ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/24 21:18
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA99E6000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF8A70000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA8F79000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 012 Function Name: NtAlertResumeThread
Status: Hooked by "<unknown>" at address 0x82a03058
#: 013 Function Name: NtAlertThread
Status: Hooked by "<unknown>" at address 0x829aee20
#: 017 Function Name: NtAllocateVirtualMemory
Status: Hooked by "<unknown>" at address 0x82b0e2a0
#: 031 Function Name: NtConnectPort
Status: Hooked by "<unknown>" at address 0x82cce228
#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa9d56020
#: 043 Function Name: NtCreateMutant
Status: Hooked by "<unknown>" at address 0x82d1ce68
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x82b0e330
#: 057 Function Name: NtDebugActiveProcess
Status: Hooked by "<unknown>" at address 0x82ad48e0
#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa9d562a0
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa9d56800
#: 083 Function Name: NtFreeVirtualMemory
Status: Hooked by "<unknown>" at address 0x82ac01a0
#: 089 Function Name: NtImpersonateAnonymousToken
Status: Hooked by "<unknown>" at address 0x82a0e058
#: 091 Function Name: NtImpersonateThread
Status: Hooked by "<unknown>" at address 0x82a67058
#: 108 Function Name: NtMapViewOfSection
Status: Hooked by "<unknown>" at address 0x82ac00c0
#: 114 Function Name: NtOpenEvent
Status: Hooked by "<unknown>" at address 0x82c71680
#: 123 Function Name: NtOpenProcessToken
Status: Hooked by "<unknown>" at address 0x82c697f8
#: 125 Function Name: NtOpenSection
Status: Hooked by "<unknown>" at address 0x829e2c98
#: 129 Function Name: NtOpenThreadToken
Status: Hooked by "<unknown>" at address 0x82d05e28
#: 206 Function Name: NtResumeThread
Status: Hooked by "<unknown>" at address 0x828f6e88
#: 213 Function Name: NtSetContextThread
Status: Hooked by "<unknown>" at address 0x82908b68
#: 228 Function Name: NtSetInformationProcess
Status: Hooked by "<unknown>" at address 0x82d05ef8
#: 229 Function Name: NtSetInformationThread
Status: Hooked by "<unknown>" at address 0x82ab71d8
#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\system32\Drivers\SYMEVENT.SYS" at address 0xa9d56a50
#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x829e3c98
#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x82abee68
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0x8292b900
#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x82abf3c8
#: 267 Function Name: NtUnmapViewOfSection
Status: Hooked by "<unknown>" at address 0x828bcec8
#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "<unknown>" at address 0x82b0e1d0
==EOF==
DDS (Ver_09-06-26.01) - NTFSx86
Run by Sharlene Hagerman at 21:15:35.42 on Sat 10/24/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.96 [GMT -5:00]
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\I-News\TrueWeather.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Sharlene Hagerman\Desktop\dds.scr
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
============== Pseudo HJT Report ===============
uStart Page = https://citrix.corre...Point/Employee/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = https://register.hp....v...&prodOS=011
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.0\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] c:\program files\analog devices\soundmax\Smax4.exe /tray
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe
mRun: [iTunesHelper] c:\program files\itunes\iTunesHelper.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [eabconfg.cpl] c:\program files\hpq\quick launch buttons\EabServr.exe /Start
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [ChangeResolution] c:\hp\bin\ChangeResolution.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton internet security\osCheck.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\i-news.lnk - c:\program files\common files\i-news\TrueWeather.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: CtxLsp.dll
Trusted Zone: correctionscorp.com\citrix
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/stg_drm.ocx
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-29 102448]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20091023.002\NAVENG.SYS [2009-10-23 84912]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20091023.002\NAVEX15.SYS [2009-10-23 1323568]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]
=============== Created Last 30 ================
2009-10-24 20:55 <DIR> --d----- c:\windows\pss
2009-10-23 17:38 <DIR> --d----- c:\docume~1\sharle~1\applic~1\Malwarebytes
2009-10-23 17:38 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-10-23 17:38 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-23 17:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-23 17:38 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
==================== Find3M ====================
2009-09-11 09:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-11 09:18 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll
2009-09-04 16:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-09-04 16:03 58,880 -------- c:\windows\system32\dllcache\msasn1.dll
2009-08-28 05:28 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-08-28 05:28 13,824 a------- c:\windows\system32\dllcache\ieudinit.exe
2009-08-27 00:18 634,648 a------- c:\windows\system32\dllcache\iexplore.exe
2009-08-27 00:18 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-08-26 03:00 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-26 03:00 247,326 a------- c:\windows\system32\dllcache\strmdll.dll
2009-08-13 10:16 512,000 -------- c:\windows\system32\dllcache\jscript.dll
2009-08-05 04:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-05 04:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-08-04 20:44 2,189,184 a------- c:\windows\system32\ntoskrnl.exe
2009-08-04 20:44 2,189,184 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-08-04 10:13 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-08-04 09:20 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-08-04 09:20 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-08-04 09:20 2,066,048 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2007-12-17 10:48 306 ac------ c:\docume~1\sharle~1\applic~1\wklnhst.dat
2008-08-29 11:33 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082920080830\index.dat
============= FINISH: 21:16:56.57 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 8/23/2005 9:56:20 AM
System Uptime: 10/24/2009 8:59:49 PM (1 hours ago)
Motherboard: Hewlett-Packard | | 308C
Processor: Intel® Celeron® M processor 1.50GHz | U1 | 1496/533mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 56 GiB total, 39.932 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP287: 7/16/2009 9:27:10 PM - System Checkpoint
RP288: 7/16/2009 10:20:10 PM - Software Distribution Service 3.0
RP289: 7/28/2009 8:48:29 PM - System Checkpoint
RP290: 7/29/2009 3:00:17 AM - Software Distribution Service 3.0
RP291: 8/1/2009 11:03:39 AM - System Checkpoint
RP292: 8/16/2009 12:50:24 PM - System Checkpoint
RP293: 8/16/2009 9:52:28 PM - Software Distribution Service 3.0
RP294: 8/22/2009 9:40:54 AM - Installed Java 6 Update 15
RP295: 8/23/2009 3:00:19 AM - Software Distribution Service 3.0
RP296: 8/27/2009 8:13:03 PM - System Checkpoint
RP297: 8/27/2009 9:45:56 PM - Software Distribution Service 3.0
RP298: 8/29/2009 9:47:57 AM - System Checkpoint
RP299: 9/1/2009 10:18:08 PM - Software Distribution Service 3.0
RP300: 9/2/2009 10:58:07 PM - System Checkpoint
RP301: 9/3/2009 11:01:29 PM - System Checkpoint
RP302: 9/4/2009 11:15:51 PM - System Checkpoint
RP303: 9/5/2009 11:25:06 PM - System Checkpoint
RP304: 9/6/2009 11:30:00 PM - System Checkpoint
RP305: 9/9/2009 9:44:48 PM - Software Distribution Service 3.0
RP306: 9/13/2009 7:19:30 PM - System Checkpoint
RP307: 9/14/2009 8:38:27 PM - System Checkpoint
RP308: 9/16/2009 7:45:56 PM - System Checkpoint
RP309: 9/18/2009 8:22:28 PM - System Checkpoint
RP310: 9/19/2009 8:57:24 PM - System Checkpoint
RP311: 9/20/2009 9:57:26 PM - System Checkpoint
RP312: 9/21/2009 10:22:55 PM - System Checkpoint
RP313: 9/22/2009 9:00:04 PM - Removed SMART Board Drivers.
RP314: 9/22/2009 9:06:01 PM - Removed Notebook Software.
RP315: 9/23/2009 9:54:48 PM - System Checkpoint
RP316: 9/24/2009 10:54:47 PM - System Checkpoint
RP317: 9/30/2009 9:26:18 PM - System Checkpoint
RP318: 10/1/2009 10:03:53 PM - System Checkpoint
RP319: 10/4/2009 12:49:00 PM - System Checkpoint
RP320: 10/5/2009 1:04:41 PM - System Checkpoint
RP321: 10/6/2009 2:17:12 PM - System Checkpoint
RP322: 10/10/2009 11:07:10 AM - System Checkpoint
RP323: 10/11/2009 11:40:55 AM - System Checkpoint
RP324: 10/12/2009 12:40:52 PM - System Checkpoint
RP325: 10/13/2009 1:40:56 PM - System Checkpoint
RP326: 10/14/2009 2:41:02 PM - System Checkpoint
RP327: 10/21/2009 9:40:16 PM - System Checkpoint
RP328: 10/21/2009 10:48:36 PM - Software Distribution Service 3.0
RP329: 10/23/2009 8:40:05 PM - System Checkpoint
==== Installed Programs ======================
µTorrent
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.4
Agere Systems AC'97 Modem
ALPS Touch Pad Driver
AppCore
ATT-AACE
BlackBerry Desktop Software 4.6
ccCommon
Citrix Advanced Gateway Client
Collapse! Deluxe
Component Framework
Conquest 4.0
Copy
CreativeProjects
Critical Update for Windows Media Player 11 (KB959772)
Director
DocProc
Easy Internet Sign-up
GdiplusUpgrade
getPlus®_ocx
Google Desktop
Google Earth
Google Toolbar for Internet Explorer
Google Updater
GreenCheck 1.6.8
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
HP Help and Support
HP Image Zone 3.5
HP Pavillion dv4000 User Guides
HP Product Detection
HP Update
HP Wireless Assistant 1.01 A3
HpSdpAppCoreApp
HPSystemDiagnostics
I-News
ImageQuix - PhotoSession
InstantShare
Intel® Graphics Media Accelerator Driver for Mobile
InterActual Player
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 6 Update 15
Java 6 Update 2
Java 6 Update 3
Java 6 Update 5
Java 6 Update 7
Java SE Runtime Environment 6 Update 1
Kazaa 3.0
LiveUpdate (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
LS_HSI
Malwarebytes' Anti-Malware
MetaFrame Presentation Server Web Client for Win32
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Word Viewer 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 4.0 - SE
Norton AntiVirus
Norton AntiVirus Help
Norton Confidential Core
Norton Internet Security
Norton Internet Security (Symantec Corporation)
Norton Protection Center
OpenOffice.org Installer 1.0
overland
PhotoGallery
PokerStars
QFolder
Quick Launch Buttons 5.10 A2
QuickProjects
QuickTime
RealPlayer
Roxio Media Manager
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SkinsHP1
SkinsHP2
Sonic Audio Module
Sonic Copy Module
Sonic Data Module
Sonic Express Labeler
Sonic MyDVD Plus
Sonic Update Manager
SoundMAX
SPBBC 32bit
Symantec KB-DocID:2003093015493306
Symantec Real Time Storage Protection Component
SymNet
Texas Instruments PCIxx21/x515 drivers.
TIxx21
TrayApp
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
UserGuides
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Install Manager
Zone Deluxe Games
==== Event Viewer Messages From Past Week ========
10/23/2009 5:33:15 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'SrtETmp' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
10/21/2009 9:04:26 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Roxio Hard Drive Watcher 9 service to connect.
10/21/2009 10:29:48 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect.
10/21/2009 10:28:50 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435}
==== End Of File ===========================