Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

SLOOOW processing IE8 not responding

Started by jojobob , Jan 15 2010 10:25 AM

  • Please log in to reply

#1
jojobob
Posted 15 January 2010 - 10:25 AM

jojobob

    Member

  • Member
  • PipPip
  • 13 posts
This is my husband's computer. I have cleaned it up via your malware guide. (THANK YOU!), but it still runs depressingly slow and IE8 bogs down and becomes nonresponsive. Ideas? We have google toolbar and norton 360.

Following is OTL log, GMER and MBAM.
Please repost if I am in the wrong forum. I'd love to learn how to maintain a clean computer.

XP 2002 svc pack 3
64 processor 3200+
1.99 GHz 512 RAM

OTL Extras logfile created on: 1/15/2010 7:12:17 AM - Run 1
OTL by OldTimer - Version 3.1.24.1 Folder = C:\Documents and Settings\Steve Burkett\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 56.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 26.75 Gb Free Space | 47.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PARLAP02
Current User Name: Steve Burkett
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ACT\ACT for Windows\Act8.exe" = C:\Program Files\ACT\ACT for Windows\Act8.exe:*:Enabled:ACT! 8.x/2006 -- (Sage Software SB, Inc)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\ACT\ACT for Windows\Act8.exe" = C:\Program Files\ACT\ACT for Windows\Act8.exe:*:Enabled:ACT! 8.x/2006 -- (Sage Software SB, Inc)
"C:\Program Files\MSN Messenger\msnmsgr.exe" = C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 -- File not found
"C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found
"C:\Program Files\Windows Media Player\wmplayer.exe" = C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Home & Business 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Palm\Hotsync.exe" = C:\Program Files\Palm\Hotsync.exe:*:Enabled:HotSync® Manager Application -- (PalmSource, Inc)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E22217-0E96-4C3F-B831-83AA942B7715}" = UserGuides
"{072D2077-9E22-4F7F-B817-A92CA6CCC843}" = iriver Music Manager
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 17
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3192A00C-7336-48C6-8BD7-54B9CFA6F7C1}" = Windows Rights Management Client
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37A89DF0-5DD6-48BB-BC34-0CEB2A9E6F63}" = LS_HSI
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 1.01 A3
"{492724FC-3B26-46B4-824F-3CE2722D9AA0}" = Apple Software Update
"{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}" = Adobe® Photoshop® Album Starter Edition 3.0
"{534AA552-E1F1-4965-B2AA-FBDEB0730D60}" = muvee autoProducer 4.0 - SE
"{5B39603F-2A77-40E6-950D-ED7B8307933D}" = Microsoft IntelliPoint 5.3
"{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2
"{625A04D4-47DB-40C1-A8C9-4556AAA24894}" = Principia
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{80739A1E-68C7-4DC2-ABA7-F78139CD28A7}" = Microsoft Office Live Meeting 2005
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"{812A8682-4387-11D7-B10D-0001022C9950}" = TD AMERITRADE Statements/Confirmations Manager
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{95C42225-F0E2-4480-AD65-560D854F252E}" = Palm Desktop by ACCESS
"{967D588C-9B96-40C9-A222-DCD6922563CA}" = Apple Mobile Device Support
"{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = TIxx21
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update
"{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update
"{AC76BA86-0000-7EC8-7489-000000000605}" = Adobe Acrobat and Reader 6.0.5 Update
"{AC76BA86-0000-7EC8-7489-000000000606}" = Adobe Acrobat and Reader 6.0.6 Update
"{AC76BA86-1033-0000-BA7E-000000000001}" = Adobe Acrobat 6.0.1 Standard
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.5
"{AC76BA86-7AD7-1033-7B44-A81300000003}_814" = KB408682
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AFF1EA96-9C23-4249-B7D4-CD4B54D4582F}" = TurboTax ItsDeductible 2006
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}" = Brother MFL-Pro Suite
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.10 B3
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{E0219810-16E4-437D-9165-93D7B22524F9}" = iTunes
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Windows Rights Management Client Backwards Compatibility
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED386A62-2BA2-4544-A723-5DFFDC283F6A}" = Mobipocket Reader 6.0
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"ActiveScan 2.0" = Panda ActiveScan 2.0
"ActiveTouchMeetingClient" = WebEx
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C" = Data Fax SoftModem with SmartCP
"Conexant PCI Audio" = Conexant AC-Link Audio
"ERUNT_is1" = ERUNT 1.1j
"hp deskjet 5550 series" = hp deskjet 5550 series (Remove only)
"hp instant support" = hp instant support
"HP Pavillion zv6000 User Guides" = HP Pavillion zv6000 User Guides
"HP Photo Printing Software" = HP Photo Printing Software
"hp print screen utility" = hp print screen utility
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Easy Internet Sign-up
"InstallShield_{96C0E73B-8813-4F4A-9EA1-D407C27AA1A1}" = Texas Instruments PCIxx21/x515 drivers.
"InterActual Player" = InterActual Player
"Lexia Reading 6.0.2" = Lexia Reading
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MLUpdater" = iRiver Updater
"Money2005b" = Microsoft Money 2005
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSNINST" = MSN
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Principia" = Principia
"RealPlayer 12.0" = RealPlayer
"RegistryBooster 2_is1" = Uniblue RegistryBooster 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TurboTax 2008" = TurboTax 2008
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"TurboTax Home & Business 2007" = TurboTax Home & Business 2007
"TurboTax Premier 2005" = TurboTax Premier 2005
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Digital Editions" = Adobe Digital Editions
"Adobe Reader for Palm OS" = Adobe Reader for Palm OS, 3.05
"GoToMeeting" = GoToMeeting 4.1.0.366
"Intelore - PST Password Recovery" = PST Password Recovery v1.0 (remove only)
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/9/2009 9:02:22 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application IDriver.exe, version 8.1.0.293, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2009 12:27:23 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application prncp40.exe, version 4.0.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2009 12:27:23 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application prncp40.exe, version 4.0.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 10/14/2009 12:28:22 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application prncp40.exe, version 4.0.0.1, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 1/14/2010 1:42:51 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/14/2010 1:44:44 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/14/2010 2:03:20 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/14/2010 2:03:44 AM | Computer Name = PARLAP02 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 1/15/2010 1:53:08 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 1/15/2010 1:53:09 AM | Computer Name = PARLAP02 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 1/15/2010 1:05:54 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7000
Description = The HP Pci Information service failed to start due to the following
error: %%3

Error - 1/15/2010 1:09:15 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The Ati HotKey Poller service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/15/2010 1:09:15 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 1/15/2010 1:09:15 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The Intuit Update Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 1/15/2010 1:09:15 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/15/2010 1:09:16 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 1/15/2010 1:09:17 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The Viewpoint Manager Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 1/15/2010 1:09:18 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7034
Description = The HP WMI Interface service terminated unexpectedly. It has done
this 1 time(s).

Error - 1/15/2010 1:09:19 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7031
Description = The Google Software Updater service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 900000 milliseconds:
Restart the service.

Error - 1/15/2010 1:12:48 AM | Computer Name = PARLAP02 | Source = Service Control Manager | ID = 7000
Description = The HP Pci Information service failed to start due to the following
error: %%3


< End of report >
OTL logfile created on: 1/15/2010 7:12:17 AM - Run 1
OTL by OldTimer - Version 3.1.24.1 Folder = C:\Documents and Settings\Steve Burkett\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 56.00 Mb Available Physical Memory | 11.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 55.00% Paging File free
Paging file location(s): c:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 26.75 Gb Free Space | 47.86% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PARLAP02
Current User Name: Steve Burkett
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/15 07:06:23 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/14 21:28:13 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\OTL.exe
PRC - [2010/01/13 20:58:28 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2010/01/13 20:58:27 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/12/15 11:24:48 | 00,293,376 | ---- | M] () -- C:\Documents and Settings\Steve Burkett\Local Settings\Temp\Temporary Directory 1 for gmer.zip\gmer.exe
PRC - [2009/09/24 05:19:51 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/08/22 00:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
PRC - [2008/12/08 14:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
PRC - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/03 18:28:08 | 01,392,640 | ---- | M] (PalmSource, Inc) -- C:\Program Files\Palm\Hotsync.exe
PRC - [2007/07/31 17:11:06 | 00,106,496 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2007/07/17 13:27:20 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/06/29 05:24:52 | 00,286,720 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2007/01/29 20:12:14 | 00,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007/01/04 13:38:18 | 00,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2005/08/23 18:26:00 | 00,380,928 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2005/08/05 20:05:00 | 00,344,064 | ---- | M] (ATI Technologies, Inc.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
PRC - [2005/05/31 15:20:36 | 00,053,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2005/04/11 14:21:02 | 00,794,624 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/03/23 15:26:09 | 00,217,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2005/03/04 11:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\Shared\hpqwmi.exe
PRC - [2005/02/16 15:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/02/02 04:12:22 | 00,102,492 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2005/02/02 04:11:12 | 00,692,316 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2004/12/03 12:24:20 | 00,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2004/06/03 00:51:27 | 00,172,032 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliType Pro\type32.exe


========== Modules (SafeList) ==========

MOD - [2010/01/14 21:28:13 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\OTL.exe
MOD - [2009/08/22 00:26:04 | 00,419,696 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\3.5.2.11\asOEHook.dll
MOD - [2005/02/02 04:12:14 | 00,069,724 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (SQLAgent$ACT7)
SRV - [2010/01/13 20:58:27 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/08/22 00:26:07 | 00,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe -- (N360)
SRV - [2009/04/28 22:27:32 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/10/10 04:45:26 | 00,013,088 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2008/04/13 16:12:02 | 00,065,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\nwwks.dll -- (NWCWorkstation)
SRV - [2007/07/31 17:44:34 | 00,501,048 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2007/07/31 17:11:06 | 00,106,496 | ---- | M] (Apple, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2005/08/23 18:26:00 | 00,380,928 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2005/05/31 15:20:36 | 00,053,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/03/04 11:16:18 | 00,098,304 | R--- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files\HPQ\Shared\hpqwmi.exe -- (hpqwmi)
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/?p...age=1&refresh=3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/15 07:06:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/15 07:06:57 | 00,000,000 | ---D | M]

[2009/07/13 11:13:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Mozilla\Extensions
[2010/01/13 23:29:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Mozilla\Firefox\Profiles\wpm2p62y.default\extensions
[2010/01/15 07:07:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/03/31 21:47:26 | 00,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/07/31 17:44:28 | 00,069,632 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npitunes.dll

O1 HOSTS File: (909 bytes) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [HotSync] C:\Program Files\PalmSource\Desktop\HotSync.exe File not found
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe (PalmSource, Inc)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Principia Online Update.lnk = C:\Program Files\Morningstar\Principia\schedupd.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: RJ VPN Test - {D7721A38-ABCD-3586-DCAB-40E2A90F3736} - C:\Program Files\Common Files\vpn-ping.exe (bdobson)
O9 - Extra 'Tools' menuitem : VPN Test for Raymond James - {D7721A38-ABCD-3586-DCAB-40E2A90F3736} - C:\Program Files\Common Files\vpn-ping.exe (bdobson)
O9 - Extra Button: RJ Remote - {D7721A38-ABCD-3586-DCAB-40E2A90F3737} - File not found
O9 - Extra 'Tools' menuitem : Raymond James Support - {D7721A38-ABCD-3586-DCAB-40E2A90F3737} - File not found
O9 - Extra Button: Raymond James VPN - {D7721A38-ABCD-3586-DCAB-40E2A90F3738} - File not found
O9 - Extra 'Tools' menuitem : Raymond James VPN - {D7721A38-ABCD-3586-DCAB-40E2A90F3738} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft....k/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h50203.www5.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {25D9AA40-ED39-11D2-A038-009027078284} https://www1.advisor...ldownloader.cab (UrlDownloader Class)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1173654685015 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1134921454046 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://naplia.webex...ing/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {FFFFFFFF-CAFE-BABE-BABE-00AA0055595A} http://www.networkso...rueSwitchEC.exe (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve Burkett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve Burkett\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/05/17 15:31:49 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006/05/17 15:31:01 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - C:\WINDOWS\system32\nwwks.dll (Microsoft Corporation)
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17173478272663552)

========== Files/Folders - Created Within 14 Days ==========

[2010/01/14 21:28:07 | 00,544,256 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\OTL.exe
[2010/01/14 07:35:47 | 00,000,000 | ---D | C] -- C:\Program Files\Lexia
[2010/01/13 23:45:26 | 22,873,5299 | ---- | C] (Lexia Learning Systems, Inc.) -- C:\Documents and Settings\Steve Burkett\Desktop\LexiaReading_6.0.2_us.exe
[2010/01/13 21:20:04 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2010/01/13 18:41:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Steve Burkett\Application Data\Malwarebytes
[2010/01/13 18:41:46 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/13 18:41:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/01/13 18:41:42 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/13 18:41:42 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/13 18:41:06 | 05,115,840 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Burkett\Desktop\mbam-setup.exe
[2010/01/13 18:40:19 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/01/13 18:39:44 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/01/13 18:38:39 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Steve Burkett\Desktop\erunt_setup.exe
[2010/01/13 17:31:26 | 00,439,808 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\TFC.exe
[2009/08/27 21:26:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Share-to-Web Upload Folder
[2009/08/19 06:45:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Downloaded Installations
[2008/08/20 06:18:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/03/27 17:20:13 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/09/21 10:07:18 | 00,063,307 | ---- | C] (bdobson) -- C:\Program Files\Common Files\vpn-ping.exe
[2005/05/11 19:31:50 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2005/05/11 19:31:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

========== Files - Modified Within 14 Days ==========

[2010/01/14 21:28:13 | 00,544,256 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\OTL.exe
[2010/01/14 21:24:52 | 00,284,915 | ---- | M] () -- C:\Documents and Settings\Steve Burkett\Desktop\gmer.zip
[2010/01/14 21:12:07 | 00,001,396 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/01/14 21:11:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/01/14 21:11:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/01/14 21:11:31 | 53,535,1296 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/14 21:10:12 | 10,223,616 | -H-- | M] () -- C:\Documents and Settings\Steve Burkett\NTUSER.DAT
[2010/01/14 21:10:12 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Steve Burkett\ntuser.ini
[2010/01/14 16:12:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/01/14 07:57:39 | 00,000,467 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/01/14 07:48:53 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\Steve Burkett\Desktop\Lexia Reading.lnk
[2010/01/13 23:47:07 | 22,873,5299 | ---- | M] (Lexia Learning Systems, Inc.) -- C:\Documents and Settings\Steve Burkett\Desktop\LexiaReading_6.0.2_us.exe
[2010/01/13 22:08:43 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/01/13 18:41:49 | 00,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/13 18:41:06 | 05,115,840 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Steve Burkett\Desktop\mbam-setup.exe
[2010/01/13 18:39:45 | 00,000,611 | ---- | M] () -- C:\Documents and Settings\Steve Burkett\Desktop\NTREGOPT.lnk
[2010/01/13 18:39:45 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Steve Burkett\Desktop\ERUNT.lnk
[2010/01/13 18:38:42 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Steve Burkett\Desktop\erunt_setup.exe
[2010/01/13 17:31:27 | 00,439,808 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve Burkett\Desktop\TFC.exe
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/01/05 20:56:58 | 00,463,860 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/01/05 20:56:57 | 00,080,524 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/01/05 20:56:55 | 00,554,040 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

========== Files Created - No Company Name ==========

[2010/01/14 21:24:47 | 00,284,915 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Desktop\gmer.zip
[2010/01/14 07:48:53 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Desktop\Lexia Reading.lnk
[2010/01/13 18:41:49 | 00,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/13 18:39:45 | 00,000,611 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Desktop\NTREGOPT.lnk
[2010/01/13 18:39:45 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Desktop\ERUNT.lnk
[2009/03/06 22:14:48 | 00,000,165 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/01/31 08:09:10 | 00,000,094 | ---- | C] () -- C:\WINDOWS\family.ini
[2007/12/13 10:59:15 | 00,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2007/10/28 18:15:34 | 00,000,467 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/10/28 18:15:34 | 00,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/10/28 18:13:15 | 00,001,069 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2007/10/28 18:13:15 | 00,000,153 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2007/10/28 18:09:31 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2007/10/28 18:09:30 | 00,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2007/10/28 18:09:04 | 00,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2007/10/28 18:09:02 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2007/10/28 18:05:24 | 00,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2007/09/13 20:57:10 | 00,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/03/05 12:34:28 | 00,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/01/24 08:39:36 | 00,004,096 | -H-- | C] () -- C:\Documents and Settings\Steve Burkett\Local Settings\Application Data\keyfile3.drm
[2006/11/17 11:34:40 | 00,099,712 | ---- | C] () -- C:\WINDOWS\HPBroker.dll
[2006/05/25 20:49:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/05/17 11:02:48 | 00,001,453 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Application Data\WA401Prospects51806_ActObjectCreationResults.txt
[2006/05/09 15:19:56 | 00,001,453 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Application Data\WA401Prospectsbackup592006_ActObjectCreationResults.txt
[2006/03/29 14:21:54 | 00,001,453 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Application Data\WA401ProspectsBackup032906_ActObjectCreationResults.txt
[2006/03/22 15:18:03 | 00,004,096 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ScheduledItems
[2006/03/22 14:50:22 | 00,000,056 | RHS- | C] () -- C:\WINDOWS\System32\C61D865087.sys
[2006/03/22 14:50:21 | 00,001,890 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/22 14:44:17 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Local Settings\Application Data\fusioncache.dat
[2006/03/03 09:59:36 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2006/01/31 14:46:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2006/01/29 00:42:05 | 00,001,150 | ---- | C] () -- C:\WINDOWS\APDFPRP.INI
[2006/01/29 00:35:43 | 00,000,618 | ---- | C] () -- C:\WINDOWS\apdfpr.ini
[2006/01/03 15:54:58 | 00,002,720 | ---- | C] () -- C:\WINDOWS\DevMgr.ini
[2006/01/03 15:52:10 | 00,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
[2005/12/15 10:44:37 | 00,000,636 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/15 07:08:45 | 00,006,656 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/12/15 07:04:41 | 00,000,048 | ---- | C] () -- C:\WINDOWS\FileNamesinQueue.ini
[2005/12/13 22:17:14 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Steve Burkett\Application Data\wklnhst.dat
[2005/05/11 20:02:36 | 00,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/05/11 20:02:36 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/05/11 20:02:35 | 00,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/05/11 20:02:35 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/05/11 20:02:35 | 00,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/05/11 20:02:35 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/05/11 19:49:08 | 00,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/12 00:33:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 05:16:44 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 05:10:08 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/13 11:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2006/03/22 14:39:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACT
[2006/03/27 15:32:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Best Software
[2009/01/31 08:33:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2005/05/11 20:08:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/07/31 08:29:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2006/03/27 16:00:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sage Software SB, Inc
[2007/10/28 18:05:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2007/02/10 06:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/02/03 15:22:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009/08/19 06:45:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2009/10/09 04:37:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\ACT
[2007/01/24 10:30:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\eFax Messenger
[2009/01/31 08:09:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\HotSync
[2005/12/13 23:00:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\InterVideo
[2006/03/22 14:50:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\IsolatedStorage
[2006/01/29 02:01:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Leadertech
[2007/08/13 21:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Mobipocket
[2005/12/15 07:12:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Mobipocket Reader
[2008/04/28 18:46:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Morningstar
[2005/12/13 22:12:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\MSNInstaller
[2006/01/31 14:46:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\muvee Technologies
[2007/08/13 21:05:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\OverDrive
[2007/10/30 19:32:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\PC-FAX TX
[2005/12/13 22:17:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Template
[2008/05/24 14:36:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Uniblue
[2007/02/10 06:17:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\Viewpoint
[2009/09/17 10:27:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Steve Burkett\Application Data\webex
[2010/01/14 16:12:00 | 00,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.exe >
[2004/03/10 13:16:33 | 00,077,824 | ---- | M] (Moodlogic) -- C:\catgen.exe
[2004/07/01 13:20:20 | 00,212,992 | ---- | M] (Moodlogic) -- C:\Updater.exe


< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/08/19 08:05:34 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/08/19 08:05:34 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/04 04:00:00 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004/08/04 04:00:00 | 18,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/08/19 08:05:34 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/08/19 08:05:34 | 23,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:00:00 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 04:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2005/04/25 07:28:14 | 00,871,040 | ---- | M] (Intel Corporation) MD5=D593517879E65167DF35F6015814AC59 -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 04:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATABUS.SYS >
[2005/05/17 14:45:08 | 00,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
[2005/05/17 14:45:08 | 00,092,800 | ---- | M] (NVIDIA Corporation) MD5=DCE353985C988BFB7E84FD942068151F -- C:\WINDOWS\system32\drivers\NvAtaBus.sys

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Steve Burkett\Desktop\ParServerConnect.cmd:SummaryInformation
< End of report >
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-15 08:17:18
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\STEVEB~1\LOCALS~1\Temp\uxlyapod.sys


---- System - GMER 1.0.15 ----

SSDT 8246AAC0 ZwAlertResumeThread
SSDT 8246AB80 ZwAlertThread
SSDT 82447510 ZwAllocateVirtualMemory
SSDT 82467CE0 ZwAssignProcessToJobObject
SSDT 826BE5E0 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xEEF9F130]
SSDT 8244AC70 ZwCreateMutant
SSDT 82442AE8 ZwCreateSymbolicLinkObject
SSDT 824682F8 ZwCreateThread
SSDT 824127F0 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xEEF9F3B0]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xEEF9F910]
SSDT 82411A50 ZwDuplicateObject
SSDT 82794F38 ZwFreeVirtualMemory
SSDT 8244AD40 ZwImpersonateAnonymousToken
SSDT 8246AA00 ZwImpersonateThread
SSDT 826DEEC0 ZwLoadDriver
SSDT 82794E58 ZwMapViewOfSection
SSDT 82460978 ZwOpenEvent
SSDT 82448E50 ZwOpenProcess
SSDT 824475E0 ZwOpenProcessToken
SSDT 824129B8 ZwOpenSection
SSDT 82411B20 ZwOpenThread
SSDT 82442BB8 ZwProtectVirtualMemory
SSDT 82449CF0 ZwResumeThread
SSDT 82432BC0 ZwSetContextThread
SSDT 82450AB0 ZwSetInformationProcess
SSDT 82412890 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xEEF9FB60]
SSDT 824608B8 ZwSuspendProcess
SSDT 82432A40 ZwSuspendThread
SSDT 82432058 ZwTerminateProcess
SSDT 82432B00 ZwTerminateThread
SSDT 82450B80 ZwUnmapViewOfSection
SSDT 82447440 ZwWriteVirtualMemory

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9040111900063D11C8EF10054038389C\Usage@HandWritingFiles 1009678453

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\Steve Burkett\My Documents\MBS & ADP Temp\My Pictures\MBS & ADP II\20051212_090100_My Documents\C\Documents and Settings\sburkett.MBS\My Documents\ADP\Investing\Steve's Accounts\Steve's Rollover IRA\Statements\2001\July 2001_files\IMAGES~2.HTM 583 bytes
File C:\Documents and Settings\Steve Burkett\My Documents\MBS & ADP Temp\My Pictures\MBS & ADP II\20051212_090100_My Documents\C\Documents and Settings\sburkett.MBS\My Documents\ADP\Investing\Steve's Accounts\Steve's Rollover IRA\Statements\2001\July 2001_files\IMAGES~4.HTM 10121 bytes
File C:\Documents and Settings\Steve Burkett\My Documents\MBS & ADP Temp\My Pictures\MBS & ADP II\20051212_090100_My Documents\C\Documents and Settings\sburkett.MBS\My Documents\ADP\Investing\Steve's Accounts\Steve's Rollover IRA\Statements\2001\July 2001_files\IMAGES~6.HTM 5413 bytes
File C:\Documents and Settings\Steve Burkett\My Documents\MBS & ADP Temp\My Pictures\MBS & ADP II\20051212_090100_My Documents\C\Documents and Settings\sburkett.MBS\My Documents\ADP\Investing\Steve's Accounts\Steve's Rollover IRA\Statements\2001\July 2001_files\tdw.css 5492 bytes

---- EOF - GMER 1.0.15 ----
Malwarebytes' Anti-Malware 1.44
Database version: 3557
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/13/2010 8:29:45 PM
mbam-log-2010-01-13 (20-29-45).txt

Scan type: Quick Scan
Objects scanned: 140166
Time elapsed: 14 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\setup.player (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\setup.player.2k2 (Spyware.MarketScore) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35b7e48b-9d81-4c6c-9578-5fd4f620d886} (Spyware.MarketScore) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements

#2
jojobob
Posted 15 January 2010 - 11:10 AM

jojobob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Event viewer errors are attached....and CRASH dumps below...

Just trying to give you more information to help me...

Vino's Event Viewer v01c run on Windows XP in English
Report run at 15/01/2010 8:54:14 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 14/01/2010 9:53:09 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 14/01/2010 9:53:08 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 13/01/2010 10:03:44 PM
Type: error Category: 100
Event: 1000 Source: Application Error
Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Log: 'Application' Date/Time: 13/01/2010 10:03:20 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 13/01/2010 9:44:44 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Log: 'Application' Date/Time: 13/01/2010 9:42:51 PM
Type: error Category: 101
Event: 1002 Source: Application Hang
Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
No 'Application' log warning events found from 13/01/2010 to 15/01/2010

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/01/2010 9:12:48 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 14/01/2010 9:09:19 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Google Software Updater service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.

Log: 'System' Date/Time: 14/01/2010 9:09:18 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The HP WMI Interface service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:09:17 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:09:16 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:09:15 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:09:15 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:09:15 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 14/01/2010 9:09:15 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 14/01/2010 9:05:54 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 14/01/2010 9:03:37 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP WMI Interface service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 14/01/2010 9:03:37 PM
Type: error Category: 0
Event: 7009 Source: Service Control Manager
Timeout (30000 milliseconds) waiting for the HP WMI Interface service to connect.

Log: 'System' Date/Time: 14/01/2010 9:03:36 PM
Type: error Category: 0
Event: 10005 Source: DCOM
DCOM got error "%1053" attempting to start the service hpqwmi with arguments "-Service" in order to run the server: {7DC5B2D7-CACC-47F2-836E-4DF85F026072}

Log: 'System' Date/Time: 14/01/2010 9:02:31 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 13/01/2010 10:21:00 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 13/01/2010 9:48:12 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 13/01/2010 8:33:18 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 13/01/2010 8:29:13 PM
Type: error Category: 0
Event: 8032 Source: BROWSER
The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The backup browser is stopping.

Log: 'System' Date/Time: 13/01/2010 5:36:13 PM
Type: error Category: 0
Event: 7000 Source: Service Control Manager
The HP Pci Information service failed to start due to the following error: The system cannot find the path specified.

Log: 'System' Date/Time: 13/01/2010 5:31:47 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The HP WMI Interface service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 13/01/2010 5:31:46 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 13/01/2010 5:31:45 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 13/01/2010 5:31:45 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Log: 'System' Date/Time: 13/01/2010 5:31:45 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Viewpoint Manager Service service terminated unexpectedly. It has done this 1 time(s).

Log: 'System' Date/Time: 13/01/2010 5:31:45 PM
Type: error Category: 0
Event: 7031 Source: Service Control Manager
The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Log: 'System' Date/Time: 13/01/2010 5:31:41 PM
Type: error Category: 0
Event: 7034 Source: Service Control Manager
The Ati HotKey Poller service terminated unexpectedly. It has done this 1 time(s).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 14/01/2010 11:59:20 AM
Type: warning Category: 0
Event: 36 Source: W32Time
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

Log: 'System' Date/Time: 14/01/2010 6:38:04 AM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\STEVE-PC on the network \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The data is the error code.

Log: 'System' Date/Time: 14/01/2010 4:10:56 AM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\STEVE-PC on the network \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The data is the error code.

Log: 'System' Date/Time: 14/01/2010 1:09:03 AM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\STEVE-PC on the network \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The data is the error code.

Log: 'System' Date/Time: 13/01/2010 7:25:34 PM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\STEVE-PC on the network \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The data is the error code.

Log: 'System' Date/Time: 13/01/2010 5:08:30 PM
Type: warning Category: 0
Event: 8021 Source: BROWSER
The browser was unable to retrieve a list of servers from the browser master \\STEVE-PC on the network \Device\NetBT_Tcpip_{52B1BB60-02EF-40DD-8571-B5F4AD5B352B}. The data is the error code.


--------------------------------------------------------------------------------
Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


On Mon 9/28/2009 8:47:27 PM your computer crashed
This was likely caused by the following module: ntfs.sys
Bugcheck code: 0x24 (0x1902FE, 0xF8945940, 0xF894563C, 0xF8230AE8)
Error: NTFS_FILE_SYSTEM
Dump file: C:\WINDOWS\Minidump\Mini092809-01.dmp
file path: C:\WINDOWS\system32\drivers\ntfs.sys
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT File System Driver
The crash took place in a standard Microsoft module. Your system configuration may be incorrect, possibly the culprit may be another driver on your system which cannot be identified at this time.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP