = *

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = *

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework]
"Enabled" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"C:\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 1" = C:\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 1
"C:\Metafile\MetaViewer Enterprise\EntPrise.exe:*:enabled:Entprise" = C:\Metafile\MetaViewer Enterprise\EntPrise.exe:*:enabled:Entprise
"C:\Program Files\ACT\ACT for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe:172.21.35.0/24:enabled:ACT!_Network_Sync" = C:\Program Files\ACT\ACT for Windows\ACT Network Sync\Act.Framework.Synchronization.Service.UI.exe:172.21.35.0/24:enabled:ACT!_Network_Sync
"C:\Program Files\ACT\ACT for Windows\Act8.exe:172.21.35.0/24:enabled:Act!_8x/2006" = C:\Program Files\ACT\ACT for Windows\Act8.exe:172.21.35.0/24:enabled:Act!_8x/2006
"c:\program files\act\act for windows\actsage.exe:172.21.35.0/24:enabled:ACT9" = c:\program files\act\act for windows\actsage.exe:172.21.35.0/24:enabled:ACT9
"C:\Program Files\Altiris\Aclient\Aclient.exe:*:enabled:Altiris2" = C:\Program Files\Altiris\Aclient\Aclient.exe:*:enabled:Altiris2
"C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 2" = C:\Program Files\Altiris\AClient\AClntUsr.EXE:*:enabled:Altiris Service 2
"C:\Program Files\Altiris\Aclient\dagent.exe:*:enabled:Altiris for Vista" = C:\Program Files\Altiris\Aclient\dagent.exe:*:enabled:Altiris for Vista
"C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe:*:enabled:Altiris Service 7" = C:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exe:*:enabled:Altiris Service 7
"C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe:*:enabled:Altiris Service 5" = C:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exe:*:enabled:Altiris Service 5
"C:\Program Files\Altiris\eXpress\NS Client\AeXAgentUIHost.exe:*:enabled:Altiris Service 8" = C:\Program Files\Altiris\eXpress\NS Client\AeXAgentUIHost.exe:*:enabled:Altiris Service 8
"C:\Program Files\Altiris\eXpress\NS Client\AeXNSAgent.exe:*:enabled:Altiris Service 6" = C:\Program Files\Altiris\eXpress\NS Client\AeXNSAgent.exe:*:enabled:Altiris Service 6
"C:\Program Files\Casio\PC Connect for Cassiopeia\PCConnect.exe:*:enabled:CasioPeia" = C:\Program Files\Casio\PC Connect for Cassiopeia\PCConnect.exe:*:enabled:CasioPeia
"C:\Program Files\Client Marketing Systems\Advisors Assistant\AdvisorsAssistant.exe:172.20.4.0/24:enabled:AdvisorsAst" = C:\Program Files\Client Marketing Systems\Advisors Assistant\AdvisorsAssistant.exe:172.20.4.0/24:enabled:AdvisorsAst
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:enabled:ccApp" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:enabled:ccApp
"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe:*:enabled:ccEvtMgr" = C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe:*:enabled:ccEvtMgr
"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe:*:enabled:ccSetMgr" = C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe:*:enabled:ccSetMgr
"C:\Program Files\Imagistics\Desktop Document Manager\sdFTP.exe:*:enabled:Office 317 Imaging" = C:\Program Files\Imagistics\Desktop Document Manager\sdFTP.exe:*:enabled:Office 317 Imaging
"C:\Program Files\iTunes\iTunes.exe:*:enabled:Ipod" = C:\Program Files\iTunes\iTunes.exe:*:enabled:Ipod
"c:\program files\laserfiche\client 8\lf.exe:172.20.35.0/24:enabled:LaserFiche_81_FOC44" = c:\program files\laserfiche\client 8\lf.exe:172.20.35.0/24:enabled:LaserFiche_81_FOC44
"C:\Program Files\Laserfiche\Client\lf.exe:*.enabled:LaserficheClient" = C:\Program Files\Laserfiche\Client\lf.exe:*.enabled:LaserficheClient
"C:\program files\laserfiche\server\lfs.exe:*.enabled:LaserficheServer" = C:\program files\laserfiche\server\lfs.exe:*.enabled:LaserficheServer
"C:\Program Files\Microsoft ActiveSync\Rapimgr.exe:*:enabled:ActiveSync3" = C:\Program Files\Microsoft ActiveSync\Rapimgr.exe:*:enabled:ActiveSync3
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:enabled:ActiveSync2" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:enabled:ActiveSync2
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:enabled:ActiveSync1" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:enabled:ActiveSync1
"C:\Program Files\Microsoft Office\Office\Outlook.exe:*:enabled:Outlook" = C:\Program Files\Microsoft Office\Office\Outlook.exe:*:enabled:Outlook
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"c:\program files\microsoft sql server\90\shared\sqlbrowser.exe:172.21.35.0/24:enabled:SQLbrowser_for_ACT" = c:\program files\microsoft sql server\90\shared\sqlbrowser.exe:172.21.35.0/24:enabled:SQLbrowser_for_ACT
"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe:172.21.35.0/24:enabled:SQL_for_ACT" = c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe:172.21.35.0/24:enabled:SQL_for_ACT
"C:\Program Files\Morningstar\Principia\prncp40.exe:*:enabled:Morningstar" = C:\Program Files\Morningstar\Principia\prncp40.exe:*:enabled:Morningstar
"c:\Program Files\nucolp\LPlocal.exe:*:enabled:National Underwriter Field Guide" = c:\Program Files\nucolp\LPlocal.exe:*:enabled:National Underwriter Field Guide
"C:\Program Files\Palm\HOTSYNC.EXE:*:enabled:HotSync" = C:\Program Files\Palm\HOTSYNC.EXE:*:enabled:HotSync
"C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe:*:enabled:lservnt" = C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\lservnt.exe:*:enabled:lservnt
"C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\WlmAdmin.exe:*:enabled:WlmAdmin" = C:\Program Files\Rainbow Technologies\SentinelLM 7.2.0 Server\English\WlmAdmin.exe:*:enabled:WlmAdmin
"C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:enabled:WinVNC4" = C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:enabled:WinVNC4
"C:\Program Files\Schwab Performance Technologies\PortfolioCenter\PortfolioCenter.exe:*:enabled:PortfolioCenter" = C:\Program Files\Schwab Performance Technologies\PortfolioCenter\PortfolioCenter.exe:*:enabled:PortfolioCenter
"C:\Program Files\Schwab Performance Technologies\PortfolioCenter\SPTServer.exe:*:enabled:PortfolioCenter-SPT" = C:\Program Files\Schwab Performance Technologies\PortfolioCenter\SPTServer.exe:*:enabled:PortfolioCenter-SPT
"c:\Program Files\Skype\Phone\Skype.exe:*:enabled:Skype" = c:\Program Files\Skype\Phone\Skype.exe:*:enabled:Skype
"C:\Program Files\Sybase\SQL Anywhere 7\win32\dbeng7.exe:*:enabled:SQL7" = C:\Program Files\Sybase\SQL Anywhere 7\win32\dbeng7.exe:*:enabled:SQL7
"C:\Program Files\Sybase\SQL Anywhere 8\Win32\dbmlsrv8.exe:*:enabled:ADSMobilink" = C:\Program Files\Sybase\SQL Anywhere 8\Win32\dbmlsrv8.exe:*:enabled:ADSMobilink
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbmlsrv9.exe:*:enabled:CDS 4.3 Mobilink" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbmlsrv9.exe:*:enabled:CDS 4.3 Mobilink
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:enabled:ASA 9 Service" = C:\Program Files\Sybase\SQL Anywhere 9\win32\dbsrv9.exe:*:enabled:ASA 9 Service
"C:\Program Files\Symantec AntiVirus\RtvScan.exe:*:enabled:Rtvscan" = C:\Program Files\Symantec AntiVirus\RtvScan.exe:*:enabled:Rtvscan
"C:\Program Files\UltraVNC\vncviewer.exe:*:enabled:VNC Viewer" = C:\Program Files\UltraVNC\vncviewer.exe:*:enabled:VNC Viewer
"c:\Program Files\UPS 2010\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe:172.20.31.0/24:enabled:SQL_for_UPS_worldship_259" = c:\Program Files\UPS 2010\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe:172.20.31.0/24:enabled:SQL_for_UPS_worldship_259
"C:\Program Files\UVU\UVU Media Player\HSAudioPlayer.exe:*:enabled:HSMediaPlayer" = C:\Program Files\UVU\UVU Media Player\HSAudioPlayer.exe:*:enabled:HSMediaPlayer
"C:\Program Files\Whale Communications\Client Components\3.1.0\WhlClnt3.exe:*:enabled:WhaleVPN" = C:\Program Files\Whale Communications\Client Components\3.1.0\WhlClnt3.exe:*:enabled:WhaleVPN
"C:\WINDOWS\System32\java.exe:*:enabled:Java" = C:\WINDOWS\System32\java.exe:*:enabled:Java -- (Sun Microsystems, Inc.)
"C:\WINDOWS\System32\msdtc.exe:*:enabled:msdtc" = C:\WINDOWS\System32\msdtc.exe:*:enabled:msdtc
"C:\Winops\winops.exe:*:enabled:WinOPS" = C:\Winops\winops.exe:*:enabled:WinOPS
""C:\Program Files\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe:172.20.35.0/24:enabled:PCMeter_c44"" = "C:\Program Files\Pitney Bowes\PC Meter Connect\mailstationAssistant.exe:172.20.35.0/24:enabled:PCMeter_c44"
""C:\Program Files (x86)\MoneyTrax\Presenter.exe":172.21.4.0/24:enabled:Circle_Of_Weath_1" = "C:\Program Files (x86)\MoneyTrax\Presenter.exe":172.21.4.0/24:enabled:Circle_Of_Weath_1
""C:\Program Files (x86)\MoneyTrax\CircleOfWealth.exe":172.21.4.0/24:enabled:Circle_Of_Weath_2" = "C:\Program Files (x86)\MoneyTrax\CircleOfWealth.exe":172.21.4.0/24:enabled:Circle_Of_Weath_2

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"Enabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:enabled:PortfolioCenter" = 135:TCP:*:enabled:PortfolioCenter
"1411:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1411:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem
"1433:TCP:*:enabled:ExpressSql" = 1433:TCP:*:enabled:ExpressSql
"1433:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 1433:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"1433:TCP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst" = 1433:TCP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst
"1433:TCP:172.21.35.0/24:enabled:SQL_for_ACT" = 1433:TCP:172.21.35.0/24:enabled:SQL_for_ACT
"1434:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 1434:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"1434:UDP:172.20.31.0/24:enabled:SQL_port_for_UPS_worldship_259" = 1434:UDP:172.20.31.0/24:enabled:SQL_port_for_UPS_worldship_259
"1434:UDP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst" = 1434:UDP:172.20.4.0/24:enabled:SQL_for_AdvisorsAst
"1434:UDP:172.21.35.0/24:enabled:SQL_for_ACT" = 1434:UDP:172.21.35.0/24:enabled:SQL_for_ACT
"1500:TCP:*:enabled:SafeAccess" = 1500:TCP:*:enabled:SafeAccess
"1888:TCP:172.20.35.0/24:enabled:LaserFiche_foc44" = 1888:TCP:172.20.35.0/24:enabled:LaserFiche_foc44
"2638:TCP:*:enabled:SQL Anywhere" = 2638:TCP:*:enabled:SQL Anywhere
"26675:TCP:*:enabled:ActiveSync5" = 26675:TCP:*:enabled:ActiveSync5
"2967:TCP:*:enabled:SymantecAV" = 2967:TCP:*:enabled:SymantecAV
"5050:TCP:172.20.35.0/24:enabled:Laserfiche2_foc44" = 5050:TCP:172.20.35.0/24:enabled:Laserfiche2_foc44
"5051:TCP:172.20.35.0/24:enabled:Laserfiche3_foc44" = 5051:TCP:172.20.35.0/24:enabled:Laserfiche3_foc44
"5500:TCP:*:enabled:VNClisten" = 5500:TCP:*:enabled:VNClisten
"5678:TCP:*:enabled:ActiveSync3" = 5678:TCP:*:enabled:ActiveSync3
"5721:TCP:*:enabled:ActiveSync4" = 5721:TCP:*:enabled:ActiveSync4
"5800:TCP:*:enabled:VNC" = 5800:TCP:*:enabled:VNC
"5900:TCP:*:enabled:VNC" = 5900:TCP:*:enabled:VNC
"65100:TCP:172.21.35.0/24:enabled:Act_Sync" = 65100:TCP:172.21.35.0/24:enabled:Act_Sync
"8900:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 8900:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"9090:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317" = 9090:TCP:172.20.29.0/24:enabled:Advisors_Assisstant_for_317
"9090:TCP:172.20.4.0/24:enabled:Scanning_for_AdvisorsAst" = 9090:TCP:172.20.4.0/24:enabled:Scanning_for_AdvisorsAst
"990:TCP:*:enabled:ActiveSync1" = 990:TCP:*:enabled:ActiveSync1
"999:TCP:*:enabled:ActiveSync2" = 999:TCP:*:enabled:ActiveSync2
"1434:UDP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1434:UDP:172.21.10.0/24:enabled:065-SecurityCardSystem
"1728:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem" = 1728:TCP:172.21.10.0/24:enabled:065-SecurityCardSystem

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = *

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = *

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = *

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework]
"Enabled" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{377672F0-6B8A-467D-8DDC-79338BCCD531}" = 64 Bit HP CIO Components Installer
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{530992D4-DDBA-4F68-8B0D-FF50AC57531B}" = Symantec Endpoint Protection
"{5B210B8A-B66E-4702-B44D-0D6F388D29EB}" = SpyHunter
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6C8D5E56-CA12-42B2-9075-044B4C7067A9}" = Altiris Deployment Agent
"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.21
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.19.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CNXT_AUDIO_HDA" = Conexant HD Audio
"doPDF 7 printer_is1" = doPDF 7.2 printer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18894D16-5448-4BF9-A128-F7E937322F91}" = OOBE
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52CDF108-5993-4655-B129-D537F5D2D0AB}" = Laser App Enterprise
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{7566F604-94F2-4E79-8C2C-E6F9959AFD6D}" = SmartOffice Helper Application
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B3085BC-599C-4f95-979F-54B7EA8994DA}" = ScriptLogic Desktop Authority: Computer Agent
"{8B4F2108-7395-4951-A7BE-86DA108A001C}" = OGA Notifier 1.7.0105.14.0
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91989CE7-EE83-4A53-8E06-D97887928119}" = VAIO Care
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F5E5B90-E6A1-4427-AEBC-87B79133D316}" = Penn Mutual Illustrator 11.1
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.2) MUI
"{AF46571D-F4AA-489A-8ECE-F85F45A29DA8}" = SmartOffice Desktop Integration
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}" = Oasis2Service 1.0
"{E6725026-A650-449C-897B-D6B7A5EEA058}" = Adobe Flash Player 10 Plugin
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F5248E24-F52C-4FD1-B76F-102460BAFD6B}" = VAIO Help and Support
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FD2731A2-5492-4118-B5D0-AC9EAFBA84FA}" = NetX360
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Application Manager for VAIO" = Application Manager for VAIO
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"Laser App Enterprise" = Laser App Enterprise
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"splashtop" = VAIO Quick Web Access
"VAIO Satisfaction Survey.3.0" = VAIO Satisfaction Survey.
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-515967899-963894560-682003330-2809\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"43cbdbbaf98478b8" = SmartOffice Desktop Integration - Installer
"c34c9290a57f0f64" = SmartOffice Helper Application - Installer
"JoinMe" = join.me

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/16/2012 12:31:47 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x36c Faulting application start time: 0x01cd032daf301cde Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: f093a912-6f20-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:31:56 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x1414 Faulting application start time: 0x01cd032db50a1012 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: f6171fbc-6f20-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:32:07 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x4ac Faulting application start time: 0x01cd032dbb64cd3e Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: fc96f898-6f20-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:32:28 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x1e3c Faulting application start time: 0x01cd032dc117714a Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 09133fba-6f21-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:32:48 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x1048 Faulting application start time: 0x01cd032dd3495ace Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 14be2d18-6f21-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:33:01 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0xbfc Faulting application start time: 0x01cd032ddaed4280 Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 1c86b472-6f21-11e1-aa36-f0bf9701c849

Error - 3/16/2012 12:33:11 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce7a313 Faulting module name: ntdll.dll, version: 6.1.7601.17725,
time stamp: 0x4ec4aa8e Exception code: 0xc0000005 Fault offset: 0x000000000004e4b4
Faulting
process id: 0x18f0 Faulting application start time: 0x01cd032de115e36a Faulting application
path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: 229e5c68-6f21-11e1-aa36-f0bf9701c849

Error - 3/16/2012 2:49:27 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = WinMgmt | ID = 10
Description =

Error - 3/17/2012 12:07:54 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = WinMgmt | ID = 10
Description =

Error - 3/19/2012 11:48:22 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 3/19/2012 12:48:22 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain PENNMUTUAL due to the following: %%1311 This may lead to authentication
problems. Make sure that this computer is connected to the network. If the problem
persists, please contact your domain administrator. ADDITIONAL INFO If this computer
is a domain controller for the specified domain, it sets up the secure session to
the primary domain controller emulator in the specified domain. Otherwise, this
computer sets up the secure session to any domain controller in the specified domain.

Error - 3/19/2012 11:51:31 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain PENNMUTUAL due to the following: %%1311 This may lead to authentication
problems. Make sure that this computer is connected to the network. If the problem
persists, please contact your domain administrator. ADDITIONAL INFO If this computer
is a domain controller for the specified domain, it sets up the secure session to
the primary domain controller emulator in the specified domain. Otherwise, this
computer sets up the secure session to any domain controller in the specified domain.

Error - 3/19/2012 11:52:02 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.

Error - 3/19/2012 11:55:06 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.

Error - 3/19/2012 11:57:09 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = TermService | ID = 1067
Description =

Error - 3/20/2012 11:46:30 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain PENNMUTUAL due to the following: %%1311 This may lead to authentication
problems. Make sure that this computer is connected to the network. If the problem
persists, please contact your domain administrator. ADDITIONAL INFO If this computer
is a domain controller for the specified domain, it sets up the secure session to
the primary domain controller emulator in the specified domain. Otherwise, this
computer sets up the secure session to any domain controller in the specified domain.

Error - 3/20/2012 11:50:43 AM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Service Control Manager | ID = 7022
Description = The Background Intelligent Transfer Service service hung on starting.

Error - 3/20/2012 2:49:33 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.

Error - 3/20/2012 2:49:33 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = The processing of Group Policy failed because of lack of network connectivity
to a domain controller. This may be a transient condition. A success message would
be generated once the machine gets connected to the domain controller and Group
Policy has succesfully processed. If you do not see a success message for several
hours, then contact your administrator.

Error - 3/20/2012 3:50:06 PM | Computer Name = FO187-RFLEMIN.pennmutual.com | Source = NETLOGON | ID = 5719
Description = This computer was not able to set up a secure session with a domain
controller
in domain PENNMUTUAL due to the following: %%1311 This may lead to authentication
problems. Make sure that this computer is connected to the network. If the problem
persists, please contact your domain administrator. ADDITIONAL INFO If this computer
is a domain controller for the specified domain, it sets up the secure session to
the primary domain controller emulator in the specified domain. Otherwise, this
computer sets up the secure session to any domain controller in the specified domain.
  • 0

#3
flem16

flem16

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
..and here is the aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-25 22:32:25
-----------------------------
22:32:25.927 OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:25.927 Number of processors: 4 586 0x2A07
22:32:25.927 ComputerName: FO187-RFLEMIN UserName: rfleming
22:32:28.486 Initialize success
22:32:33.907 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:32:33.907 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
22:32:33.954 Disk 0 MBR read successfully
22:32:33.954 Disk 0 MBR scan
22:32:33.970 Disk 0 Windows 7 default MBR code
22:32:33.970 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 11543 MB offset 2048
22:32:34.001 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 23642112
22:32:34.032 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 598835 MB offset 23846912
22:32:34.063 Disk 0 scanning C:\Windows\system32\drivers
22:32:48.681 Service scanning
22:33:32.190 Service Teefer2 C:\Windows\system32\DRIVERS\teefer2.sys **LOCKED** 32
22:33:44.811 Service WPS C:\Windows\system32\drivers\wpsdrvnt.sys **LOCKED** 32
22:33:44.951 Service WpsHelper C:\Windows\system32\drivers\WpsHelper.sys **LOCKED** 32
22:33:46.324 Modules scanning
22:33:46.854 Disk 0 trace - called modules:
22:33:46.870
22:33:46.870 Scan finished successfully
22:37:33.400 Disk 0 MBR has been saved successfully to "C:\Users\rfleming\Desktop\MBR.dat"
22:37:33.415 The log file has been saved successfully to "C:\Users\rfleming\Desktop\aswMBR.txt"

Thanks!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP