I ran Malwarebytes and it said I also had Backdoor.bot, and it deleted it.
I also ran Adaware, SuperAntiSpyware, and a full scan with Norton 360.
Then I went to Geektogo.com and followed the steps in Malware and Spyware Cleaning Guide.
1. Ran TFC
2. Ran System Restore (got an error that said system restore failed; I have not been able to access System Retore since I got a previous virus infection in May of multiple viruses)
3. Ran ERDNT registry backup
4. Ran Full Norton 360 Virus Scan
5. Windows Update (error installing .NET Framework 3.5 SP1 for .NET Framework Assistant 1.0 x86(KB963707)
6. Ran RootRepeal
7. Ran OTL
Here are my MBAM, RootRepeal, & OTL logs; Thank you in advance for your help.
Malwarebytes' Anti-Malware 1.40
Database version: 2702
Windows 5.1.2600 Service Pack 3
8/26/2009 6:06:09 PM
mbam-log-2009-08-26 (18-06-09).txt
Scan type: Quick Scan
Objects scanned: 115427
Time elapsed: 6 minute(s), 46 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
ROOTREPEAL © AD, 2007-2008
==================================================
Scan Time: 2009/08/26 20:46
Program Version: Version 1.2.3.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\1394BUS.SYS
Address: 0xF7617000 Size: 57344 File Visible: -
Status: -
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF75A8000 Size: 187776 File Visible: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2260992 File Visible: -
Status: -
Name: aeaudio.sys
Image Path: C:\WINDOWS\system32\drivers\aeaudio.sys
Address: 0xF79CD000 Size: 4384 File Visible: -
Status: -
Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0xA57E6000 Size: 138496 File Visible: -
Status: -
Name: agp440.sys
Image Path: agp440.sys
Address: 0xF7687000 Size: 42368 File Visible: -
Status: -
Name: AGRSM.sys
Image Path: C:\WINDOWS\System32\DRIVERS\AGRSM.sys
Address: 0xB9D54000 Size: 1268160 File Visible: -
Status: -
Name: arp1394.sys
Image Path: C:\WINDOWS\System32\DRIVERS\arp1394.sys
Address: 0xF76F7000 Size: 60800 File Visible: -
Status: -
Name: atapi.sys
Image Path: atapi.sys
Address: 0xF74C0000 Size: 96512 File Visible: -
Status: -
Name: ati2cqag.dll
Image Path: C:\WINDOWS\System32\ati2cqag.dll
Address: 0xBFA18000 Size: 286720 File Visible: -
Status: -
Name: ati2dvag.dll
Image Path: C:\WINDOWS\System32\ati2dvag.dll
Address: 0xBF9D5000 Size: 274432 File Visible: -
Status: -
Name: ati2mtag.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ati2mtag.sys
Address: 0xBA08F000 Size: 1679360 File Visible: -
Status: -
Name: ati3duag.dll
Image Path: C:\WINDOWS\System32\ati3duag.dll
Address: 0xBFAA0000 Size: 2736128 File Visible: -
Status: -
Name: atikvmag.dll
Image Path: C:\WINDOWS\System32\atikvmag.dll
Address: 0xBFA5E000 Size: 270336 File Visible: -
Status: -
Name: ativvaxx.dll
Image Path: C:\WINDOWS\System32\ativvaxx.dll
Address: 0xBFD3C000 Size: 1744896 File Visible: -
Status: -
Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: -
Status: -
Name: audstub.sys
Image Path: C:\WINDOWS\System32\DRIVERS\audstub.sys
Address: 0xF7A66000 Size: 3072 File Visible: -
Status: -
Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xF79D9000 Size: 4224 File Visible: -
Status: -
Name: BHDrvx86.sys
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\BHDrvx86.sys
Address: 0xA55EE000 Size: 270336 File Visible: -
Status: -
Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF7897000 Size: 12288 File Visible: -
Status: -
Name: ccHPx86.sys
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\ccHPx86.sys
Address: 0xA5630000 Size: 503808 File Visible: -
Status: -
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xF7507000 Size: 63744 File Visible: -
Status: -
Name: cdrom.sys
Image Path: C:\WINDOWS\System32\DRIVERS\cdrom.sys
Address: 0xF743E000 Size: 62976 File Visible: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
Address: 0xF7657000 Size: 53248 File Visible: -
Status: -
Name: disk.sys
Image Path: disk.sys
Address: 0xF7647000 Size: 36352 File Visible: -
Status: -
Name: DMICall.sys
Image Path: C:\WINDOWS\System32\DRIVERS\DMICall.sys
Address: 0xA9B8B000 Size: 3552 File Visible: -
Status: -
Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0xF741E000 Size: 61440 File Visible: -
Status: -
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA54DC000 Size: 98304 File Visible: No
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79EF000 Size: 8192 File Visible: No
Status: -
Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xB9C66000 Size: 12288 File Visible: -
Status: -
Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: -
Status: -
Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xBA918000 Size: 4096 File Visible: -
Status: -
Name: e100b325.sys
Image Path: C:\WINDOWS\System32\DRIVERS\e100b325.sys
Address: 0xBA033000 Size: 145408 File Visible: -
Status: -
Name: eeCtrl.sys
Image Path: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
Address: 0xA56C8000 Size: 385024 File Visible: -
Status: -
Name: EraserUtilRebootDrv.sys
Image Path: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
Address: 0xA56AB000 Size: 118784 File Visible: -
Status: -
Name: fdc.sys
Image Path: C:\WINDOWS\System32\DRIVERS\fdc.sys
Address: 0xF77BF000 Size: 27392 File Visible: -
Status: -
Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0xF7557000 Size: 44544 File Visible: -
Status: -
Name: flpydisk.sys
Image Path: C:\WINDOWS\System32\DRIVERS\flpydisk.sys
Address: 0xBA259000 Size: 20480 File Visible: -
Status: -
Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF74A0000 Size: 129792 File Visible: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xF79D5000 Size: 7936 File Visible: -
Status: -
Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF74D8000 Size: 125056 File Visible: -
Status: -
Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
Address: 0xF77C7000 Size: 21120 File Visible: -
Status: -
Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806FF000 Size: 134400 File Visible: -
Status: -
Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\HIDPARSE.SYS
Address: 0xBA241000 Size: 28672 File Visible: -
Status: -
Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0xA21B9000 Size: 264832 File Visible: -
Status: -
Name: i8042prt.sys
Image Path: C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Address: 0xF745E000 Size: 52480 File Visible: -
Status: -
Name: IDSxpx86.sys
Image Path: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090810.001\IDSxpx86.sys
Address: 0xA5830000 Size: 294912 File Visible: -
Status: -
Name: imapi.sys
Image Path: C:\WINDOWS\System32\DRIVERS\imapi.sys
Address: 0xF744E000 Size: 42112 File Visible: -
Status: -
Name: intelppm.sys
Image Path: C:\WINDOWS\System32\DRIVERS\intelppm.sys
Address: 0xF747E000 Size: 36352 File Visible: -
Status: -
Name: ipnat.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ipnat.sys
Address: 0xA5902000 Size: 152832 File Visible: -
Status: -
Name: ipsec.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ipsec.sys
Address: 0xA59B5000 Size: 75264 File Visible: -
Status: -
Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF75F7000 Size: 37248 File Visible: -
Status: -
Name: kbdclass.sys
Image Path: C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Address: 0xF77A7000 Size: 24576 File Visible: -
Status: -
Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF7987000 Size: 8192 File Visible: -
Status: -
Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0xA1CED000 Size: 172416 File Visible: -
Status: -
Name: ks.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ks.sys
Address: 0xB9F54000 Size: 143360 File Visible: -
Status: -
Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF7970000 Size: 92928 File Visible: -
Status: -
Name: Lbd.sys
Image Path: Lbd.sys
Address: 0xF7667000 Size: 57472 File Visible: -
Status: -
Name: MCSTRM.SYS
Image Path: C:\WINDOWS\System32\Drivers\MCSTRM.SYS
Address: 0xF7A09000 Size: 7360 File Visible: -
Status: -
Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xF79DB000 Size: 4224 File Visible: -
Status: -
Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xF77CF000 Size: 30080 File Visible: -
Status: -
Name: mouclass.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mouclass.sys
Address: 0xF77B7000 Size: 23040 File Visible: -
Status: -
Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF7627000 Size: 42368 File Visible: -
Status: -
Name: mrxdav.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Address: 0xA304F000 Size: 180608 File Visible: -
Status: -
Name: mrxsmb.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Address: 0xA5726000 Size: 455296 File Visible: -
Status: -
Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0xBA231000 Size: 19072 File Visible: -
Status: -
Name: msgpc.sys
Image Path: C:\WINDOWS\System32\DRIVERS\msgpc.sys
Address: 0xF76C7000 Size: 35072 File Visible: -
Status: -
Name: mssmbios.sys
Image Path: C:\WINDOWS\System32\DRIVERS\mssmbios.sys
Address: 0xBA99B000 Size: 15488 File Visible: -
Status: -
Name: Mup.sys
Image Path: Mup.sys
Address: 0xF7956000 Size: 105344 File Visible: -
Status: -
Name: NAVENG.SYS
Image Path: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090826.034\NAVENG.SYS
Address: 0xA1EF8000 Size: 78208 File Visible: -
Status: -
Name: NAVEX15.SYS
Image Path: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090826.034\NAVEX15.SYS
Address: 0xA1F0C000 Size: 1316864 File Visible: -
Status: -
Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF7A22000 Size: 182656 File Visible: -
Status: -
Name: ndistapi.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Address: 0xBA9AF000 Size: 10112 File Visible: -
Status: -
Name: ndisuio.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Address: 0xA33B4000 Size: 14592 File Visible: -
Status: -
Name: ndiswan.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Address: 0xB9D3D000 Size: 91520 File Visible: -
Status: -
Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xBABF9000 Size: 40576 File Visible: -
Status: -
Name: netbios.sys
Image Path: C:\WINDOWS\System32\DRIVERS\netbios.sys
Address: 0xF7587000 Size: 34688 File Visible: -
Status: -
Name: netbt.sys
Image Path: C:\WINDOWS\System32\DRIVERS\netbt.sys
Address: 0xA5808000 Size: 162816 File Visible: -
Status: -
Name: nic1394.sys
Image Path: C:\WINDOWS\System32\DRIVERS\nic1394.sys
Address: 0xF76B7000 Size: 61824 File Visible: -
Status: -
Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0xBA229000 Size: 30848 File Visible: -
Status: -
Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF7B52000 Size: 574976 File Visible: -
Status: -
Name: ntoskrnl.exe
Image Path: C:\WINDOWS\system32\ntoskrnl.exe
Address: 0x804D7000 Size: 2260992 File Visible: -
Status: -
Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0xA9B5D000 Size: 2944 File Visible: -
Status: -
Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF7607000 Size: 61696 File Visible: -
Status: -
Name: parport.sys
Image Path: C:\WINDOWS\System32\DRIVERS\parport.sys
Address: 0xB9F40000 Size: 80128 File Visible: -
Status: -
Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF770F000 Size: 19712 File Visible: -
Status: -
Name: ParVdm.SYS
Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS
Address: 0xF7A05000 Size: 6784 File Visible: -
Status: -
Name: pci.sys
Image Path: pci.sys
Address: 0xF7597000 Size: 68224 File Visible: -
Status: -
Name: pciide.sys
Image Path: pciide.sys
Address: 0xF7A4F000 Size: 3328 File Visible: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
Address: 0xF7707000 Size: 28672 File Visible: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2260992 File Visible: -
Status: -
Name: point32.sys
Image Path: C:\WINDOWS\system32\DRIVERS\point32.sys
Address: 0xF77AF000 Size: 21760 File Visible: -
Status: -
Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0xB9E8A000 Size: 147456 File Visible: -
Status: -
Name: psched.sys
Image Path: C:\WINDOWS\System32\DRIVERS\psched.sys
Address: 0xB9D2C000 Size: 69120 File Visible: -
Status: -
Name: ptilink.sys
Image Path: C:\WINDOWS\System32\DRIVERS\ptilink.sys
Address: 0xF77DF000 Size: 17792 File Visible: -
Status: -
Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF7677000 Size: 35712 File Visible: -
Status: -
Name: rasacd.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rasacd.sys
Address: 0xBAFE8000 Size: 8832 File Visible: -
Status: -
Name: rasl2tp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Address: 0xF740E000 Size: 51328 File Visible: -
Status: -
Name: raspppoe.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Address: 0xF7887000 Size: 41472 File Visible: -
Status: -
Name: raspptp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspptp.sys
Address: 0xF7877000 Size: 48384 File Visible: -
Status: -
Name: raspti.sys
Image Path: C:\WINDOWS\System32\DRIVERS\raspti.sys
Address: 0xF77E7000 Size: 16512 File Visible: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2260992 File Visible: -
Status: -
Name: rdbss.sys
Image Path: C:\WINDOWS\System32\DRIVERS\rdbss.sys
Address: 0xA5796000 Size: 175744 File Visible: -
Status: -
Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xF79DD000 Size: 4224 File Visible: -
Status: -
Name: redbook.sys
Image Path: C:\WINDOWS\System32\DRIVERS\redbook.sys
Address: 0xF742E000 Size: 57600 File Visible: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA2652000 Size: 45056 File Visible: No
Status: -
Name: SASDIFSV.SYS
Image Path: C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Address: 0xF7737000 Size: 24576 File Visible: -
Status: -
Name: SASKUTIL.sys
Image Path: C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Address: 0xA57C1000 Size: 151552 File Visible: -
Status: -
Name: smrt.sys
Image Path: C:\WINDOWS\System32\DRIVERS\smrt.sys
Address: 0xB9F77000 Size: 768256 File Visible: -
Status: -
Name: smwdm.sys
Image Path: C:\WINDOWS\system32\drivers\smwdm.sys
Address: 0xB9EAE000 Size: 594048 File Visible: -
Status: -
Name: sr.sys
Image Path: sr.sys
Address: 0xF748E000 Size: 73472 File Visible: -
Status: -
Name: SRTSP.SYS
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\SRTSP.SYS
Address: 0xA204E000 Size: 339968 File Visible: -
Status: -
Name: SRTSPX.SYS
Image Path: C:\WINDOWS\system32\drivers\N360\0305020.00A\SRTSPX.SYS
Address: 0xF7567000 Size: 36992 File Visible: -
Status: -
Name: srv.sys
Image Path: C:\WINDOWS\System32\DRIVERS\srv.sys
Address: 0xA2F35000 Size: 333952 File Visible: -
Status: -
Name: STREAM.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\STREAM.SYS
Address: 0xF746E000 Size: 53248 File Visible: -
Status: -
Name: swenum.sys
Image Path: C:\WINDOWS\System32\DRIVERS\swenum.sys
Address: 0xF79CF000 Size: 4352 File Visible: -
Status: -
Name: SYMEFA.SYS
Image Path: SYMEFA.SYS
Address: 0xF7828000 Size: 323584 File Visible: No
Status: -
Name: SYMEVENT.SYS
Image Path: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
Address: 0xA58DD000 Size: 151552 File Visible: -
Status: -
Name: SYMFW.SYS
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\SYMFW.SYS
Address: 0xA58C8000 Size: 83200 File Visible: -
Status: -
Name: SYMIDS.SYS
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\SYMIDS.SYS
Address: 0xF780F000 Size: 26368 File Visible: -
Status: -
Name: SymIM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\SymIM.sys
Address: 0xF77EF000 Size: 29696 File Visible: -
Status: -
Name: SYMNDIS.SYS
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\SYMNDIS.SYS
Address: 0xF7807000 Size: 29696 File Visible: -
Status: -
Name: SYMTDI.SYS
Image Path: C:\WINDOWS\System32\Drivers\N360\0305020.00A\SYMTDI.SYS
Address: 0xA5928000 Size: 210432 File Visible: -
Status: -
Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xA2FEF000 Size: 60800 File Visible: -
Status: -
Name: tcpip.sys
Image Path: C:\WINDOWS\System32\DRIVERS\tcpip.sys
Address: 0xA595C000 Size: 361600 File Visible: -
Status: -
Name: TDI.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\TDI.SYS
Address: 0xF77D7000 Size: 20480 File Visible: -
Status: -
Name: termdd.sys
Image Path: C:\WINDOWS\System32\DRIVERS\termdd.sys
Address: 0xBAC29000 Size: 40704 File Visible: -
Status: -
Name: Udfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Udfs.SYS
Address: 0xA54F4000 Size: 66048 File Visible: -
Status: -
Name: update.sys
Image Path: C:\WINDOWS\System32\DRIVERS\update.sys
Address: 0xB9CCE000 Size: 384768 File Visible: -
Status: -
Name: uphcleanhlp.sys
Image Path: C:\WINDOWS\system32\Drivers\uphcleanhlp.sys
Address: 0xA2C36000 Size: 8960 File Visible: No
Status: -
Name: USBD.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\USBD.SYS
Address: 0xF79D3000 Size: 8192 File Visible: -
Status: -
Name: usbehci.sys
Image Path: C:\WINDOWS\System32\DRIVERS\usbehci.sys
Address: 0xF779F000 Size: 30208 File Visible: -
Status: -
Name: usbhub.sys
Image Path: C:\WINDOWS\System32\DRIVERS\usbhub.sys
Address: 0xBABB9000 Size: 59520 File Visible: -
Status: -
Name: USBPORT.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\USBPORT.SYS
Address: 0xBA057000 Size: 147456 File Visible: -
Status: -
Name: USBSTOR.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Address: 0xF77FF000 Size: 26368 File Visible: -
Status: -
Name: usbuhci.sys
Image Path: C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Address: 0xF7797000 Size: 20608 File Visible: -
Status: -
Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0xBA239000 Size: 20992 File Visible: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS
Address: 0xBA07B000 Size: 81920 File Visible: -
Status: -
Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF7637000 Size: 52352 File Visible: -
Status: -
Name: wanarp.sys
Image Path: C:\WINDOWS\System32\DRIVERS\wanarp.sys
Address: 0xF76E7000 Size: 34560 File Visible: -
Status: -
Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0xF776F000 Size: 20480 File Visible: -
Status: -
Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0xA2E30000 Size: 83072 File Visible: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: -
Status: -
Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: -
Status: -
Name: WMILIB.SYS
Image Path: C:\WINDOWS\System32\DRIVERS\WMILIB.SYS
Address: 0xF7989000 Size: 8192 File Visible: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2260992 File Visible: -
Status: -
OTL logfile created on: 8/26/2009 8:49:34 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Marshall & Janene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.29% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3200 4050 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 459.75 Gb Total Space | 370.94 Gb Free Space | 80.68% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.85 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JACKMAN
Current User Name: Marshall & Janene
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2006/07/18 19:51:42 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2006/07/18 19:51:42 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009/02/06 17:02:14 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2003/12/05 13:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe
PRC - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2009/08/18 12:21:15 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.10\ccSvcHst.exe
PRC - [2007/09/20 09:51:46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2008/04/13 17:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2005/04/27 15:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe
PRC - [2005/03/29 19:03:20 | 00,786,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\GPDBWatcher.exe
PRC - [2005/01/06 15:52:54 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/01/06 15:52:56 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2005/01/06 15:52:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2004/07/22 14:38:38 | 00,088,361 | ---- | M] (Agere Systems) -- C:\WINDOWS\AGRSMMSG.exe
PRC - [2002/08/20 11:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.) -- C:\WINDOWS\System32\ezSP_Px.exe
PRC - [2005/08/31 00:40:36 | 00,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
PRC - [2004/06/03 01:51:27 | 00,172,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe
PRC - [2005/04/08 14:09:42 | 00,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
PRC - [2009/07/10 13:59:22 | 00,195,072 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009/08/18 12:21:15 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.10\ccSvcHst.exe
PRC - [2003/10/06 20:26:10 | 00,229,376 | ---- | M] (Sony Corporation) -- C:\Program Files\sony\usbsircs\usbsircs.exe
PRC - [2003/12/05 13:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe
PRC - [2005/08/31 00:40:36 | 00,057,344 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
PRC - [2004/11/12 10:24:05 | 00,106,557 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2009/02/06 03:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 14:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/08/26 20:48:39 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marshall & Janene\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2009/02/06 17:02:14 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon [Auto | Running])
SRV - [2009/06/05 11:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2006/07/18 19:51:42 | 00,401,408 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2005/08/30 21:05:00 | 00,516,096 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2003/12/05 13:32:56 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\shwserv.exe -- (Giga Pocket Hardware Detector [Auto | Running])
SRV - [2009/03/24 13:03:54 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2008/04/13 17:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/07/13 14:02:50 | 00,542,496 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2009/07/03 07:49:06 | 01,029,456 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Stopped])
SRV - [2005/05/28 13:05:54 | 00,069,120 | ---- | M] (element5) -- C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe -- (License Management Service ESD [On_Demand | Stopped])
SRV - [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe -- (MDM [Auto | Running])
SRV - [2009/08/18 12:21:15 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.10\ccSvcHst.exe -- (N360 [Auto | Running])
SRV - [2007/09/20 09:51:46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/01/04 10:45:24 | 00,382,248 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped])
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2004/10/29 01:20:54 | 00,053,337 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])
SRV - [2003/09/25 13:38:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\halsv.exe -- (Sony TV Tuner Controller [On_Demand | Stopped])
SRV - [2003/12/05 13:32:06 | 00,090,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Giga Pocket\RM_SV.exe -- (Sony TV Tuner Manager [On_Demand | Running])
SRV - [2008/04/24 13:26:18 | 00,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2 [Auto | Stopped])
SRV - [2004/10/29 01:18:24 | 00,069,718 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])
SRV - [2005/04/27 15:59:24 | 00,241,725 | ---- | M] (Microsoft Corporation) -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean [Auto | Running])
SRV - [2005/01/06 15:52:58 | 00,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])
SRV - [2005/03/29 19:03:20 | 00,786,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\GPDBWatcher.exe -- (VAIOMediaDBSyncService [Auto | Running])
SRV - [2005/03/29 19:04:02 | 01,847,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped])
SRV - [2005/01/14 15:21:32 | 00,057,344 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped])
SRV - [2005/01/14 15:26:56 | 00,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped])
SRV - [2005/01/14 15:20:14 | 00,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped])
SRV - [2005/01/06 15:52:54 | 00,278,528 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw [On_Demand | Running])
SRV - [2007/01/04 14:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service [Auto | Running])
SRV - [2005/01/06 15:52:56 | 00,131,072 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc [Auto | Running])
SRV - [2005/01/06 15:52:56 | 00,118,784 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw [Auto | Running])
SRV - [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2008/11/09 13:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Disabled | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn...st/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...amp;ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/04/14 23:44:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.02\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2009/06/23 18:38:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.02\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2009/07/13 19:45:42 | 00,000,000 | ---D | M]
O1 HOSTS File: (126 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.10\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.10\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.10\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.10\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe (Agere Systems)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe (Easy Systems Japan Ltd.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remocon Driver.lnk = C:\Program Files\sony\usbsircs\usbsircs.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Viewpoint Search - Reg Error: Value error. File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - Reg Error: Value error. File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: schoolloop.com ([sths] https in Trusted sites)
O15 - HKCU\..Trusted Domains: schoolloop.com ([www.sths] https in Trusted sites)
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=48835 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} http://protect.micro...b?1099773218390 (MSSecurityAdvisor Class)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onec...lscbase1140.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symant...ex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} http://www.facebook....ls/contactx.dll (ContactExtractor Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1238569823812 (MUWebControl Class)
O16 - DPF: {6F750202-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Kodak Gallery Easy Upload Manager Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9184D21C-9835-42C5-A883-EA8BE7FC048D} http://www.shop.intu...bles/ie/IDA.cab (Reg Error: Key error.)
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} http://web1.shutterf...ds/Uploader.cab (Shutterfly Picture Upload Plugin)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...ro.cab34246.cab (Reg Error: Key error.)
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} http://download.game...itched/main.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_01)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec....rl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://download.game...aploader_v6.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} http://fdl.msn.com/z...s/heartbeat.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.10\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/03/31 14:07:46 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
NetSvcs: 6to4 - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Iprip - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: Wmi - C:\WINDOWS\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: helpsvc - C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/08/26 20:48:36 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marshall & Janene\Desktop\OTL.exe
[2009/08/26 20:38:53 | 21,468,81536 | -HS- | C] () -- C:\hiberfil.sys
[2009/08/26 17:57:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/08/26 17:55:46 | 00,000,620 | ---- | C] () -- C:\Documents and Settings\Marshall & Janene\Desktop\NTREGOPT.lnk
[2009/08/26 17:55:46 | 00,000,601 | ---- | C] () -- C:\Documents and Settings\Marshall & Janene\Desktop\ERUNT.lnk
[2009/08/26 17:55:46 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/26 17:54:31 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Marshall & Janene\Desktop\erunt_setup.exe
[2009/08/26 17:52:20 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Documents and Settings\Marshall & Janene\Desktop\SysRestorePoint.exe
[2009/08/26 17:38:06 | 00,272,384 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Marshall & Janene\Desktop\TFC.exe
[2009/08/22 18:17:39 | 00,019,023 | ---- | C] () -- C:\WINDOWS\System32\AAWService_2009_08_22_18_17_39.dmp
========== Files - Modified Within 14 Days ==========
[2009/08/26 20:48:39 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marshall & Janene\Desktop\OTL.exe
[2009/08/26 20:40:26 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/08/26 20:39:22 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/08/26 20:39:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/08/26 20:38:58 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/08/26 20:38:53 | 21,468,81536 | -HS- | M] () -- C:\hiberfil.sys
[2009/08/26 19:59:21 | 00,663,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\Cat.DB
[2009/08/26 17:55:46 | 00,000,620 | ---- | M] () -- C:\Documents and Settings\Marshall & Janene\Desktop\NTREGOPT.lnk
[2009/08/26 17:55:46 | 00,000,601 | ---- | M] () -- C:\Documents and Settings\Marshall & Janene\Desktop\ERUNT.lnk
[2009/08/26 17:54:33 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Marshall & Janene\Desktop\erunt_setup.exe
[2009/08/26 17:52:20 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Documents and Settings\Marshall & Janene\Desktop\SysRestorePoint.exe
[2009/08/26 17:38:08 | 00,272,384 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Marshall & Janene\Desktop\TFC.exe
[2009/08/26 17:04:51 | 00,000,446 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{37D7B97E-F979-4280-AEB4-B5CC75CDCDDA}.job
[2009/08/25 15:42:57 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/08/24 14:17:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/08/22 18:17:39 | 00,019,023 | ---- | M] () -- C:\WINDOWS\System32\AAWService_2009_08_22_18_17_39.dmp
[2009/08/22 09:57:33 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/08/21 22:09:54 | 00,109,056 | ---- | M] () -- C:\Documents and Settings\Marshall & Janene\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/20 20:33:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/08/19 08:30:14 | 00,001,909 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2009/08/18 16:58:19 | 00,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2009/08/18 16:58:19 | 00,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2009/08/18 16:58:19 | 00,007,456 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2009/08/18 16:58:19 | 00,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2009/08/18 15:56:52 | 00,009,412 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symnetv.cat
[2009/08/18 15:56:52 | 00,001,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymNetV.inf
[2009/08/18 15:56:52 | 00,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\isolate.ini
[2009/08/18 12:21:16 | 00,482,432 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\cchpx86.sys
[2009/08/18 12:21:16 | 00,310,320 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymEFA.sys
[2009/08/18 12:21:16 | 00,308,272 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtsp.sys
[2009/08/18 12:21:16 | 00,259,632 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\BHDrvx86.sys
[2009/08/18 12:21:16 | 00,217,136 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symtdi.sys
[2009/08/18 12:21:16 | 00,089,904 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symfw.sys
[2009/08/18 12:21:16 | 00,048,688 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symndisv.sys
[2009/08/18 12:21:16 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtspx.sys
[2009/08/18 12:21:16 | 00,036,400 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symndis.sys
[2009/08/18 12:21:16 | 00,033,072 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0305020.00A\symids.sys
[2009/08/18 12:21:09 | 00,003,373 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymEFA.inf
[2009/08/18 12:21:09 | 00,001,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\ccHPx86.inf
[2009/08/18 12:21:09 | 00,001,561 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymNet.inf
[2009/08/18 12:21:09 | 00,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtspx.inf
[2009/08/18 12:21:09 | 00,001,382 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtsp.inf
[2009/08/18 12:21:09 | 00,000,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\BHDrvx86.inf
[2009/08/18 12:21:03 | 00,009,402 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymNet.cat
[2009/08/18 12:21:03 | 00,007,431 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\SymEFA.cat
[2009/08/18 12:21:03 | 00,007,429 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtspx.cat
[2009/08/18 12:21:03 | 00,007,425 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\srtsp.cat
[2009/08/18 12:21:03 | 00,007,400 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\bhdrvx86.cat
[2009/08/18 12:21:03 | 00,007,383 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0305020.00A\ccHPx86.cat
[2009/08/18 12:20:55 | 00,036,400 | R--- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2009/08/17 20:00:00 | 00,000,646 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Marshall & Janene.job
[2009/08/17 14:38:18 | 00,035,736 | ---- | M] () -- C:\Documents and Settings\Marshall & Janene\Application Data\GDIPFONTCACHEV1.DAT
[2009/08/15 17:34:00 | 00,000,460 | ---- | M] () -- C:\WINDOWS\tasks\EasyShare Registration Task.job
========== LOP Check ==========
[2009/08/07 08:51:30 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/04/14 21:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009/08/18 16:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/04/14 21:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/24 14:15:57 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/04/14 21:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/04/14 21:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\element5
[2009/04/14 21:51:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2009/04/14 21:52:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Memeo
[2009/08/07 08:51:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Norton
[2009/08/07 08:49:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NortonInstaller
[2009/08/07 08:38:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/04/14 21:52:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/04/14 21:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sandlot Games
[2009/04/14 21:52:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2009/04/14 21:54:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2009/04/14 21:56:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/06/09 20:38:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/05/24 18:42:32 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data
[2009/04/14 21:56:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\acccore
[2009/04/14 21:56:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Aim
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\ArcSoft
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\ATI
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Drag'n Drop CD+DVD
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\EPSON
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\funkitron
[2009/04/14 21:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\InterVideo
[2009/04/14 21:57:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Intuit
[2009/04/14 21:57:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Leadertech
[2009/04/14 21:57:52 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Move Networks
[2009/04/14 21:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Sandlot Games
[2009/04/14 21:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Skinux
[2009/04/14 21:58:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Snapfish
[2009/04/14 21:58:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Template
[2009/06/09 20:38:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Viewpoint
[2009/04/14 21:58:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Marshall & Janene\Application Data\Wildfire
[2009/08/24 14:17:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/08/20 20:33:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2003/03/31 05:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/08/15 17:34:00 | 00,000,460 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2009/08/26 20:39:22 | 00,000,868 | ---- | M] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009/08/17 20:00:00 | 00,000,646 | ---- | M] () -- C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Marshall & Janene.job
[2004/09/18 11:14:52 | 00,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\Registration reminder 3.job
[2009/08/26 20:39:03 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
[2009/08/26 17:04:51 | 00,000,446 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{37D7B97E-F979-4280-AEB4-B5CC75CDCDDA}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
[2003/10/24 15:16:38 | 00,016,496 | ---- | M] (Microsoft Corporation) -- C:\backappl.exe
< %systemroot%\system32\eventlog.dll >
[2008/04/13 17:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
< %systemroot%\system32\scecli.dll >
[2008/04/13 17:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< End of report >
OTL Extras logfile created on: 8/26/2009 8:49:34 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Documents and Settings\Marshall & Janene\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 72.29% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): C:\pagefile.sys 3200 4050 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 459.75 Gb Total Space | 370.94 Gb Free Space | 80.68% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 3.85 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JACKMAN
Current User Name: Marshall & Janene
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- File not found
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Guild Wars\Gw.exe" = C:\Program Files\Guild Wars\Gw.exe:*:Enabled:Guild Wars -- (ArenaNet)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Sony\VAIO Media 4.0\Vc.exe" = C:\Program Files\Sony\VAIO Media 4.0\Vc.exe:*:Disabled:[VAIO Media] VAIO Media -- (Sony Corporation)
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01AF4645-78E6-46C4-B528-54863679CC40}" = VAIO SLIT-C Screen Saver
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D490016-5D01-4CB3-A037-55814AC63D2E}" = Giga Pocket Hardware Library 5.5
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15EE1439-3B90-4DA6-A4FD-3BF23E830C25}" = MS Export
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{266AEE68-5718-4A31-BDD3-D356B1250C70}" = VAIO SLIT Pattern Wallpaper
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B24B725-D81F-442D-8CE5-2AF05A4A4CC9}" = Music Visualizer Library 1.4.00
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"{40C03514-89C3-41BA-0090-3B440256DB87}" = The Sims 2
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims 2 Pets
"{48820099-ED7D-424B-890C-9A82EF00656C}" = VAIO Update 2
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4C75086F-7753-41B9-8B4C-F38DE6CC8C20}" = VAIO Remote Commander Utility 6.2
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{623D3B16-5484-44E8-97A8-91B3B1BA658E}" = SplashWallet Suite
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6990A2BF-D1D2-11D3-81BC-00609789C908}" = Sony Video Shared Library
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7148F0A8-6813-11D6-A77B-00B0D0142010}" = Java 2 Runtime Environment, SE v1.4.2_01
"{71D6CE84-B7DC-4166-8E0D-56C1C37BFB5A}" = SonicStage 1.5.03
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.1
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Open For Business
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics Driver
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8C5FAD77-F678-4758-A296-C12F08D179E0}" = Microsoft IntelliPoint 6.2
"{8C6CB33A-AA86-446C-8C4D-304A7FA51033}" = Nero 8 Essentials
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD 5 for VAIO
"{93B80FB1-7A23-11D3-B250-00105A1F4184}" =
"{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{979F6A6B-4CB0-424E-8E70-AA2ED38B4CCC}" = Giga Pocket Demo Movie
"{98A3A654-3AEF-42D9-BA91-DE5815EA5897}" = Click to DVD 2.0 Menu Data
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}" = SFR2
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4870F16-380A-47D5-B30F-45A99FED3403}" = Click to DVD 2.4.12
"{A6BFDF60-FD08-4EF9-8D26-B762A19DB9A0}" = Giga Pocket 5.5
"{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1899CD8-9584-4DC5-00AE-48F47CF81183}" = The Sims 2 HomeCrafter Plus
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Apartment Life
"{BB92E35A-F5B8-4D59-90F3-CF863871BCF3}" = OpenMG Secure Module 4.0.05
"{BC5E5F8F-0BA2-480A-94C4-0E65D4FA8238}" = Click to DVD 2.4.12
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2B28CEE-4FA1-4D9E-BECD-CDA064AFB7CD}" = Philips RUSH Audio Player (128 MB)
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C5EC81D0-3DED-435D-A46E-E3F60F7DC8AD}" = Palm Desktop
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD7D5804-C157-48A6-AEE0-4A40A4B5C054}" = VAIO System Information
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0448678-1203-4158-A58F-B3D0B616BF9E}" = Sony Certificate PCH
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB6D0A87-77BA-4083-85D1-D07604B3FAD7}" = CLIE MS SCSI Driver
"{DDC146FA-73E0-4FA1-A353-841EA14BF600}" = Drag'n Drop CD+DVD
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Seasons
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.5.32
"{E86BC406-944E-41F6-ADE6-2C136734C96B}" = EPSON File Manager
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Nightlife
"{F8313341-8D53-4D84-8BEB-F82D556B21CD}" = ATI Catalyst Control Center
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE4EF1A8-6DB6-469F-98E4-519AEC0ED6E9}" = CLIE Mail Conduit
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"AIM_6" = AIM 6
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner (remove only)
"CONNECT" = CONNECT
"Coupon Printer for Windows2.0" = Coupon Printer for Windows
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"Fellowes/NEATO MediaFACE" = Fellowes/NEATO MediaFACE
"Google Updater" = Google Updater
"Guild Wars" = Guild Wars
"Handmark® Oxford American Desk Dictionary and Thesaurus for Palm OS" = Handmark® Oxford American Desk Dictionary and Thesaurus for Palm OS
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{2DBE41DD-2129-4C65-A3D3-5647236A60F3}" = Quicken 2005
"InstallShield_{315BA29D-2644-4760-B5FD-5AC04A52B8C5}" = VAIO Registration
"InstallShield_{3D047C15-C859-45F7-81CE-F2681778069B}" = iPod for Windows 2006-01-10
"InstallShield_{BB92E35A-F5B8-4D59-90F3-CF863871BCF3}" = OpenMG Secure Module 4.0.05
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"InstallShield_{E68B38DE-D7DD-4FB3-A453-3F03A947EA8E}" = VAIO Help and Support
"InstallShield_{FA11D5B5-7D0A-43E8-88C4-960F97B194DE}" = VAIO Survey Standalone
"Intellisync Lite Connected Organizers V4.0" = Intellisync Lite
"IrfanView" = IrfanView (remove only)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MoodLogic" = MoodLogic
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MySpaceIM" = MySpaceIM
"N360" = Norton 360
"Netscape (7.02)" = Netscape (7.02)
"Netscape Online Setup" = Netscape Internet Service Setup
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"OpenMG HotFix4.0-04-11-01-01" = OpenMG Limited Patch 4.0-04-11-01-01
"PROSet" = Intel® PRO Network Adapters and Drivers
"RealPlayer 6.0" = RealPlayer
"Remington Shoot!" = Remington Shoot!
"Silent Package Run-Time Sample" = EPSON Perf 3490 3590 Guide
"TellmeMoreV50" = TeLL me More CJ
"Uninstaller_B2DD9000_ArcSoft ShowBiz DVD 2.0" = ArcSoft ShowBiz DVD 2.0 (Shared Components)
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Welcome to VAIO life" = Welcome to VAIO life
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 7/31/2009 2:15:25 AM | Computer Name = JACKMAN | Source = Application Hang | ID = 1002
Description = Hanging application iTunes.exe, version 8.2.1.6, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/8/2009 6:05:31 PM | Computer Name = JACKMAN | Source = Microsoft Management Console | ID = 1000
Description =
Error - 8/8/2009 6:05:47 PM | Computer Name = JACKMAN | Source = Microsoft Management Console | ID = 1001
Description =
Error - 8/17/2009 12:46:36 AM | Computer Name = JACKMAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10b.ocx, version 10.0.22.87, fault address 0x00077650.
Error - 8/20/2009 1:51:52 AM | Computer Name = JACKMAN | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10b.ocx, version 10.0.22.87, fault address 0x000bc267.
Error - 8/20/2009 6:36:42 PM | Computer Name = JACKMAN | Source = Application Error | ID = 1000
Description = Faulting application itunes.exe, version 8.2.1.6, faulting module
quicktime.qts, version 7.62.14.0, fault address 0x00164d10.
Error - 8/20/2009 6:36:46 PM | Computer Name = JACKMAN | Source = Application Error | ID = 1001
Description = Fault bucket 1367947143.
Error - 8/25/2009 5:43:29 PM | Computer Name = JACKMAN | Source = Application Hang | ID = 1002
Description = Hanging application HSLoader.exe, version 2009.7.0.18, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 8/26/2009 2:24:34 AM | Computer Name = JACKMAN | Source = Application Error | ID = 1000
Description = Faulting application mcui32.exe, version 16.7.2.10, faulting module
symhtml.dll, version 3.5.0.43, fault address 0x00028304.
Error - 8/26/2009 10:58:31 PM | Computer Name = JACKMAN | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.5-kb963707,
P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10
0.
[ System Events ]
Error - 8/26/2009 11:01:50 PM | Computer Name = JACKMAN | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%3
Error - 8/26/2009 11:33:34 PM | Computer Name = JACKMAN | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 8/26/2009 11:33:39 PM | Computer Name = JACKMAN | Source = Service Control Manager | ID = 7001
Description = The VAIO Entertainment File Import Service service depends on the
VAIO Entertainment Database Service service which failed to start because of the
following error: %%1068
Error - 8/26/2009 11:33:39 PM | Computer Name = JACKMAN | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%3
Error - 8/26/2009 11:33:39 PM | Computer Name = JACKMAN | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx86 ccHP DMICall eeCtrl Fips IDSxpx86 intelppm SASDIFSV SASKUTIL SRTSPX SYMTDI
Error - 8/26/2009 11:33:54 PM | Computer Name = JACKMAN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 8/26/2009 11:37:13 PM | Computer Name = JACKMAN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 8/26/2009 11:37:42 PM | Computer Name = JACKMAN | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 8/26/2009 11:39:17 PM | Computer Name = JACKMAN | Source = SRService | ID = 104
Description = The System Restore initialization process failed.
Error - 8/26/2009 11:39:54 PM | Computer Name = JACKMAN | Source = Service Control Manager | ID = 7023
Description = The System Restore Service service terminated with the following error:
%%3
< End of report >