Jump to content

Heres the logs..trojan.dnschanger help.


Recommended Posts

Here is MAM Log:

Malwarebytes' Anti-Malware 1.44

Database version: 3712

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

2/9/2010 12:02:33 PM

mbam-log-2010-02-09 (12-02-33).txt

Scan type: Quick Scan

Objects scanned: 98308

Time elapsed: 3 minute(s), 48 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 2

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.166.105 93.188.161.105 1.2.3.4 -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{49ed5f7e-ff5b-402f-9c3f-0eba312858f0}\DhcpNameServer (Trojan.DNSChanger) -> Data: 93.188.166.105 93.188.161.105 1.2.3.4 -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Here is DDS.txt:

DDS (Ver_09-12-01.01) - NTFSx86

Run by Joey at 12:35:39.83 on Tue 02/09/2010

Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_18

Microsoft

Attach.zip

Link to post
Share on other sites

;)

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Extra Registry change it to Use SafeList.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTListIt.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.

Link to post
Share on other sites

OTL logfile created on: 2/9/2010 10:35:41 PM - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Joey\Downloads

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18882)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free

7.00 Gb Paging File | 6.00 Gb Available in Paging File | 85.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.05 Gb Total Space | 131.61 Gb Free Space | 45.69% Space Free | Partition Type: NTFS

Drive D: | 10.00 Gb Total Space | 4.86 Gb Free Space | 48.57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JOEYGRASICH

Current User Name: Joey

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/09 22:33:56 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Joey\Downloads\OTL.exe

PRC - [2010/01/28 16:09:31 | 002,757,512 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/01/28 16:09:28 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

PRC - [2009/12/31 12:04:47 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe

PRC - [2009/12/12 14:22:34 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe

PRC - [2009/12/12 14:22:34 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe

PRC - [2009/10/15 22:18:05 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe

PRC - [2009/10/15 22:18:05 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe

PRC - [2009/10/15 22:18:05 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe

PRC - [2009/10/15 22:18:04 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe

PRC - [2009/04/11 00:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/06/10 15:18:10 | 000,785,520 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe

PRC - [2008/05/02 23:16:00 | 000,118,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe

PRC - [2008/01/17 07:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe

PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe

PRC - [2007/04/30 19:43:54 | 003,450,608 | ---- | M] (Stardock) -- C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

PRC - [2006/10/03 10:37:04 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

PRC - [2006/08/04 18:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe

========== Modules (SafeList) ==========

MOD - [2010/02/09 22:33:56 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Joey\Downloads\OTL.exe

MOD - [2009/10/15 22:18:08 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll

MOD - [2009/04/11 00:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (stllssvr)

SRV - [2010/01/28 16:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/01/28 16:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/01/28 16:09:28 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2009/10/20 12:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/10/15 22:18:05 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)

SRV - [2009/10/15 22:18:04 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)

SRV - [2009/09/24 19:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/03/23 19:40:10 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)

SRV - [2009/02/02 22:15:58 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c985b6226d7051) Google Update Service (gupdate1c985b6226d7051)

SRV - [2008/09/10 16:39:48 | 000,536,872 | ---- | M] (Apple Inc.) [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)

SRV - [2008/08/29 09:18:44 | 000,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

SRV - [2008/05/02 23:16:00 | 000,118,784 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)

SRV - [2008/01/20 20:21:41 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)

SRV - [2007/03/19 11:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)

SRV - [2006/11/02 06:34:14 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)

SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2006/08/04 18:39:20 | 000,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)

SRV - [2004/10/22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - [2010/01/28 15:57:55 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/01/28 15:57:34 | 000,163,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/01/28 15:54:42 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/01/28 15:54:27 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2010/01/28 15:54:05 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/11/09 19:08:29 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)

DRV - [2009/10/20 12:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2009/10/15 22:18:26 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)

DRV - [2009/10/15 22:18:26 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)

DRV - [2009/09/28 01:02:42 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)

DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/03/27 00:16:28 | 000,012,672 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\cpuz132_x32.sys -- (cpuz132)

DRV - [2008/04/17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2008/01/26 02:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)

DRV - [2008/01/24 11:06:40 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/01/20 20:21:35 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)

DRV - [2008/01/20 20:21:35 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2008/01/20 20:21:35 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2008/01/20 20:21:34 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2008/01/20 20:21:34 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2008/01/20 20:21:34 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2008/01/20 20:21:33 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2008/01/20 20:21:33 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2008/01/20 20:21:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®

DRV - [2008/01/20 20:21:33 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2008/01/20 20:21:32 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2008/01/20 20:21:32 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2008/01/20 20:21:32 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2008/01/20 20:21:31 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2008/01/20 20:21:31 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2008/01/20 20:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2008/01/20 20:21:31 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2008/01/20 20:21:30 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2008/01/20 20:21:29 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2008/01/20 20:21:29 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2008/01/20 20:21:29 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2008/01/20 20:21:28 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2008/01/20 20:21:09 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2008/01/20 20:21:09 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2008/01/20 20:21:09 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2007/03/23 05:09:16 | 000,129,832 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)

DRV - [2007/03/15 07:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)

DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)

DRV - [2006/11/02 03:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006/11/02 03:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006/11/02 03:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006/11/02 03:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006/11/02 03:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006/11/02 03:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006/11/02 03:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006/11/02 03:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006/11/02 03:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006/11/02 03:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006/11/02 03:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006/11/02 02:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006/11/02 02:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006/11/02 02:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006/11/02 02:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006/11/02 02:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006/11/02 02:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006/11/02 01:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006/11/02 01:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XV)

DRV - [2006/11/02 00:37:21 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)

DRV - [2006/10/18 12:09:26 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)

DRV - [2006/10/18 12:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)

DRV - [2006/10/18 12:08:04 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)

DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)

DRV - [2006/08/04 18:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)

DRV - [2006/06/19 15:26:58 | 000,012,672 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cl...amp;ibd=1070813

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cl...amp;ibd=1070813

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "www.yahoo.com"

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.1

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/21 11:29:02 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/30 21:55:58 | 000,000,000 | ---D | M]

[2009/05/11 11:09:21 | 000,000,000 | ---D | M] -- C:\Users\Joey\AppData\Roaming\Mozilla\Extensions

[2009/05/11 11:09:21 | 000,000,000 | ---D | M] -- C:\Users\Joey\AppData\Roaming\Mozilla\Extensions\prism@developer.mozilla.org

[2010/02/09 12:19:35 | 000,000,000 | ---D | M] -- C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\0p724znd.default\extensions

[2010/01/21 11:40:16 | 000,000,000 | ---D | M] -- C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\0p724znd.default\extensions\personas@christopher.beard

[2010/02/03 11:49:23 | 000,001,945 | ---- | M] () -- C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\0p724znd.default\searchplugins\ninjavideo.xml

[2010/02/09 12:19:35 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: ::1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)

O2 - BHO: (no name) - {BA0BACB5-FC95-451E-94D2-4959AB0949D2} - No CLSID value found.

O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - {F2BADA0D-FD61-45EF-A994-64A073FD6613} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2787EA8E-8D87-48AF-88AD-B30246C917AB} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F2BADA0D-FD61-45EF-A994-64A073FD6613} - No CLSID value found.

O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [iSUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)

O4 - HKCU..\Run: [Google Update] C:\Users\Joey\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

O4 - Startup: C:\Users\Joey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe (Stardock)

O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)

O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.188.166.105 93.188.161.105 1.2.3.4

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp

O24 - Desktop BackupWallPaper: C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{5e4ad3c8-0f0b-11de-9785-001aa05334d8}\Shell - "" = AutoRun

O33 - MountPoints2\{5e4ad3c8-0f0b-11de-9785-001aa05334d8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O33 - MountPoints2\{bd086250-8c57-11de-a94d-001aa05334d8}\Shell - "" = AutoRun

O33 - MountPoints2\{bd086250-8c57-11de-a94d-001aa05334d8}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (aswBoot.exe /A:"C:" /L:"1033" /heur:80 /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\Alwil Software\Avast5") - C:\Windows\System32\aswBoot.exe (ALWIL Software)

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/09 14:57:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2010/02/09 13:24:06 | 000,000,000 | ---D | C] -- C:\Users\Joey\Desktop\New Folder

[2010/02/09 01:25:33 | 000,163,280 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010/02/09 01:25:33 | 000,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010/02/09 01:25:33 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010/02/09 01:25:33 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010/02/09 01:25:33 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010/02/09 01:25:00 | 000,152,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe

[2010/02/09 01:25:00 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\System32\avastSS.scr

[2010/02/09 01:24:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software

[2010/02/09 01:24:55 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software

[2010/01/27 19:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010/01/27 19:10:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010/01/27 19:10:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010/01/27 19:10:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010/01/27 11:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage

[2010/01/22 11:38:31 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010/01/22 11:38:31 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010/01/22 11:38:31 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010/01/22 11:38:31 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010/01/22 11:38:31 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010/01/22 11:38:31 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010/01/22 11:38:31 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010/01/22 11:38:31 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010/01/22 11:38:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010/01/22 11:38:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010/01/22 11:38:31 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010/01/22 11:38:31 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010/01/22 11:38:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010/01/22 11:38:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010/01/20 13:47:02 | 000,000,000 | ---D | C] -- C:\Users\Joey\Documents\Spring10

[2010/01/13 11:28:31 | 000,000,000 | ---D | C] -- C:\a63315bbdd54760ed3cb63da7f14e7

[2010/01/13 11:26:16 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll

[2010/01/13 11:26:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/02/09 22:35:05 | 003,407,872 | -HS- | M] () -- C:\Users\Joey\NTUSER.DAT

[2010/02/09 22:27:32 | 055,361,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm

[2010/02/09 22:23:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010/02/09 21:55:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-448380724-2529988279-146509900-1000UA.job

[2010/02/09 20:46:57 | 000,695,540 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/02/09 20:46:57 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/02/09 20:46:57 | 000,105,540 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/02/09 20:44:21 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job

[2010/02/09 20:42:08 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010/02/09 20:42:08 | 000,005,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010/02/09 20:41:38 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010/02/09 20:41:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/02/09 20:41:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/02/09 20:33:12 | 000,524,288 | -HS- | M] () -- C:\Users\Joey\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TMContainer00000000000000000001.regtrans-ms

[2010/02/09 20:33:12 | 000,065,536 | -HS- | M] () -- C:\Users\Joey\NTUSER.DAT{0f69446d-6a70-11db-8eb3-985e31beb686}.TM.blf

[2010/02/09 20:33:08 | 002,720,981 | -H-- | M] () -- C:\Users\Joey\AppData\Local\IconCache.db

[2010/02/09 20:09:54 | 308,525,810 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2010/02/09 20:08:29 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-448380724-2529988279-146509900-1000Core.job

[2010/02/09 12:53:52 | 000,011,772 | ---- | M] () -- C:\Users\Joey\Desktop\Exam 1, Focus List for MSIS 4273.docx

[2010/02/09 01:25:33 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010/01/28 16:09:46 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\Windows\System32\avastSS.scr

[2010/01/28 16:09:26 | 000,152,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe

[2010/01/28 15:57:55 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010/01/28 15:57:34 | 000,163,280 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010/01/28 15:54:42 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010/01/28 15:54:27 | 000,051,792 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010/01/28 15:54:05 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010/01/20 00:41:06 | 000,014,273 | ---- | M] () -- C:\Users\Joey\Desktop\18U32.docx

[2010/01/20 00:41:03 | 000,013,661 | ---- | M] () -- C:\Users\Joey\Desktop\EEA.docx

[2010/01/20 00:41:01 | 000,060,984 | ---- | M] () -- C:\Users\Joey\Desktop\ECPA.docx

[2010/01/20 00:40:57 | 000,019,664 | ---- | M] () -- C:\Users\Joey\Desktop\PPA.docx

[2010/01/20 00:40:54 | 000,020,811 | ---- | M] () -- C:\Users\Joey\Desktop\CFAA.docx

[2010/01/20 00:40:51 | 000,139,061 | ---- | M] () -- C:\Users\Joey\Desktop\ACLUR2.docx

[2010/01/20 00:40:35 | 000,060,416 | ---- | M] () -- C:\Users\Joey\Desktop\How courts view cyberspace.doc

[2010/01/19 14:04:39 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg

[2010/01/15 12:48:35 | 000,071,168 | ---- | M] () -- C:\Users\Joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/02/09 14:57:28 | 308,525,810 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2010/02/09 12:53:52 | 000,011,772 | ---- | C] () -- C:\Users\Joey\Desktop\Exam 1, Focus List for MSIS 4273.docx

[2010/01/20 00:41:06 | 000,014,273 | ---- | C] () -- C:\Users\Joey\Desktop\18U32.docx

[2010/01/20 00:41:03 | 000,013,661 | ---- | C] () -- C:\Users\Joey\Desktop\EEA.docx

[2010/01/20 00:41:01 | 000,060,984 | ---- | C] () -- C:\Users\Joey\Desktop\ECPA.docx

[2010/01/20 00:40:57 | 000,019,664 | ---- | C] () -- C:\Users\Joey\Desktop\PPA.docx

[2010/01/20 00:40:54 | 000,020,811 | ---- | C] () -- C:\Users\Joey\Desktop\CFAA.docx

[2010/01/20 00:40:51 | 000,139,061 | ---- | C] () -- C:\Users\Joey\Desktop\ACLUR2.docx

[2010/01/20 00:40:35 | 000,060,416 | ---- | C] () -- C:\Users\Joey\Desktop\How courts view cyberspace.doc

[2009/10/20 14:46:47 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/10/20 12:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2008/08/23 00:38:50 | 000,071,168 | ---- | C] () -- C:\Users\Joey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/08/19 16:54:58 | 000,023,888 | ---- | C] () -- C:\Users\Joey\AppData\Roaming\UserTile.png

[2008/02/16 10:25:45 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2008/01/20 20:23:41 | 000,081,158 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2007/08/22 17:18:16 | 000,001,004 | ---- | C] () -- C:\Users\Joey\AppData\Roaming\wklnhst.dat

[2007/03/19 04:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll

[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll

[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll

[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll

[2007/03/19 04:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll

[2007/03/19 04:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll

[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll

[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll

[2007/03/19 04:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll

[2007/03/19 04:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll

[2007/03/19 04:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll

[2006/11/02 06:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2005/10/14 03:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll

[2005/10/14 03:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2005/10/14 03:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll

[2005/10/14 03:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll

[2005/10/14 03:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll

[2005/10/14 03:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2005/10/14 03:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0

< End of report >

OTL Extras logfile created on: 2/9/2010 10:35:41 PM - Run 1

OTL by OldTimer - Version 3.1.28.0 Folder = C:\Users\Joey\Downloads

Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18882)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 71.00% Memory free

7.00 Gb Paging File | 6.00 Gb Available in Paging File | 85.00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 288.05 Gb Total Space | 131.61 Gb Free Space | 45.69% Space Free | Partition Type: NTFS

Drive D: | 10.00 Gb Total Space | 4.86 Gb Free Space | 48.57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: JOEYGRASICH

Current User Name: Joey

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

.jse [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.pif [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{32A789B2-4F91-45BF-B45F-C6C95FED4233}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{366C1A20-11FE-4D26-949A-B9ED8970E1AB}" = lport=2869 | protocol=6 | dir=in | app=system |

"{463DC133-8A79-4CDE-B663-7289AD18E25D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{629C854A-0EAD-4DD5-AEFF-CDFBD0659266}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |

"{65625DD7-CBBD-4D08-961D-5D285B3A6AD4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{91F50326-2EEB-41C8-A92A-46DE1F8C7596}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{9DBF8DE7-F8B5-4CB6-84E1-6E679B4F469A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{AA073821-3F9B-4158-AA7A-A3E1B50DB72C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |

"{ACF17D9E-8C20-4859-87F4-9DE30CF82C0D}" = lport=2869 | protocol=6 | dir=in | app=system |

"{B95EF262-4B02-47C8-BE08-60A033FF8A29}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BD7953F1-37C6-476D-ACA1-D0C952C629B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |

"{CD438783-6376-41D6-88EC-1950BB97BDA9}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{12EE3708-5E67-4760-AB49-70674A5A8F97}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |

"{19C63B78-5258-4E03-9DA3-E262608A59BA}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |

"{1E06BD30-9C1B-4566-82A5-BCE605974CDD}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"{40AB4542-F073-43EA-8A13-8939343718E4}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |

"{68C1E170-AC69-40F4-8E2E-6C3F7BB41875}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{7154234F-0B65-4F19-BE95-5995D97A3A8D}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |

"{7161CE48-D4B7-46C7-970A-604124127103}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |

"{71EA2C22-0BDF-45F0-81BC-504BD53775C2}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"{727F7A2E-8A55-48C8-965D-9B6077E6250D}" = protocol=6 | dir=out | app=system |

"{7DAD15FE-B819-4280-BD0D-2316A5D86B41}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |

"{7DD06F26-5942-47F3-ACED-F936865239EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{866900D3-99BC-4675-A5FC-7D49A47BBA46}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{892F8755-7A75-43E6-85D4-33A493134787}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{8E87DB78-6BBD-45E1-9EE1-29AB69653F4E}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |

"{9CF5EB62-8682-4D7E-B5A7-960C4B2B6419}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |

"{A9938245-9063-46B7-8842-B791BFCD10FC}" = protocol=6 | dir=out | app=system |

"{C3DE8022-F8F1-4729-936E-B068A30A7626}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |

"{D4582FC6-7CE3-44F5-A762-116BFF83C2FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{E14BAB7E-3C09-4F9C-B6E7-F701F2BBB671}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |

"{ECA4F491-2607-468E-97FD-0DB5F9AE3C09}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |

"{F2F16F42-A822-44A7-AAE9-703DA43497C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{F38B788F-2264-48B2-8D70-B03D1AE9E60D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{F91C60D4-E958-4614-AA94-3E94F2062FE6}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |

"TCP Query User{0D15838D-C728-4DF0-856D-02383C4D7D14}C:\program files\dap\dap.exe" = protocol=6 | dir=in | app=c:\program files\dap\dap.exe |

"TCP Query User{1C4B28B6-6B88-46CE-B9C1-422D71172945}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"TCP Query User{25D2D50A-988B-4B4A-9BF9-3A92A597BE27}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{3E2FB89C-19B5-4A9E-BAE4-B18CF63B82C7}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"TCP Query User{5EFAE2D8-71A4-40F7-8BEC-CF0E8C31518B}C:\users\joey\desktop\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\users\joey\desktop\itunes\itunes.exe |

"TCP Query User{74B425BB-1F97-4D95-96CD-F628F8D8F5E3}C:\users\joey\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\joey\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |

"TCP Query User{AA765554-BE15-4E14-BE14-662116F5EFE4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{AE5D7B65-194E-48F1-81D0-BDE7628EF5D4}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |

"TCP Query User{C9B20BEE-CB3B-4B76-BC49-604953245D8C}C:\program files\microsoft directx sdk (august 2007)\utilities\bin\x86\audconsole.exe" = protocol=6 | dir=in | app=c:\program files\microsoft directx sdk (august 2007)\utilities\bin\x86\audconsole.exe |

"UDP Query User{01E87F0C-F1D7-4D71-BB9C-C495324ED5A3}C:\program files\microsoft directx sdk (august 2007)\utilities\bin\x86\audconsole.exe" = protocol=17 | dir=in | app=c:\program files\microsoft directx sdk (august 2007)\utilities\bin\x86\audconsole.exe |

"UDP Query User{1D49E990-5095-4E3C-814D-976B85FC9CA1}C:\users\joey\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\joey\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |

"UDP Query User{230195CE-9C7B-4649-9E25-D387C0BE87EF}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{40910EFE-7099-4142-A801-A01AE5EEBDE5}C:\users\joey\desktop\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\users\joey\desktop\itunes\itunes.exe |

"UDP Query User{635235A4-D2F6-49F2-B246-4857C6703CCC}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{79F71648-D708-440A-830B-4B59A2387D20}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |

"UDP Query User{B41BA81D-EFD4-439A-8366-82B65FD90E54}C:\program files\dap\dap.exe" = protocol=17 | dir=in | app=c:\program files\dap\dap.exe |

"UDP Query User{B9310138-49D3-46C2-8E21-14EAD9DBFBBC}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |

"UDP Query User{BB6138BC-6041-4224-AC29-1FBA2628621B}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0.0 (r181)

"{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32

"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard

"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter

"{15EFEBF6-E414-33EB-8710-A04AD1302BF8}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 18

"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online

"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth

"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6

"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2

"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3

"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4

"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7

"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types

"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher

"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant

"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting

"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker

"{41B9E2CF-0B3F-442A-B5B3-592A4A355634}" = iTunes

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{56DF5C9E-6392-46D3-B366-297B14E1DAAF}" = Bonjour Core for Windows

"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour

"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007

"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007

"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90510409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003

"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003

"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3

"{9C2DC81B-8114-37D9-A922-95E460A1FAFB}" = Microsoft Visual Basic 2008 Express Edition - ENU

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder

"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter

"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.0

"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8

"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center

"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU

"{C6DB11F1-EBD1-3AA4-A44D-55630E1E6FDA}" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D54A32D7-9CDB-4982-B84B-A78CEE6ACEE9}" = SPC 610NC Laptop Camera

"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect

"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1

"{EBBE2FB2-FBED-44F6-B95F-230AB5A65B28}" = Goombah Partner COM Server

"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects

"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool

"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11

"avast5" = avast! Free Antivirus

"AVG9Uninstall" = AVG Free 9.0

"BitComet" = BitComet 1.15

"CCleaner" = CCleaner

"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem

"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0

"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.2

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2

"Google Updater" = Google Updater

"ImgBurn" = ImgBurn

"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft Visual Basic 2008 Express Edition - ENU" = Microsoft Visual Basic 2008 Express Edition - ENU

"Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU" = Microsoft Visual Web Developer 2008 Express Edition with SP1 - ENU

"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)

"Network Play System" = EA AutoPatch

"Notepad++" = Notepad++

"NVIDIA Drivers" = NVIDIA Drivers

"ObjectDock" = ObjectDock

"Revo Uninstaller" = Revo Uninstaller 1.85

"The Weather Channel Desktop 6" = The Weather Channel Desktop 6

"UltSounds" = Windows Sound Schemes

"Uninstall_is1" = Uninstall 1.0.0.1

"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component

"VLC media player" = VLC media player 1.0.3

"WinPcapInst" = WinPcap 4.1.1

"winpcap-nmap" = winpcap-nmap 4.02

"Wireshark" = Wireshark 1.2.4

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"Move Media Player" = Move Media Player

"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 2/2/2010 1:57:28 PM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/2/2010 1:57:28 PM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/2/2010 1:57:29 PM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/2/2010 4:48:44 PM | Computer Name = JoeyGrasich | Source = WinMgmt | ID = 10

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

Error - 2/3/2010 3:07:55 AM | Computer Name = JoeyGrasich | Source = Windows Search Service | ID = 3013

Description =

[ Media Center Events ]

Error - 11/27/2007 2:48:45 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/3/2007 10:54:11 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/6/2007 6:45:32 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/12/2007 2:48:02 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/18/2008 11:22:35 AM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/25/2008 12:48:00 AM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/30/2008 12:19:40 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/1/2008 9:04:00 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 6/16/2009 9:29:53 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 2:10:06 PM | Computer Name = JoeyGrasich | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]

Error - 2/9/2010 1:37:44 PM | Computer Name = JoeyGrasich | Source = WMPNetworkSvc | ID = 866300

Description =

Error - 2/9/2010 4:57:37 PM | Computer Name = JoeyGrasich | Source = EventLog | ID = 6008

Description = The previous system shutdown at 2:55:14 PM on 2/9/2010 was unexpected.

Error - 2/9/2010 4:59:11 PM | Computer Name = JoeyGrasich | Source = Service Control Manager | ID = 7000

Description =

Error - 2/9/2010 5:00:02 PM | Computer Name = JoeyGrasich | Source = WMPNetworkSvc | ID = 866300

Description =

Error - 2/9/2010 10:10:04 PM | Computer Name = JoeyGrasich | Source = EventLog | ID = 6008

Description = The previous system shutdown at 8:08:22 PM on 2/9/2010 was unexpected.

Error - 2/9/2010 10:11:37 PM | Computer Name = JoeyGrasich | Source = Service Control Manager | ID = 7000

Description =

Error - 2/9/2010 10:12:35 PM | Computer Name = JoeyGrasich | Source = WMPNetworkSvc | ID = 866300

Description =

Error - 2/9/2010 10:41:46 PM | Computer Name = JoeyGrasich | Source = Print | ID = 19

Description = The print spooler failed to share printer Journal Note Writer with

shared resource name Journal Note Writer. Error 2114. The printer cannot be used

by others on the network.

Error - 2/9/2010 10:42:07 PM | Computer Name = JoeyGrasich | Source = Service Control Manager | ID = 7000

Description =

Error - 2/9/2010 10:44:12 PM | Computer Name = JoeyGrasich | Source = WMPNetworkSvc | ID = 866300

Description =

< End of report >

Link to post
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.