Author Topic: High CPU Usage (Read 737 times)

cwohayes · « **on:** December 22, 2010, 07:19:02 AM »

I noticed that my Internet Explorer was causing 50% or greater CPU usage and several applications that use Explorer were very slow. Did a Malwarebytes scan and found several Hijacker files. Deleted them but am still seeing high CPU usage and am concerned something else is there and some damage might have been done.

guestolo · « **Reply #1 on:** December 22, 2010, 10:05:42 PM »

Please don't upload your logs unless requested
Let's start from the beginning
Download [color="#FF0000"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it
Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.

In addition:

Quote

Did a Malwarebytes scan and found several Hijacker
files

Open Malwarebytes Antimalware
Click on the LOGS tab
open the latest log and post it's contents please

cwohayes · « **Reply #2 on:** December 23, 2010, 03:18:06 PM »

My apologies, I was just trying to be proactive. Attached files as requested.
Nope, I asked you not to upload the files unless requested, much easier following along if you just copy/paste the logs to a reply back here

OTL logfile created on: 12/23/2010 3:03:10 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop\antivirus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 73.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 4222 4222 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 184.25 Gb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 203.94 Gb Free Space | 68.42% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/23 15:02:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\antivirus\OTL.exe
PRC - [2010/12/14 15:02:18 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/23 00:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2009/12/20 10:46:50 | 001,123,008 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2009/11/01 21:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/09/28 16:56:18 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/06/07 07:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2009/02/13 21:44:24 | 000,315,392 | ---- | M] () -- C:\Program Files\SentryPlus\UPS-Service.exe
PRC - [2009/02/12 11:05:44 | 000,081,920 | ---- | M] () -- C:\Program Files\SentryPlus\UPS-Status.exe
PRC - [2008/10/31 20:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/10/07 23:41:36 | 000,023,552 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe
PRC - [2008/10/07 23:37:38 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/11 20:05:27 | 000,558,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/08/06 03:08:06 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/07/23 15:43:42 | 000,057,344 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
PRC - [2007/03/26 15:45:26 | 002,111,080 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
PRC - [2007/03/26 15:45:20 | 001,582,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe
PRC - [2007/02/01 11:13:06 | 000,094,208 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
PRC - [2007/01/30 00:39:34 | 001,432,064 | ---- | M] (Phoenix Labs) -- C:\Program Files\PeerGuardian2\pg2.exe
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/12/12 09:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
PRC - [2006/12/05 15:39:22 | 000,136,752 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2006/12/05 15:38:42 | 001,013,296 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006/09/11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2005/12/02 17:45:58 | 000,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/12/02 17:45:54 | 000,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/12/02 17:45:50 | 000,052,896 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/10/28 13:12:04 | 000,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2005/10/21 18:12:22 | 000,040,960 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
PRC - [2005/10/03 11:04:04 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2005/06/20 08:42:20 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/05/04 17:17:06 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/06/18 01:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe

========== Modules (SafeList) ==========

MOD - [2010/12/23 15:02:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\antivirus\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2005/08/07 17:10:18 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL

========== Win32 Services (SafeList) ==========

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/16 16:59:11 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/23 00:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2009/12/20 10:46:50 | 001,123,008 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/07 07:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/02/21 20:37:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/02/13 21:44:24 | 000,315,392 | ---- | M] () [Auto | Running] -- C:\Program Files\SentryPlus\UPS-Service.exe -- (Sentry_Plus)
SRV - [2008/10/31 20:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/04/13 19:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 19:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2008/01/29 16:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/08/11 20:05:27 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2007/08/11 20:05:27 | 000,558,448 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/06 03:08:06 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/03/26 15:45:26 | 002,111,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe -- (Norton Save and Restore)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/12/05 15:38:42 | 001,013,296 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2005/12/02 17:45:58 | 000,169,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/12/02 17:45:54 | 000,192,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/10/03 11:04:04 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2004/03/18 18:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS -- (SYMIDS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv)
DRV - [2010/12/16 17:34:42 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101223.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 17:34:42 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101223.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101222.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/08 05:36:57 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/28 22:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/28 21:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/28 21:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/12 20:20:22 | 000,369,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1201000.025\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/06/26 23:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 05:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/20 10:46:50 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2009/01/23 09:49:08 | 000,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009/01/15 08:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/10/08 01:22:04 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2008/10/08 01:22:02 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2008/10/08 01:22:00 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2008/10/08 01:21:58 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2008/10/08 01:21:56 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2008/10/08 01:21:54 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2008/10/08 01:21:50 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2008/10/08 01:21:46 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2008/10/08 01:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2008/10/08 01:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2008/10/08 01:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2008/10/08 01:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2008/10/08 01:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2008/10/08 01:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2008/08/18 17:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/01 10:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 10:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/05/27 06:34:44 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/22 11:09:10 | 000,100,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2007/04/16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/03/26 15:45:12 | 000,144,960 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\SymSnap.sys -- (SymSnap)
DRV - [2007/03/26 15:45:10 | 000,056,232 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\V2iMount.sys -- (V2IMount)
DRV - [2007/01/30 00:16:42 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2006/11/15 14:55:38 | 000,006,272 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2006/10/08 23:01:15 | 000,089,856 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/10/08 23:01:15 | 000,016,640 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvcchflt.sys -- (nvcchflt)
DRV - [2006/10/08 22:00:02 | 000,061,952 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3114.sys -- (si3114)
DRV - [2006/04/24 16:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/02/14 16:18:52 | 000,005,632 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2005/07/26 06:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005/07/26 05:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005/06/20 09:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/10/14 04:52:28 | 000,004,962 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004/08/19 07:21:00 | 000,189,568 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/08/13 12:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2003/04/19 00:32:04 | 000,004,736 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tandpl.sys -- (tandpl)
DRV - [2003/03/02 17:44:26 | 000,007,552 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\enodpl.sys -- (enodpl)
DRV - [2001/08/17 09:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.cnn.com/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.cnn.com/"
FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.8
FF - prefs.js..extensions.enabledItems: [email protected]:3.8.0.12304
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=FWV5&o=14193&locale=en_US&apn_uid=157A286D-AAD6-4F7A-94EB-16FB83862FC7&apn_ptnrs=FM&apn_sauid=8E11D4B5-F160-4853-9879-A6A74C31E599&apn_dtid=TES001YYUS&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2010/10/08 05:50:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/27 18:15:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/27 18:15:19 | 000,000,000 | ---D | M]

[2010/07/17 17:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2009/05/28 16:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\[email protected]
[2010/07/17 17:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\[email protected]
[2010/12/14 10:01:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\z73qqxxz.default\extensions
[2009/09/26 09:25:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\z73qqxxz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/12/10 20:08:28 | 000,000,000 | ---D | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\z73qqxxz.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}
[2010/12/14 09:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\z73qqxxz.default\extensions\[email protected]
[2010/12/10 07:09:12 | 000,002,566 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\z73qqxxz.default\searchplugins\askcom.xml
[2010/12/14 10:01:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/20 19:17:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/07 11:08:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/14 18:41:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2010/09/15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2010/09/09 16:34:52 | 000,001,424 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1            activate.adobe.com
O1 - Hosts: 127.0.0.1            practivate.adobe.com
O1 - Hosts: 127.0.0.1            ereg.adobe.com
O1 - Hosts: 127.0.0.1            activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1            wip3.adobe.com
O1 - Hosts: 127.0.0.1            3dns-3.adobe.com
O1 - Hosts: 127.0.0.1            3dns-2.adobe.com
O1 - Hosts: 127.0.0.1            adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1            adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1            adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1            ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1            activate-sea.adobe.com
O1 - Hosts: 127.0.0.1            wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1            activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - Reg Error: Value error. File not found
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CTDVDDET] C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe (HP)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Norton Save and Restore] C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.DLL ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [UPS-Status] C:\Program Files\SentryPlus\UPS-Status.exe ()
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [cdloader] C:\Documents and Settings\Administrator\Application Data\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe (Phoenix Labs)
O4 - HKCU..\Run: [SmartPCTray] C:\Program Files\Smart PC Solutions\Smart PC\SmartPCTray.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15026/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (SysInfo Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1005.cab (MySpace Uploader Control)
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (DeviceEnum Class)
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} http://games.bigfishgames.com/en_dinerdash2restaura/online/DinerDash2.1.0.0.48.cab (CPlayFirstDinerDash2Control Object)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178253418109 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} http://games.bigfishgames.com/en_cinematycoon/online/cinematycoon.cab (TikGames Online Control)
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} http://games.bigfishgames.com/en_dinerdash/online/DinerDash.1.0.0.58.cab (CPlayFirstDinerDashControl Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15029/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 216.165.129.158
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/16 07:21:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/01/16 07:21:36 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{16ccb532-91cd-11de-ab8b-0015f24afff3}\Shell - "" = AutoRun
O33 - MountPoints2\{16ccb532-91cd-11de-ab8b-0015f24afff3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{16ccb532-91cd-11de-ab8b-0015f24afff3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{16ccb539-91cd-11de-ab8b-0015f24afff3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{44420022-4bcc-11de-ab61-0015f24afff3}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{802a80ca-93ff-11de-ab8c-0015f24afff3}\Shell - "" = AutoRun
O33 - MountPoints2\{802a80ca-93ff-11de-ab8c-0015f24afff3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{802a80ca-93ff-11de-ab8c-0015f24afff3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{851da12b-67b9-11d9-96e7-f8f90ee9d024}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{88623184-b971-11dd-aaf9-0015f24afff3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{88623184-b971-11dd-aaf9-0015f24afff3}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{88623184-b971-11dd-aaf9-0015f24afff3}\Shell\phone\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{b9609d1c-94ee-11de-ab8d-0015f24afff3}\Shell - "" = AutoRun
O33 - MountPoints2\{b9609d1c-94ee-11de-ab8d-0015f24afff3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b9609d1c-94ee-11de-ab8d-0015f24afff3}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{f94473ad-8a0d-11df-9682-0015f24afff3}\Shell\AutoRun\command - "" = J:\PMBP_Win.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/22 18:58:35 | 000,078,408 | ---- | C] (Zlib) -- C:\WINDOWS\System32\zlib1.dll
[2010/12/22 18:58:34 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libmfxhw32.dll
[2010/12/22 18:58:34 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\libmfxsw32.dll
[2010/12/22 18:58:34 | 001,003,008 | ---- | C] (The OpenSSL Project, http://www.openssl.org/) -- C:\WINDOWS\System32\libeay32.dll
[2010/12/20 16:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/12/20 16:26:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2010/12/20 16:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/12/15 14:15:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Wedding Info
[2010/12/15 03:46:17 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010/12/15 03:45:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/12/14 21:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Ashley b day
[2010/12/11 15:40:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/12/07 22:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/11/30 07:14:32 | 000,000,000 | ---D | C] -- C:\FREEPLAN
[2010/11/28 17:02:24 | 000,398,744 | R--- | C] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2009/12/17 18:13:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Administrator\Application Data\pcouffin.sys
[2006/08/17 13:32:46 | 000,060,928 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/23 15:01:00 | 000,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2010/12/23 14:47:00 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HP Usg Daily.job
[2010/12/23 14:21:00 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/23 08:21:00 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/22 19:18:33 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/12/22 19:01:06 | 000,000,946 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\AVS4YOU Software Navigator.lnk
[2010/12/22 16:21:48 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/22 16:20:17 | 000,263,562 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010/12/22 16:19:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/20 21:42:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/20 17:59:49 | 000,054,928 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000008-00001102-00000005-00211102}.rfx
[2010/12/20 17:59:49 | 000,054,928 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000008-00001102-00000005-00211102}.rfx
[2010/12/20 17:59:49 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000008-00001102-00000005-00211102}.rfx
[2010/12/19 15:14:00 | 000,143,872 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/19 10:17:00 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\zones.doc
[2010/12/16 03:24:56 | 002,146,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/16 03:07:00 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/07 06:32:53 | 000,466,402 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/07 06:32:53 | 000,080,000 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/12/06 20:53:53 | 001,481,412 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\engine 002.jpg
[2010/12/06 20:53:52 | 001,498,805 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\engine 001.jpg
[2010/12/06 20:10:37 | 000,162,994 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\madi2.jpg
[2010/12/06 18:35:30 | 000,035,866 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\battery.JPG
[2010/12/06 10:30:10 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/28 20:29:35 | 000,375,757 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\thegirls.jpg
[2010/11/28 20:28:48 | 000,355,590 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\madi1.jpg
[2010/11/28 20:27:46 | 000,525,151 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sumo2.jpg
[2010/11/28 20:27:46 | 000,525,151 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Copy of sumo2.jpg
[2010/11/28 20:27:08 | 000,628,021 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\sumo1.jpg
[2010/11/28 19:29:36 | 000,795,276 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\discount paper.pdf
[2010/11/28 17:02:24 | 000,398,744 | R--- | M] (Coupons, Inc.) -- C:\WINDOWS\System32\cpnprt2.cid
[2010/11/27 17:34:45 | 000,063,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\couchdog.jpg
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/22 19:01:06 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\AVS4YOU Software Navigator.lnk
[2010/12/12 21:40:04 | 000,525,151 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Copy of sumo2.jpg
[2010/12/07 22:11:07 | 000,000,900 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/07 22:11:07 | 000,000,896 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/07 11:19:12 | 001,481,412 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\engine 002.jpg
[2010/12/07 11:19:04 | 001,498,805 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\engine 001.jpg
[2010/12/06 20:10:35 | 000,162,994 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\madi2.jpg
[2010/12/06 18:35:30 | 000,035,866 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\battery.JPG
[2010/11/28 20:29:33 | 000,375,757 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\thegirls.jpg
[2010/11/28 20:28:47 | 000,355,590 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\madi1.jpg
[2010/11/28 20:27:43 | 000,525,151 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sumo2.jpg
[2010/11/28 20:27:03 | 000,628,021 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\sumo1.jpg
[2010/11/28 19:29:36 | 000,795,276 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\discount paper.pdf
[2010/11/28 17:38:10 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\zones.doc
[2010/11/27 17:34:38 | 000,063,327 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\couchdog.jpg
[2010/10/05 17:35:50 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/10/05 17:30:48 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/09/07 14:19:56 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\winscp.rnd
[2010/09/03 06:25:30 | 000,000,223 | ---- | C] () -- C:\WINDOWS\HP PrecisionScan Pro.INI
[2010/08/04 19:01:44 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2010/05/23 15:59:34 | 000,059,924 | ---- | C] () -- C:\WINDOWS\System32\libdvdcss-2.dll
[2009/12/20 14:05:52 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Machinist2.dll
[2009/12/17 18:14:20 | 000,001,041 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\vso_ts_preview.xml
[2009/12/17 18:14:02 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.log
[2009/12/17 18:13:54 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\inst.exe
[2009/12/17 18:13:54 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.cat
[2009/12/17 18:13:54 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\pcouffin.inf
[2009/11/29 10:15:37 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2009/11/29 10:15:37 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2009/11/25 12:40:50 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/02/23 17:12:00 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008/11/28 09:38:36 | 000,003,725 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LUUnInstall.LiveUpdate
[2008/10/09 16:01:25 | 000,215,144 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2008/10/09 16:00:14 | 000,215,144 | ---- | C] () -- C:\WINDOWS\pw32a.dll
[2008/10/08 00:08:38 | 000,020,936 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2008/10/07 23:41:40 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\CtxfiRes.dll
[2008/10/07 23:41:40 | 000,002,560 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2008/10/07 13:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/09/12 21:22:40 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008/09/02 18:20:53 | 000,000,137 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/05/24 12:24:26 | 000,000,072 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2008/03/20 20:50:35 | 000,000,319 | ---- | C] () -- C:\WINDOWS\game.ini
[2008/03/17 16:09:50 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\fusioncache.dat
[2008/03/16 19:53:30 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
[2008/03/07 20:43:45 | 000,156,672 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2008/03/06 19:23:54 | 000,000,104 | ---- | C] () -- C:\WINDOWS\nTune.INI
[2008/03/02 08:22:55 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2008/03/02 08:22:55 | 000,004,962 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2008/03/02 08:22:52 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2008/03/02 08:22:52 | 000,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2008/03/02 08:16:41 | 000,006,898 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008/03/02 08:16:34 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008/03/01 17:16:57 | 000,000,347 | ---- | C] () -- C:\WINDOWS\CTWave32.INI
[2008/03/01 17:14:19 | 000,000,029 | ---- | C] () -- C:\WINDOWS\sfbm.INI
[2007/12/25 17:17:46 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2007/12/25 17:17:39 | 000,000,250 | ---- | C] () -- C:\WINDOWS\3dr.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/17 13:19:57 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\$_hpcst$.hpc
[2007/06/19 16:08:11 | 000,000,044 | ---- | C] () -- C:\WINDOWS\PhotoFantasy.ini
[2007/06/19 16:05:54 | 000,000,781 | ---- | C] () -- C:\WINDOWS\PhotoImpression.ini
[2007/06/19 08:59:36 | 000,070,400 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2007/06/06 18:02:02 | 000,003,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/05/27 11:29:49 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/05/27 11:19:32 | 000,143,872 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/05/23 20:06:44 | 000,000,549 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/05/07 22:05:41 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/05/07 21:45:02 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\$_hpcst$.hpc
[2007/05/04 20:42:27 | 000,001,117 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007/05/04 19:40:19 | 000,000,152 | ---- | C] () -- C:\WINDOWS\CoolPlay.ini
[2007/05/04 01:16:25 | 000,000,671 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2007/04/20 07:57:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007/04/20 07:57:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006/04/20 21:57:50 | 003,789,879 | ---- | C] () -- C:\WINDOWS\worker.dll
[2005/08/07 17:19:00 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2005/06/08 00:10:50 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL
[2005/04/12 12:53:44 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\P17.DLL
[2005/01/20 06:32:56 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2005/01/18 23:43:36 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2005/01/18 23:30:02 | 000,005,525 | ---- | C] () -- C:\WINDOWS\System32\Ludap17.ini
[2005/01/15 23:16:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/04/13 16:42:40 | 000,001,330 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/02 21:48:18 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\P17CPI.DLL
[2003/03/21 04:56:12 | 000,000,321 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2000/04/14 15:50:02 | 000,343,040 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[1998/06/11 12:08:06 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Administrator\Desktop\oDeskSetup.exe:SummaryInformation
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0EB1DE
@Alternate Data

cwohayes · « **Reply #3 on:** December 27, 2010, 04:24:11 PM »

Sorry, The last time I was on here was awhile back and I was asked to upload files. I guess that was stuck in my head. One of my email accounts sent out emails today that weren't from me. Maybe this is a result of the Hijacker thing? I have changed the passwords on anything I log into now. I am COPY and PASTING the files you requested. Please bear with me, I guess as I get older I get driftier...:\

OTL Extras logfile created on: 12/23/2010 3:03:10 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop\antivirus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 73.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 4222 4222 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 184.25 Gb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 203.94 Gb Free Space | 68.42% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color="#e56717"]========== Extra Registry (SafeList) ==========[/color]

[color="#e56717"]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[color="#e56717"]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color="#e56717"]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color="#e56717"]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

[color="#e56717"]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"3587:TCP" = 3587:TCP:*:Enabled:Windows Peer-to-Peer Grouping
"3540:UDP" = 3540:UDP:*:Enabled:Peer Name Resolution Protocol (PNRP)
"5353:TCP" = 5353:TCP:*:Disabled:Adobe CSI CS4

[color="#e56717"]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EA GAMES\MOHAA\MOHAA.exe" = C:\Program Files\EA GAMES\MOHAA\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault -- File not found
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Documents and Settings\Administrator\Local Settings\Temp\7zS4.tmp\SymNRT.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\7zS4.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- (Symantec Corporation)
"C:\WINDOWS\LMI33.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI33.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\Documents and Settings\Administrator\Local Settings\Temp\7zSC6.tmp\SymNRT.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\7zSC6.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe" = C:\Program Files\Common Files\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Documents and Settings\Administrator\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Administrator\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"E:\fscommand\ezWBR.exe" = E:\fscommand\ezWBR.exe:*:Enabled:ezStart for Wireless Broadband Router -- File not found
"C:\Program Files\Ubisoft\XIII\Server\XIIIEd.exe" = C:\Program Files\Ubisoft\XIII\Server\XIIIEd.exe:*:Enabled:XIIIEd -- File not found
"C:\Program Files\Ubisoft\XIII\system\XIII.exe" = C:\Program Files\Ubisoft\XIII\system\XIII.exe:*:Enabled:XIII -- File not found
"C:\WINDOWS\LMI7.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI7.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\WINDOWS\LMI8.tmp\lmi_rescue.exe" = C:\WINDOWS\LMI8.tmp\lmi_rescue.exe:*:Enabled:LogMeIn Rescue -- File not found
"C:\Program Files\PrinterShare\paConsole.exe" = C:\Program Files\PrinterShare\paConsole.exe:*:Enabled:PrinterAnywhere Console -- File not found
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- File not found
"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PCUDZLXN\umbrella-4.1.3[1].exe" = C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\PCUDZLXN\umbrella-4.1.3[1].exe:*:Enabled:Umbrella - Save your SHSH! -- File not found
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Disabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

[color="#e56717"]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06E3E953-0570-4DFF-A7B5-46114C390228}" =
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}" =
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series" = Canon MX870 series MP Drivers
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16BE87BC-69F5-4D36-8CF0-E1CB3ACD5ED3}" = HP Driver Diagnostics
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{17E96A7F-AFE3-4171-87B1-583E376319E8}" =
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}" =
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216013FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216014FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216015FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216017FB}" =
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 22
"{2722B882-AADE-45AB-93A6-E2DCAEEA8D65}" = Image Data Converter
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{32903944-19A2-418C-901D-4BBAF4C55ABA}" =
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{44267176-A318-447F-A62A-0A5FD608C34F}" =
"{48A669A9-76FA-4CA8-BFD5-00C125AC4166}" =
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4962D864-4432-4E7B-9798-E8631547034D}" = Tunebite
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}" =
"{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}" =
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{569A9538-86EC-44C3-8EE4-C68B165F2A75}" =
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" =
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}" =
"{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}" =
"{63A317D0-60A6-43FC-848A-9FE4A53B29CE}" =
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{66BCC50C-22D9-4927-9251-27FA88A32214}" =
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}" = HP Precisionscan Pro 3.1
"{6BF90A01-FA3F-42B9-A071-7D744409967E}" =
"{700932B3-A964-4878-82A2-96054622A1F7}" =
"{71813834-C5F1-4B86-907A-54CEF83EB2E2}" = PSShortcuts
"{73919E2B-725C-4FAA-8473-45E063A3575F}" =
"{748F4870-8350-11D3-B0BF-080009FB4A19}" = HP Share-to-Web
"{766273C1-A39B-47EB-ACE8-DEBDD8094BCC}" = overland
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84F573D3-0F71-4768-978A-D35310E3FBA6}" =
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86DA4628-8496-4CCC-B516-A842320B0647}" = Radiotracker
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B026740-A400-48FF-8F6B-B37C4F61C937}" =
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB300003" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB960043" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB975195" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976570" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976578v2" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB976769v2" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354" =
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB977354v2" =
"{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}" =
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0255743-165B-4BD5-8DA8-37DFB993B101}" = Norton Save and Restore
"{B20EB9BE-3795-47BA-BDD6-889593E8FD55}" =
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B28759B8-5FC6-4F56-9C6C-6EDAD36455A9}" = Roxio Media Manager
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}" =
"{B5AF6143-E738-4768-A5E6-C07C68A464A4}" =
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{B7668CA3-1AF1-11D6-B82B-004033AA2C09}" = SentryPlus
"{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}" =
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB8B979E-E336-47E7-96BC-1031C1B94561}" =
"{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}" =
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C229589D-CC1A-43FF-9507-CDED3AB85325}" =
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C559CCD6-E2B8-4C7B-9791-AB68F382F9C2}" = DirectShow Dump
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB99E420-8071-48F9-9567-4A53BE7569C4}" =
"{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}" =
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003" =
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043" =
"{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"{CEC86016-B796-4348-B93B-36C5EDEB85E1}" =
"{D0DDF9EE-C67F-368B-EB42-ECB44FD7556D}" = Adobe Photoshop.com Inspiration Browser
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{D8A544F4-AC5F-4B67-9C74-F3E976798797}" =
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC5A3749-4535-4EAD-842A-DDE976CC6B38}" = PS7900
"{DDA2B32F-EB16-4C96-A130-4E4A4C1E6B12}" = HP Software Update
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5
"{E188D820-1218-4E28-8BCA-91134C3664C2}" = Ulead VideoStudio 10
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFD8D91F-89DB-4E1E-AFE6-080798CA312E}" = Ai Selector
"{EFE26D3B-2789-4068-A5BB-77E389FAEB98}" = PSUsage
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"3DMIDI" =
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Audacity_is1" = Audacity 1.2.6
"AudELSvc" =
"AudioCS" = Creative Audio Control Panel
"AVS Audio Converter 6.2_is1" = AVS Audio Converter version 6.2
"AVS Audio Editor_is1" = AVS Audio Editor version 6.1
"AVS Audio Recorder 3.9_is1" = AVS Audio Recorder version 3.9
"AVS Disc Creator_is1" = AVS Disc Creator version 3.5
"AVS DVD Authoring_is1" = AVS DVD Authoring
"AVS DVD Copy_is1" = AVS DVD Copy version 4.1.1
"AVS Image Converter_is1" = AVS Image Converter 1.3.1.136
"AVS Media Player_is1" = AVS Media Player 4.1.2.65
"AVS Photo Editor_is1" = AVS Photo Editor
"AVS Ringtone Maker 1.6_is1" = AVS Ringtone Maker version 1.6
"AVS Screen Capture_is1" = AVS Screen Capture version 1.1.2
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS Video ReMaker_is1" = AVS Video ReMaker 3.1.2.102
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"AVSCoverEditor2_is1" = AVS Cover Editor 2.0.1.3
"AVSRegistryCleaner_is1" = AVS Registry Cleaner version 2.1
"Bejeweled Twist 1.0" = Bejeweled Twist 1.0
"BlackBerry_{CE5E3F15-320A-4865-97D3-F07227C5BB2F}" = BlackBerry Desktop Software 4.5
"Branding" =
"CADI" =
"Canon iP2600 series User Registration" = Canon iP2600 series User Registration
"Canon MX870 series User Registration" = Canon MX870 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Connection Manager" =
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Creative Audio Creation Mode Console" =
"Creative Audio Device Selection" =
"Creative Auto Tag Cleaner" =
"Creative Console Launcher Component" =
"Creative Entertainment Center" = Creative Entertainment Center
"Creative Entertainment Mode Console" =
"Creative Game Mode Console" =
"CREATIVE KARAOKE PLAYER" =
"Creative Media Toolbox" = Creative Media Toolbox
"Creative MediaSource DVD-Audio Player" =
"Creative Speaker Connection Wizard" =
"Creative Volume Panel" =
"Creative WaveStudio" =
"Diagnostics 4_5" =
"DTCLookup" = DTCLookup
"DTSNeo6 Settings" =
"DVDneXtCOPY 4 neXtTech" = DVDneXtCOPY 4 neXtTech
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EZ Vinyl/Tape Converter by MixMeister_is1" = EZ Vinyl/Tape Converter 2.1.0.9 by MixMeister
"Flash Movie Player" = Flash Movie Player 1.5
"Free-Plan" = Free-Plan
"HijackThis" = HijackThis 2.0.2
"HP Photo Printing Software" = HP Photo Printing Software
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1F86581E-AD75-4EAD-9B8C-75DC27C66632}" =
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty® - World at War™ 1.2 Patch
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"M4P MP3 Converter_is1" = M4P MP3 Converter 1.0
"Machinist 2" = Machinist 2
"Machinist2DLL" = Machinist2DLL
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mode Switcher" =
"Mozilla Firefox (3.0.12)" = Mozilla Firefox (3.0.12)
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSI30a-KB884016" =
"MSI30-Beta1" =
"MSI30-Beta2" =
"MSI30-KB884016" =
"MSI30-RC1" =
"MSI30-RC2" =
"MSI31-Beta" =
"MSI31-RC1" =
"NAV" = Norton AntiVirus
"Nero - Burning Rom!UninstallKey" =
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NeroVision!UninstallKey" =
"nik Color Efex Pro 2.0 IE" = nik Color Efex Pro 2.0 IE
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NMPUninstallKey" =
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"On Screen Display" =
"OpenAL" = OpenAL
"PCHealth" =
"PeerGuardian_is1" = PeerGuardian 2.0
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PunkBusterSvc" = PunkBuster Services
"QuickLink Mobile" = QuickLink Mobile
"RealJukebox 1.0" =
"RealPlayer 6.0" = RealPlayer
"Sevinst" =
"SFBM" =
"Shockwave" =
"Smart PC_is1" = Smart PC v4.5.1
"Smart Recorder" =
"Sound Blaster X-Fi Windows Drivers" =
"Speed Dial Utility" = Canon Speed Dial Utility
"SpywareBlaster_is1" = SpywareBlaster 4.4
"SpywareGuard_is1" = SpywareGuard v2.2
"STANDARDR" = Microsoft Office Standard 2007
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"Tablet Driver" = Tablet
"TBSB07286.TBSB07286Toolbar" = Ecobar
"THX_Console" =
"Vienna SoundFont Studio" =
"WIC" =
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"winscp3_is1" = WinSCP 4.2.9
"WMCSetup" =
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X-Fi Splash" =
"Yahoo! Messenger" = Yahoo! Messenger

[color="#e56717"]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"oDVT" = oDesk Team
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1

[color="#e56717"]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 12/17/2010 1:11:46 AM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

Error - 12/18/2010 3:31:16 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1034
Description = Load severity! The UPS is heavily loaded.

Error - 12/18/2010 9:36:04 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

Error - 12/19/2010 10:49:38 AM | Computer Name = OFFICE | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x4ec683bd.

Error - 12/19/2010 9:18:01 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

Error - 12/20/2010 6:59:22 PM | Computer Name = OFFICE | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.

Error - 12/21/2010 1:28:12 PM | Computer Name = OFFICE | Source = Application Error | ID = 1000
Description = Faulting application itunes.exe, version 10.0.1.22, faulting module
quicktime.qts, version 7.68.75.0, fault address 0x00104124.

Error - 12/21/2010 8:35:35 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

Error - 12/22/2010 6:08:44 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

Error - 12/22/2010 7:28:00 PM | Computer Name = OFFICE | Source = UPS Event | ID = 1039
Description = The battery needs to be replaced!

[ OSession Events ]
Error - 12/17/2008 8:35:19 PM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 219604
seconds with 3480 seconds of active time. This session ended with a crash.

Error - 12/19/2008 12:49:38 AM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1717
seconds with 1260 seconds of active time. This session ended with a crash.

Error - 12/19/2008 12:50:02 AM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/19/2008 12:50:28 AM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/19/2008 12:53:36 AM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 181
seconds with 180 seconds of active time. This session ended with a crash.

Error - 4/8/2009 9:00:23 PM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 693 seconds with 300 seconds of active time. This session ended with a crash.

Error - 4/8/2009 9:01:30 PM | Computer Name = OFFICE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6300.5000, Microsoft Office Version: 12.0.6215.1000. This session
lasted 63 seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/19/2010 6:41:19 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 12/19/2010 6:41:30 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
nvata nvatabus nvcchflt

Error - 12/19/2010 7:15:08 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 12/20/2010 7:02:54 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 12/20/2010 7:06:12 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NAV service.

Error - 12/20/2010 7:06:12 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NAV service.

Error - 12/21/2010 12:55:06 PM | Computer Name = OFFICE | Source = DCOM | ID = 10010
Description = The server {2692A9D5-61DF-46D5-A5A1-A6CCA921D578} did not register
with DCOM within the required timeout.

Error - 12/22/2010 5:20:14 PM | Computer Name = OFFICE | Source = Print | ID = 6161
Description = The document owned by Administrator failed to print on printer Canon
MX870 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes:
7804716. Number of bytes printed: 80. Total number of pages in the document: 1.
Number of pages printed: 0. Client machine: \\OFFICE. Win32 error code returned
by the print processor: 259 (0x103).

Error - 12/22/2010 5:21:32 PM | Computer Name = OFFICE | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher
9 service to connect.

Error - 12/22/2010 5:32:58 PM | Computer Name = OFFICE | Source = Print | ID = 6161
Description = The document owned by Administrator failed to print on printer Canon
MX870 series Printer. Data type: NT EMF 1.008. Size of the spool file in bytes:
0. Number of bytes printed: 0. Total number of pages in the document: 0. Number
of pages printed: 0. Client machine: \\OFFICE. Win32 error code returned by the
print processor: 259 (0x103).

< End of report >

OTL logfile created on: 12/23/2010 3:03:10 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Documents and Settings\Administrator\Desktop\antivirus
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 73.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 4222 4222 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 184.25 Gb Free Space | 61.81% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 203.94 Gb Free Space | 68.42% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color="#e56717"]========== Processes (SafeList) ==========[/color]

PRC - [2010/12/23 15:02:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\antivirus\OTL.exe
PRC - [2010/12/14 15:02:18 | 002,424,560 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/23 00:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe
PRC - [2009/12/20 10:46:50 | 001,123,008 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2009/11/01 21:30:00 | 002,508,104 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/09/28 16:56:18 | 000,140,640 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/06/07 07:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\nlssrv32.exe
PRC - [2009/02/13 21:44:24 | 000,315,392 | ---- | M] () -- C:\Program Files\SentryPlus\UPS-Service.exe
PRC - [2009/02/12 11:05:44 | 000,081,920 | ---- | M] () -- C:\Program Files\SentryPlus\UPS-Status.exe
PRC - [2008/10/31 20:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008/10/07 23:41:36 | 000,023,552 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\Ctxfihlp.exe
PRC - [2008/10/07 23:37:38 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTxfispi.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/11 20:05:27 | 000,558,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/08/06 03:08:06 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/07/23 15:43:42 | 000,057,344 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
PRC - [2007/03/26 15:45:26 | 002,111,080 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
PRC - [2007/03/26 15:45:20 | 001,582,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe
PRC - [2007/02/01 11:13:06 | 000,094,208 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
PRC - [2007/01/30 00:39:34 | 001,432,064 | ---- | M] (Phoenix Labs) -- C:\Program Files\PeerGuardian2\pg2.exe
PRC - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2006/12/12 09:46:52 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CtHelper.exe
PRC - [2006/12/05 15:39:22 | 000,136,752 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\TabUserW.exe
PRC - [2006/12/05 15:38:42 | 001,013,296 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Tablet.exe
PRC - [2006/09/11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2005/12/02 17:45:58 | 000,169,632 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005/12/02 17:45:54 | 000,192,160 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005/12/02 17:45:50 | 000,052,896 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005/10/28 13:12:04 | 000,155,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2005/10/21 18:12:22 | 000,040,960 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\Entertainment Center\EAXLoadr.exe
PRC - [2005/10/03 11:04:04 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2005/06/20 08:42:20 | 000,077,824 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/05/04 17:17:06 | 000,491,520 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/08/29 18:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files\SpywareGuard\sgmain.exe
PRC - [2003/08/29 10:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files\SpywareGuard\sgbhp.exe
PRC - [2003/06/18 01:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.exe

[color="#e56717"]========== Modules (SafeList) ==========[/color]

MOD - [2010/12/23 15:02:42 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\antivirus\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2005/08/07 17:10:18 | 000,007,168 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTAGENT.DLL

[color="#e56717"]========== Win32 Services (SafeList) ==========[/color]

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/08/16 16:59:11 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/07/23 00:05:56 | 000,126,904 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.1.0.37\ccSvcHst.exe -- (NAV)
SRV - [2009/12/20 10:46:50 | 001,123,008 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2009/10/09 04:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/07 07:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\nlssrv32.exe -- (nlsX86cc)
SRV - [2009/02/21 20:37:51 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/02/13 21:44:24 | 000,315,392 | ---- | M] () [Auto | Running] -- C:\Program Files\SentryPlus\UPS-Service.exe -- (Sentry_Plus)
SRV - [2008/10/31 20:04:40 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/04/13 19:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 19:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2008/01/29 16:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/08/11 20:05:27 | 003,093,872 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2007/08/11 20:05:27 | 000,558,448 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/06 03:08:06 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/03/26 15:45:26 | 002,111,080 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe -- (Norton Save and Restore)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/12/05 15:38:42 | 001,013,296 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Tablet.exe -- (TabletService)
SRV - [2005/12/02 17:45:58 | 000,169,632 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005/12/02 17:45:54 | 000,192,160 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005/10/03 11:04:04 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2005/01/31 08:45:20 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2004/03/18 18:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

[color="#e56717"]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMREDRV.SYS -- (SYMREDRV)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMIDS.SYS -- (SYMIDS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1008000.029\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\NAV\1002000.007\SYMDNS.SYS -- (SYMDNS)
DRV - File not found [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\ntcdrdrv.sys -- (ntcdrdrv)
DRV - [2010/12/16 17:34:42 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101223.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/16 17:34:42 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20101223.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20101222.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/10/08 05:36:57 | 000,126,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/28 22:33:05 | 000,666,672 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SYMEFA.SYS -- (SymEFA)
DRV - [2010/07/28 21:54:36 | 000,489,008 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NAV\1201000.025\SRTSP.SYS -- (SRTSP)
DRV - [2010/07/28 21:54:36 | 000,050,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/07/12 20:20:22 | 000,369,072 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NAV\1201000.025\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/06/26 23:05:55 | 000,134,704 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\Ironx86.SYS -- (SymIRON)
DRV - [2010/06/13 05:50:57 | 000,339,504 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1201000.025\SYMDS.SYS -- (SymDS)
DRV - [2010/05/26 03:00:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/26 03:00:00 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/10 13:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/20 10:46:50 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2009/01/23 09:49:08 | 000,037,664 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2009/01/15 08:19:00 | 006,301,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008/10/08 01:22:04 | 001,177,624 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2008/10/08 01:22:02 | 000,095,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2008/10/08 01:22:00 | 000,158,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2008/10/08 01:21:58 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2008/10/08 01:21:56 | 000,130,072 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2008/10/08 01:21:54 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2008/10/08 01:21:50 | 000,526,232 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2008/10/08 01:21:46 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2008/10/08 01:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV - [2008/10/08 01:21:44 | 001,324,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2008/10/08 01:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV - [2008/10/08 01:21:40 | 000,072,728 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2008/10/08 01:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV - [2008/10/08 01:21:38 | 000,171,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2008/08/18 17:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2008/08/14 06:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\adfs.sys -- (adfs)
DRV - [2008/08/01 10:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/08/01 10:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/05/27 06:34:44 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/13 13:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008/04/13 13:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008/04/13 13:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/22 11:09:10 | 000,100,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2007/04/16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/03/26 15:45:12 | 000,144,960 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\SymSnap.sys -- (SymSnap)
DRV - [2007/03/26 15:45:10 | 000,056,232 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\V2iMount.sys -- (V2IMount)
DRV - [2007/01/30 00:16:42 | 000,006,144 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\PeerGuardian2\pgfilter.sys -- (pgfilter)
DRV - [2006/11/15 14:55:38 | 000,006,272 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2006/10/08 23:01:15 | 000,089,856 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2006/10/08 23:01:15 | 000,016,640 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvcchflt.sys -- (nvcchflt)
DRV - [2006/10/08 22:00:02 | 000,061,952 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\si3114.sys -- (si3114)
DRV - [2006/04/24 16:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006/02/14 16:18:52 | 000,005,632 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2005/07/26 06:01:56 | 000,415,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA® nForce™
DRV - [2005/07/26 05:58:30 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA® nForce™
DRV - [2005/06/20 09:08:44 | 002,324,480 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/10/14 04:52:28 | 000,004,962 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2004/08/19 07:21:00 | 000,189,568 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/08/13 12:56:20 | 000,005

guestolo · « **Reply #4 on:** January 01, 2011, 01:10:38 PM »

Can you do the following
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.

Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows, Using Mozilla Firefox
go to the following link
[color="#0000FF"]ESET Online Scanner[/color][/url]

Click on the Button "Eset Online Scanner"
A new window will open, Download and save to your desktop
esetsmartinstaller_enu.exe

Right click on 'esetsmartinstaller_enu.exe' and choose to "Run as Administrator"
Put a tick in "Yes, I accept the Terms of Use" then click START

Eset will download components
When done click START again

Downloading of Virus signature database will begin
Depending on your connection speed, this can take awhile
When complete the scan will start
This scan can take some time, so be patient

Once the scan is completed, you may close the window

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic

cwohayes · « **Reply #5 on:** January 03, 2011, 07:09:07 PM »

[quote name='guestolo' date='01 January 2011 - 02:10 PM' timestamp='1293905438' post='474245']
Can you do the following
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.

Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows, Using Mozilla Firefox
go to the following link
[color="#0000ff"]ESET Online Scanner[/color][/url]

Click on the Button "Eset Online Scanner"
A new window will open, Download and save to your desktop
esetsmartinstaller_enu.exe

Right click on 'esetsmartinstaller_enu.exe' and choose to "Run as Administrator"
Put a tick in "Yes, I accept the Terms of Use" then click START

Eset will download components
When done click START again

Downloading of Virus signature database will begin
Depending on your connection speed, this can take awhile
When complete the scan will start
This scan can take some time, so be patient

Once the scan is completed, you may close the window

Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt

Copy and paste that log as a reply to this topic
[/quote]

# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=c73a7396cfe2e743b6203f076fab9a93
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-01-03 11:50:23
# local_time=2011-01-03 06:50:23 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 66279672 66279672 0 0
# compatibility_mode=3584 16777175 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=219846
# found=0
# cleaned=0
# scan_time=6509

guestolo · « **Reply #6 on:** January 03, 2011, 11:58:28 PM »

Have you noticed any improvement?

cwohayes · « **Reply #7 on:** January 04, 2011, 09:59:49 AM »

[quote name='guestolo' date='04 January 2011 - 12:58 AM' timestamp='1294117108' post='474345']
Have you noticed any improvement?
[/quote]

Seems to be back up to speed, I haven't noticed any strange CPU bogging down lately, thanks very much. I do have a question though. I am a fan of XP but am seriously thinking about upgrading to Windows 7. What is your opinion?

TheTechGuide Forum

News:

Author Topic: High CPU Usage (Read 737 times)

cwohayes

High CPU Usage

guestolo

High CPU Usage

cwohayes

High CPU Usage

cwohayes

High CPU Usage

guestolo

High CPU Usage

cwohayes

High CPU Usage

guestolo

High CPU Usage

cwohayes

High CPU Usage