Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

RedirBA-inf Trj detected

Started by crybaby , Apr 11 2011 07:37 PM

  • Please log in to reply

#1
crybaby
Posted 11 April 2011 - 07:37 PM

crybaby

    Member

  • Member
  • PipPipPip
  • 175 posts
While attempting to browse the internet today, my avast! popped up several warnings of a Trojan. Upon running the scan, it revealed 701 infections, one (or more) of which were entitled HTML:RedirBA-inf [Trj]. I moved all infections to the virus chest, and then ran the recommended boot-time scan.
Everything seems to be running normally but, I want to be sure it is totally removed as, this is the computer that my husband uses for work. Any help would be greatly appreciated. Thanks so much!



OTL logfile created on: 4/11/2011 8:20:04 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Shayla Potter\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 104.65 Gb Free Space | 46.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.96 Gb Free Space | 49.60% Space Free | Partition Type: NTFS
Drive E: | 485.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BNSS-LEASED | User Name: Shayla Potter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/11 20:19:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Shayla Potter\Downloads\OTL.exe
PRC - [2011/03/18 12:53:06 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/02/23 09:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/01/31 10:01:28 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2009/07/26 17:38:22 | 000,046,592 | ---- | M] (Ateksoft Company Ltd.) -- C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe
PRC - [2009/04/23 06:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 06:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/19 02:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 02:33:11 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
PRC - [2007/09/24 04:41:02 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/07/06 19:12:00 | 000,212,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
PRC - [2007/04/03 16:58:56 | 000,020,572 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2007/01/12 11:57:28 | 000,292,336 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
PRC - [2006/11/03 17:04:46 | 000,304,008 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
PRC - [2006/11/02 07:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/10/20 17:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2005/09/22 20:15:15 | 000,300,856 | ---- | M] (ProStores, Inc.) -- C:\Program Files\ProStores\StoreMonitor\StoreMonitor.exe


========== Modules (SafeList) ==========

MOD - [2011/04/11 20:19:07 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Shayla Potter\Downloads\OTL.exe
MOD - [2011/02/23 09:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/02/23 09:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/31 10:01:28 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/07/26 17:38:22 | 000,046,592 | ---- | M] (Ateksoft Company Ltd.) [Auto | Running] -- C:\Program Files\Ateksoft\WebCamera Plus\WebCamPlusSrv.exe -- (Webcamera Plus Service)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/08/08 21:10:46 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/19 12:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/10/11 16:48:50 | 000,532,480 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\System32\dlcxcoms.exe -- (dlcx_device)


========== Driver Services (SafeList) ==========

DRV - [2011/02/23 08:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/02/23 08:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/02/23 08:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/02/23 08:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/02/23 08:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/02/23 08:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/22 11:12:54 | 000,017,536 | ---- | M] (Anyka (Guangzhou) Software Technology Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbanyka.sys -- (usbanyka)
DRV - [2007/10/17 13:54:02 | 000,003,072 | ---- | M] (RealVNC Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vncmirror.sys -- (vncmirror)
DRV - [2007/03/15 08:57:30 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/05 17:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/12 08:58:08 | 000,015,232 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\W55U01.sys -- (W55U01)
DRV - [2005/02/02 18:29:28 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hpplsbulk.sys -- (HPPLSBULK)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=1071121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=us&ibd=1071121
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://login.yahoo....ntl=us&.src=ym"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.3.2
FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/06 17:45:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/06 17:45:08 | 000,000,000 | ---D | M]

[2009/08/20 20:13:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Extensions
[2011/04/06 15:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions
[2011/03/31 06:24:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/20 10:22:54 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/03/31 06:24:26 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/03/31 06:24:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\[email protected]
[2011/03/31 06:24:31 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\[email protected]
[2010/05/16 12:53:40 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\extensions\[email protected]
[2011/04/06 17:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/01 14:37:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/03/02 13:13:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2009/11/11 15:08:13 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\SHAYLA POTTER\APPDATA\ROAMING\MOVE NETWORKS
[2011/03/18 12:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009/11/25 08:43:35 | 000,393,216 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol400.dll
[2009/11/19 17:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/03/02 13:13:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/07/09 16:17:18 | 000,036,864 | ---- | M] (Homestead Technologies, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nphssb.dll
[2008/10/09 02:58:40 | 000,044,288 | ---- | M] (MeadCo Corp.) -- C:\Program Files\Mozilla Firefox\plugins\npmeadax.dll
[2009/11/19 17:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2010/03/10 09:08:39 | 000,000,785 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 192.168.1.70 NPI8C25CB
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Lexmark X1100 Series] File not found
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ProStoresStoreMonitor] C:\Program Files\ProStores\StoreMonitor\StoreMonitor.exe (ProStores, Inc.)
O4 - Startup: C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {295AE8FF-A150-4CCE-9581-D6726D07C601} http://67.200.135.148:8080/DvrWeb.cab (WebApp Control)
O16 - DPF: {2ADE19BB-1E79-4EC4-976E-AC74339ADD76} http://66.196.229.11...tiveViewGUI.cab (ActiveViewGUI Control)
O16 - DPF: {5C709EEC-DDE1-4738-8E57-7564E2637891} https://merchantacco...ncCom1_2009.cab (QBMASSyncCom1_2009.UserControl1)
O16 - DPF: {5E92F538-B50B-46C5-9C5F-C6EECED3F6C6} http://www.infospace...pointsSetup.exe (Reg Error: Key error.)
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} http://66.196.229.115/ActiveView.cab (ActiveView Control)
O16 - DPF: {788539E8-002D-4E59-9089-40B694A99C9A} https://merchantacco...ncCom2_2008.cab (QBMASSyncCom2_2008.UserControl1)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} http://192.168.1.65/WebDiginet.CAB (WebDigiNet Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CBC33687-4040-49D7-A17E-F3CDF9F1D2FA} https://ippsyncsetup...cActiveXNew.CAB (IntuitQBSync.MobilinkSyncActiveX)
O16 - DPF: {CFF61A0C-62A0-47FA-8F2D-8A7EC3E20E89} http://71.96.1.21/clientD4.cab (Client Control)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/...SetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/11 17:39:46 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/04/08 15:04:30 | 000,000,000 | ---D | C] -- C:\Users\Shayla Potter\Documents\Bank Statements
[2007/12/07 13:58:22 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll
[2007/12/07 13:58:22 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll
[2007/12/07 13:58:22 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll
[2007/12/07 13:58:21 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll
[2007/12/07 13:58:21 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll
[2007/12/07 13:58:20 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll
[2007/12/07 13:58:20 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll
[2007/12/07 13:58:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll
[2007/12/07 13:58:20 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll
[2007/12/07 13:58:19 | 000,380,928 | ---- | C] ( ) -- C:\Windows\System32\dlcxih.exe
[2007/12/07 13:58:18 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll
[2007/12/07 13:58:17 | 000,532,480 | ---- | C] ( ) -- C:\Windows\System32\dlcxcoms.exe
[2007/12/07 13:58:16 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll
[2007/12/07 13:58:16 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll
[2007/12/07 13:58:16 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcxcfg.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/11 20:15:56 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/11 19:47:13 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/11 19:47:02 | 000,613,032 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/11 19:47:02 | 000,107,990 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/11 19:44:39 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/04/11 19:41:53 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2011/04/11 19:41:48 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/11 19:41:48 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/11 19:41:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/11 17:39:46 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/04/09 17:50:25 | 000,015,767 | ---- | M] () -- C:\Users\Shayla Potter\Documents\receipt wizard.ods
[2011/04/09 17:34:00 | 000,033,021 | ---- | M] () -- C:\Users\Shayla Potter\Documents\https___employee.bnsf.com_cgi-bin_enme_bra_,DanaInfo=.aueruh+view_bulletins.cgi_FILE=Signal_Signal%20Bid%20Sheet.pdf
[2011/04/09 00:10:35 | 000,145,920 | ---- | M] () -- C:\Users\Shayla Potter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/08 09:32:25 | 000,003,677 | ---- | M] () -- C:\Users\Shayla Potter\Documents\List of Stores.odb
[2011/04/06 22:49:59 | 000,046,433 | ---- | M] () -- C:\Users\Shayla Potter\Desktop\Budget year look.ods
[2011/04/06 17:45:12 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/27 08:47:10 | 000,542,649 | ---- | M] () -- C:\Users\Shayla Potter\Documents\cakepaste.odg
[2011/03/14 16:40:05 | 000,001,248 | RHS- | M] () -- C:\Users\Shayla Potter\ntuser.pol
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/09 17:50:24 | 000,015,767 | ---- | C] () -- C:\Users\Shayla Potter\Documents\receipt wizard.ods
[2011/04/09 17:34:00 | 000,033,021 | ---- | C] () -- C:\Users\Shayla Potter\Documents\https___employee.bnsf.com_cgi-bin_enme_bra_,DanaInfo=.aueruh+view_bulletins.cgi_FILE=Signal_Signal%20Bid%20Sheet.pdf
[2011/04/08 09:21:36 | 000,003,677 | ---- | C] () -- C:\Users\Shayla Potter\Documents\List of Stores.odb
[2011/04/06 17:45:12 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/03/27 08:47:03 | 000,542,649 | ---- | C] () -- C:\Users\Shayla Potter\Documents\cakepaste.odg
[2010/09/02 17:43:47 | 000,127,304 | ---- | C] () -- C:\Windows\hppins01.dat
[2010/09/02 17:43:47 | 000,002,235 | ---- | C] () -- C:\Windows\hppmdl01.dat
[2010/06/04 19:58:02 | 000,000,632 | ---- | C] () -- C:\Windows\CoD.INI
[2010/05/12 21:08:41 | 000,102,912 | ---- | C] () -- C:\Windows\System32\swscale-0.7.2.dll
[2010/05/12 21:08:40 | 000,877,056 | ---- | C] () -- C:\Windows\System32\avcodec-52.45.0.dll
[2010/05/12 21:08:40 | 000,077,312 | ---- | C] () -- C:\Windows\System32\avformat-52.46.0.dll
[2010/05/12 21:08:40 | 000,049,152 | ---- | C] () -- C:\Windows\System32\avutil-50.7.0.dll
[2010/05/12 21:08:40 | 000,004,608 | ---- | C] () -- C:\Windows\System32\avdevice-52.2.0.dll
[2010/05/12 21:08:39 | 000,015,360 | ---- | C] () -- C:\Windows\System32\AVC_AP_JPEG.dll
[2010/05/12 21:08:39 | 000,005,632 | ---- | C] () -- C:\Windows\System32\AVC_AP_SCALE.dll
[2010/05/12 21:08:37 | 000,877,568 | ---- | C] () -- C:\Windows\System32\avcodec-52.dll
[2010/05/12 21:08:37 | 000,323,584 | ---- | C] () -- C:\Windows\System32\Deinterlace.dll
[2010/05/12 21:08:37 | 000,120,320 | ---- | C] () -- C:\Windows\System32\swscale-0.dll
[2010/05/12 21:08:37 | 000,075,776 | ---- | C] () -- C:\Windows\System32\avformat-52.dll
[2010/05/12 21:08:37 | 000,046,592 | ---- | C] () -- C:\Windows\System32\avutil-50.dll
[2010/05/12 21:08:37 | 000,004,608 | ---- | C] () -- C:\Windows\System32\avdevice-52.dll
[2010/04/09 10:40:43 | 000,006,550 | ---- | C] () -- C:\Windows\jautoexp.dat
[2010/03/31 07:41:41 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_AP_H264.dll
[2010/03/31 07:41:39 | 000,176,128 | ---- | C] () -- C:\Windows\System32\AVC_H264.dll
[2010/03/31 07:41:39 | 000,015,360 | ---- | C] () -- C:\Windows\System32\AVC_JPEG.dll
[2010/03/21 16:35:33 | 000,127,390 | ---- | C] () -- C:\Windows\hppins01.dat.temp
[2010/03/21 16:35:33 | 000,002,235 | ---- | C] () -- C:\Windows\hppmdl01.dat.temp
[2010/03/10 09:06:24 | 000,000,834 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2010/03/06 11:30:12 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/01/18 23:58:16 | 000,000,134 | ---- | C] () -- C:\Windows\System32\AddPort.ini
[2009/12/22 13:56:08 | 013,869,056 | ---- | C] () -- C:\Windows\System32\DdvrRes.dll
[2009/09/22 16:49:38 | 000,145,920 | ---- | C] () -- C:\Users\Shayla Potter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/16 19:07:21 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/16 19:07:21 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/18 12:53:13 | 000,000,788 | ---- | C] () -- C:\Users\Shayla Potter\AppData\Roaming\wklnhst.dat
[2009/08/12 11:10:45 | 000,000,028 | ---- | C] () -- C:\Windows\pdf995.ini
[2009/07/13 21:44:08 | 000,000,680 | ---- | C] () -- C:\Users\Shayla Potter\AppData\Local\d3d9caps.dat
[2009/07/09 16:16:51 | 000,098,136 | ---- | C] () -- C:\Windows\gzip.exe
[2009/06/29 10:22:54 | 000,000,060 | ---- | C] () -- C:\Windows\wpd99.drv
[2009/06/29 10:22:51 | 000,051,716 | ---- | C] () -- C:\Windows\System32\pdf995mon.dll
[2009/06/09 09:02:54 | 000,000,716 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/06/09 09:02:54 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/06/07 22:45:40 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/06/04 11:32:32 | 000,000,032 | ---- | C] () -- C:\Windows\System32\ClientD4.bin
[2008/12/29 15:36:46 | 005,636,096 | ---- | C] () -- C:\Windows\System32\H264_D4.dll
[2008/12/20 21:41:54 | 000,000,084 | ---- | C] () -- C:\Windows\WSST_Screen_Saver.ini
[2008/12/20 21:41:52 | 000,180,224 | ---- | C] () -- C:\Windows\UninstallWSST.exe
[2008/08/22 19:22:21 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2008/08/01 03:00:44 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/05 09:37:57 | 000,000,261 | ---- | C] () -- C:\Windows\disney.ini
[2008/04/10 13:53:38 | 000,000,093 | ---- | C] () -- C:\Windows\lexstat.ini
[2008/04/09 17:38:59 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/01/09 08:39:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\DvsNDKEx.dll
[2007/12/07 14:02:22 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll
[2007/12/07 13:59:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2007/12/07 13:59:46 | 000,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2007/12/07 13:58:22 | 000,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll
[2007/12/07 13:58:21 | 000,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll
[2007/12/07 13:58:19 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll
[2007/12/07 13:58:19 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll
[2007/12/07 13:58:19 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll
[2007/12/07 13:58:19 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll
[2007/12/07 13:58:18 | 000,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll
[2007/12/07 13:58:17 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll
[2007/12/07 13:58:17 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll
[2007/12/07 13:58:17 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll
[2007/10/06 02:28:42 | 001,658,671 | ---- | C] () -- C:\Windows\System32\avcodec.dll
[2007/08/24 06:39:10 | 000,434,270 | ---- | C] () -- C:\Windows\System32\Mp4ADecoder.dll
[2007/04/17 22:21:44 | 000,011,192 | ---- | C] () -- C:\Windows\DVRWebGUI.ini
[2007/03/19 05:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 05:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 05:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 05:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 05:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 05:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2006/11/10 17:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,534,144 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,613,032 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,107,990 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/22 06:42:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/09/06 05:13:14 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcfg.dll
[2006/08/08 14:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll
[2006/07/25 13:28:38 | 000,000,485 | ---- | C] () -- C:\Windows\System32\hpp2800V.dat
[2006/04/24 14:09:58 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll
[2006/03/19 19:03:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll
[2006/01/31 23:30:32 | 000,028,672 | ---- | C] () -- C:\Windows\System32\TextOverlayEx.dll
[2005/11/16 02:57:48 | 000,032,768 | ---- | C] () -- C:\Windows\System32\Audio.dll
[2005/02/03 12:31:00 | 000,032,768 | ---- | C] () -- C:\Windows\System32\compJNI.dll
[2004/08/20 08:02:52 | 000,102,400 | ---- | C] () -- C:\Windows\System32\PMLJNI.dll
[2004/08/03 00:30:56 | 000,024,576 | ---- | C] () -- C:\Windows\System32\decompress.dll
[2004/07/07 07:18:40 | 000,024,576 | ---- | C] () -- C:\Windows\System32\CreateAvi.dll
[2004/05/05 05:22:40 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AudioACM.dll
[2003/08/18 05:55:47 | 000,086,016 | ---- | C] () -- C:\Windows\System32\LXBKIH.EXE
[2003/08/18 05:46:38 | 000,077,824 | ---- | C] () -- C:\Windows\System32\LXBKLCNP.DLL
[2002/12/07 14:21:02 | 000,053,248 | ---- | C] () -- C:\Windows\System32\kdbbase.dll
[2002/12/07 11:53:24 | 000,049,152 | ---- | C] () -- C:\Windows\System32\tools.dll
[2002/11/13 10:40:22 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2002/09/13 06:40:06 | 000,000,266 | ---- | C] () -- C:\Windows\System32\lxbkcoin.ini
[2002/09/13 01:14:16 | 000,036,864 | ---- | C] () -- C:\Windows\System32\netdecdll.dll
[2002/01/15 15:26:46 | 000,102,400 | ---- | C] () -- C:\Windows\System32\kcodec.dll
[2001/07/07 05:00:00 | 000,003,399 | ---- | C] () -- C:\Windows\System32\hptcpmon.ini
[2001/03/28 12:37:14 | 000,000,033 | ---- | C] () -- C:\Windows\hppcap.ini
[2001/01/19 10:50:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE

========== LOP Check ==========

[2011/03/01 22:01:26 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\BitTorrent
[2009/11/25 08:43:35 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\E-centives
[2010/03/06 11:30:15 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\FreeAudioPack
[2011/01/31 23:16:12 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\Juniper Networks
[2009/08/26 21:15:36 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\MusicNet
[2009/08/17 06:46:48 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\OpenOffice.org
[2009/08/17 13:30:02 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\pdf995
[2010/03/10 10:05:26 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\SmartDraw
[2011/03/02 12:38:09 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\SystemRequirementsLab
[2009/08/18 12:53:32 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\Template
[2010/06/23 11:25:47 | 000,000,000 | ---D | M] -- C:\Users\Shayla Potter\AppData\Roaming\WinSesame
[2011/04/11 17:41:59 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:AA3339BE
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:69F4A9BE
@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:AD6273E0
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:8EC55520
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A52C3C4A
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:FE53E4F7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:376AEA88
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:819BEFD3
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:81A5201B
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:E33EA293
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:08AC8A76
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:EA031481

< End of report >






OTL Extras logfile created on: 4/11/2011 8:20:04 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Shayla Potter\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 47.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.78 Gb Total Space | 104.65 Gb Free Space | 46.98% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.96 Gb Free Space | 49.60% Space Free | Partition Type: NTFS
Drive E: | 485.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: BNSS-LEASED | User Name: Shayla Potter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FE1334-F96F-4A31-9BDF-C8623A946349}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{07C168D7-8DCA-4031-A6E6-014AF06650E1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0A4C26AD-542E-47BE-96AD-2DA4305F7C71}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{0B30A2BB-C2D2-4252-BD3A-99E9022E77EA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{29416A31-0822-40FE-8454-10F3698BA425}" = lport=5985 | protocol=6 | dir=in | app=system |
"{2C45980B-426D-4013-A11C-BD0D231E294B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2C5B34AE-011E-4DC1-AF88-782E235B488C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{2F010B80-7C51-495B-A9AA-9CA82989A73F}" = lport=445 | protocol=6 | dir=in | app=system |
"{4704D5EC-08B1-42AD-A004-C3DFAD428D10}" = rport=445 | protocol=6 | dir=out | app=system |
"{486047E6-B929-4C69-AFB1-020C4D1246C3}" = rport=1723 | protocol=6 | dir=out | app=system |
"{4A4B1279-D3AF-4442-A29B-007D9D221FD9}" = lport=445 | protocol=6 | dir=in | app=system |
"{532F8B00-A147-406A-AE1C-EE9159215B2A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{574B6CCA-57FE-4EE5-826A-1909AA690555}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AEDCB3D-9296-40D5-B438-FFB64A177A95}" = lport=1701 | protocol=17 | dir=in | app=system |
"{620CA7F3-1A2E-41FE-8D32-9150C9617E9D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D7E3D43-8B6B-4507-A2CE-517764F618F8}" = rport=2869 | protocol=6 | dir=out | app=system |
"{72376B2E-0624-439C-A013-EB2EBD676A54}" = lport=5225 | protocol=17 | dir=in | name=printer vdp |
"{782C4774-F07E-4520-8596-A6957D8CEBFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{792F9567-EB4E-4006-8F72-D02062B20464}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{793E667B-7CB9-41F4-92F7-3F1947CC25AD}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{7CA8B3B9-550A-44EB-A425-48F344E01D60}" = rport=138 | protocol=17 | dir=out | app=system |
"{7FB78B48-988F-44FB-BF1C-E13AF07B6282}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7FEC1441-855A-4C7D-8786-31786EE289F3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8157D499-A97B-4046-8CF6-426936E7726A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{8ED99DAD-9074-49EE-925B-A9550CF4C6EC}" = lport=1723 | protocol=6 | dir=in | app=system |
"{8F5FF4BA-5228-4B33-AABA-C43DB8C86273}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{900F444D-979D-477E-B4BE-DB59F94F95DA}" = lport=5225 | protocol=6 | dir=in | name=printer |
"{97EA716D-AF40-4FF0-9371-6380DAE529ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{A7CED243-7308-4A82-A5F7-3E435BB6315C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A7DA6DDE-2665-46A6-A18D-9B65E540C756}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9078F22-A548-4157-9BA6-8B62BEC806F0}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{B0888647-0174-4BDE-8B14-7D7E62DF5344}" = lport=80 | protocol=6 | dir=in | [email protected],-50 |
"{B2F413FA-7E07-4290-A147-51951FD8F58E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{B5ACBE6A-F6D7-4C95-B4FC-6B56F1CFA82B}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BD228905-B62C-4DF3-8F41-7EABD906B4CE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4999971-13F6-4913-99DC-9CD0F8264100}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4C13853-5E8C-4DB0-82E4-56713833591B}" = lport=445 | protocol=6 | dir=in | app=system |
"{C5837DE9-49C4-416C-BB71-DF1AEB6B41C3}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{CE4A4D0C-D77C-43A1-8D09-209E8988CAA5}" = lport=rpc | protocol=6 | dir=in | svc=* | app=c:\windows\system32\svchost.exe |
"{D5D76658-32DD-43F7-A5BA-593A72C00704}" = rport=137 | protocol=17 | dir=out | app=system |
"{D6D7692B-D514-4514-A46E-A93CDCB3786E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9EBEE9D-CADB-4BAB-885F-244FCEBCABCF}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D9F9B232-0D16-4871-9D46-006530DB0C9B}" = lport=139 | protocol=6 | dir=in | app=system |
"{E14C6AED-994E-487E-A9FC-4C403971334F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E4DF2884-6203-4330-99B9-7CE549AEB6DD}" = rport=139 | protocol=6 | dir=out | app=system |
"{E85F3D6B-4B07-4ECD-A320-F74EF087049B}" = lport=445 | protocol=6 | dir=in | app=system |
"{EEED976F-699D-416C-A944-77E6EBA1B4C2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F2D9D876-6C2C-4E03-965A-B05E2243CC88}" = lport=138 | protocol=17 | dir=in | app=system |
"{FA9AF558-E4FB-4A63-8277-A4B0ED8C4D7B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{FE764B4F-A110-4E5D-94B2-DC871A404489}" = rport=1701 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D5CAE7A-280F-40E9-AEAF-384A911D1345}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{1B5DC9B3-A64C-4124-BDBF-B3DC0D1CB0B1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{22EF1D6A-583E-4E22-9AFC-01F94465DF86}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C3EC3EB-BDD0-451B-B066-3209B47B45B2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44399A32-BA2F-4FC0-BC70-8A0E8FD0FBF7}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{4969A06D-748E-4545-8432-B5E0F69B3700}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{505614ED-A6A0-4C1D-B749-B82467AAE10F}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{56E5E118-06B4-4218-BA25-499C3B674061}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5CB2FD23-1816-4740-BBAB-D416D55EB5DE}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{5D127D00-8459-4860-B615-586AD6CA3746}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{6A745E68-9352-4B85-ABBA-963377070CA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{748B5FCB-5566-4D53-9FCB-8058C49C6F49}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{75484504-FD69-40BE-8F09-082AF97C2776}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{77E7AB39-D552-40FC-9E32-A45840AB6CEA}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{7A80364D-D73D-4037-8E24-3F55CE3971A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B5EFF5F-4C97-4577-A9E2-1FD653FCEA6B}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{82874D93-86DB-4B0C-9D14-71EB4B8DDA96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9060324B-8CFB-41C0-9706-93362228D974}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9D3C453C-DE03-4BF1-A47E-1C0251D12A4B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A489724F-5A4A-4FA7-8C44-D41D8032F469}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{A8013A8B-D120-41FC-999A-483EE83D35C3}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{AEA0BD35-A72E-41C2-B4B4-DD6159E906AB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B4FE8F7E-2E16-4F28-854C-89BD08460FED}" = dir=out | svc=sharedaccess | app=c:\windows\system32\svchost.exe |
"{B8C0B0F2-9B31-48FD-8A67-264FEE7C91B4}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{BEF7E799-4B48-477F-8BDC-F2139E282D10}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C27A2989-753C-4545-96EC-06E5B89D85B9}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{CA3B7033-9679-4E98-989E-E4928BB2ECF6}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CDE64441-851E-4950-9086-D36CED50AF12}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{CF3F1C2E-12B5-47B5-8614-EEA33474929F}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{CFEC743F-2B6E-4ABB-BCBD-45398281B07A}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{E5580D7B-F62C-4A05-AF25-930013FD9C67}" = protocol=6 | dir=out | app=system |
"{E964C8B6-64F5-4418-8992-0295269EB1FA}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{ED69E852-B26F-479B-8E00-B98B5044B0FC}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{F87E1238-ECD8-4C4D-95EF-9D6982D98CAC}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{FC97FBE0-5A83-45A1-9010-E5E606BC97BE}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"TCP Query User{03377708-7AA7-4AFB-93E0-884D368DA5D4}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{0953E3C5-8959-49AF-9DBE-BE59A3050DB6}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe |
"TCP Query User{24D4599C-C072-4D0B-9FBD-0E458620D486}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{3C10D0F0-B277-4028-A83F-D09F69100982}C:\users\public\games\world of warcraft trial\wow-3.3.3.11685-to-3.3.5.12213-enus-trial-downloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft trial\wow-3.3.3.11685-to-3.3.5.12213-enus-trial-downloader.exe |
"TCP Query User{61A1DF5C-C7B1-4808-8838-FE8B38AA6865}C:\users\public\games\world of warcraft trial\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft trial\launcher.exe |
"TCP Query User{77666501-3BDC-45D9-B0CE-69F1FB5742BC}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |
"TCP Query User{8D7C38D2-21C3-46D9-9661-A82E89AFBE70}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe |
"TCP Query User{8F5C24E9-46B0-4B59-B7E5-9D9AD563EEDC}C:\program files\pocket tanks\pockettanks.exe" = protocol=6 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |
"TCP Query User{B8DFEA0F-4D12-4138-AFB3-A2419BD5D474}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{BC94B49A-88ED-4BBA-9A50-62021F9065E7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DD49B455-91A7-447A-A147-86754DB4AEBF}C:\program files\team17\worms armageddon\wa.exe" = protocol=6 | dir=in | app=c:\program files\team17\worms armageddon\wa.exe |
"TCP Query User{E4467E63-334B-4AE8-BF25-7BEE8235CA9A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{138757B8-CB9B-4030-8527-B3CD9959604F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{23462861-B1E4-44C9-A531-3851BBDF4FF4}C:\program files\pocket tanks\pockettanks.exe" = protocol=17 | dir=in | app=c:\program files\pocket tanks\pockettanks.exe |
"UDP Query User{2A5BC021-2D22-4643-82FE-DCD281942E2F}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe |
"UDP Query User{3186032E-8748-4002-ACBF-8857533B79D8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4B0FF1CB-1D13-4732-8A72-E80B0EF9AC57}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe |
"UDP Query User{63B77B92-918A-4E1C-A9C3-9BB7717CE2E8}C:\users\public\games\world of warcraft trial\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft trial\launcher.exe |
"UDP Query User{AAB90088-DA3E-49D8-802B-5990184D2AC3}C:\users\public\games\world of warcraft trial\wow-3.3.3.11685-to-3.3.5.12213-enus-trial-downloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft trial\wow-3.3.3.11685-to-3.3.5.12213-enus-trial-downloader.exe |
"UDP Query User{B17062E3-2543-4DB6-893F-C9512144B9E8}C:\program files\java\jre1.6.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\java.exe |
"UDP Query User{C812A600-96BB-4D24-88CA-E1D63224E64B}C:\program files\team17\worms armageddon\wa.exe" = protocol=17 | dir=in | app=c:\program files\team17\worms armageddon\wa.exe |
"UDP Query User{C9B631DF-944E-4873-91F6-B28CACD9C6C3}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{DF4A6181-866D-43BF-9FC7-577CA8AF19D7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{FCA6B8BB-D1B1-43BF-BA25-EC5E7F2FD8BF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0B023593-E50E-4B7F-868A-68553D8DFAF5}" = hppscan2800
"{0BEA216B-D17C-47E1-A932-0289D54F35F1}" = hppScanTo
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 24
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2F471509-1144-4997-8E22-6F19496723BA}" = hppTLBX2840Help
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57DA304D-27B0-40D1-A796-92CEFF20FA32}" = hppIOFiles
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5A887B90-4DD1-492F-924F-FB27BC8C4D71}" = Dora Knows Your Name
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B72304B-8204-4819-ABE4-3837485D1BF8}" = hppFaxDrv
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B0459A-6BFB-45B4-AF97-3799B8FE8A10}" = hppTooCool
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CA4F780-7AD0-417A-82A1-46EB825CFD53}" = HP Managed Printing Admin
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD8CD806-45C6-4A8C-95B5-4C55778FEBEB}" = hppSendFax
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B13F9676-15B9-4F5D-9FF3-C3CC56BAC641}" = hppCLJ2800
"{B700113B-24A8-4D4C-8484-0CC944F764C8}" = Google SketchUp 8
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B8910E04-E0A0-4FC4-9E0A-E8259239F10E}" = hppTLBX2840
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C2F34782-CE15-4524-951D-75204560F75A}" = hppDustDevil
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D8AC1EB5-E8B0-44A0-B113-899407188A2F}" = hppFonts
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F423FA4E-D2BC-4FE4-B8F9-1BFC26A5DE9C}" = hppManuals2800
"{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AT&T Yahoo! Browser Configuration" = AT&T Yahoo! Browser Configuration
"avast" = avast! Free Antivirus
"Belltech Business Card Designer Pro 5.2.1_is1" = Belltech Business Card Designer Pro 5.2.1
"BitTorrent" = BitTorrent
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Debut" = Debut Video Capture Software
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"Homestead SiteBuilder" = Homestead SiteBuilder
"HP Color LaserJet 2820/2830/2840" = HP Color LaserJet 2820/2830/2840 3.1
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"iVerio_0" = iVerio Demo
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Lexmark X1100 Series" = Lexmark X1100 Series
"Magic Pack for Pocket Tanks Deluxe_is1" = Magic Pack v1.0 for Pocket Tanks Deluxe
"MDI2PDF (Microsoft Office Document Image) Converter_is1" = MDI2PDF 2.4
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"NAVIGON Fresh" = NAVIGON Fresh 1.4.9
"Neon Wars_is1" = Neon Wars v1.11a
"Nuke Pack for Pocket Tanks Deluxe_is1" = Nuke Pack v1.1 for Pocket Tanks Deluxe
"NVIDIA Drivers" = NVIDIA Drivers
"OSA Kit Pro Player" = OSA Kit Pro Player v4.0 1.0
"Pdf995" = Pdf995
"PIXresizer_is1" = PIXresizer 2.0.4
"Pocket Tanks_is1" = Pocket Tanks v1.3
"Prism" = Prism Video File Converter
"ProStoresStoreMonitor" = ProStores Store Monitor (remove only)
"Search Toolbar" = Search Toolbar
"Super DX-Ball_is1" = Super DX-Ball v1.1
"SystemRequirementsLab" = System Requirements Lab
"TmNationsForever_is1" = TmNationsForever
"ToolBox" = NCH Toolbox
"Tremulous" = Tremulous 1.1.0
"Video Viewer" = Video Viewer
"VideoPad" = VideoPad Video Editor
"WebCamera Plus_is1" = WebCamera Plus 2.1.1
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Networks_Cache_Cleaner 6.1.0" = Juniper Networks Cache Cleaner 6.1.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/14/2011 10:14:29 PM | Computer Name = BNSS-Leased | Source = Application Error | ID = 1000
Description = Faulting application jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f,
faulting module jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f, exception
code 0xc0000005, fault offset 0x0000c940, process id 0xa64, application start time
0x01cbe2b6b5756464.

Error - 3/16/2011 10:56:06 PM | Computer Name = BNSS-Leased | Source = EventSystem | ID = 4622
Description =

Error - 3/17/2011 6:13:27 PM | Computer Name = BNSS-Leased | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.3989, time
stamp 0x4cf928fc, faulting module ntdll.dll, version 6.0.6002.18327, time stamp
0x4cb73436, exception code 0xc0000005, fault offset 0x00048822, process id 0x152c,
application start time 0x01cbe4c57e171a17.

Error - 3/19/2011 12:39:54 AM | Computer Name = BNSS-Leased | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 3/21/2011 10:14:22 PM | Computer Name = BNSS-Leased | Source = Application Error | ID = 1000
Description = Faulting application jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f,
faulting module jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f, exception
code 0xc0000005, fault offset 0x0000c940, process id 0xc8c, application start time
0x01cbe836d9b2b90e.

Error - 3/25/2011 4:29:31 AM | Computer Name = BNSS-Leased | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 3/28/2011 10:14:22 PM | Computer Name = BNSS-Leased | Source = Application Error | ID = 1000
Description = Faulting application jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f,
faulting module jaucheck.exe, version 2.0.3.1, time stamp 0x4ccb415f, exception
code 0xc0000005, fault offset 0x0000c940, process id 0x1df0, application start time
0x01cbedb702b93982.

Error - 3/30/2011 4:58:18 PM | Computer Name = BNSS-Leased | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 3/31/2011 5:35:57 PM | Computer Name = BNSS-Leased | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 4/2/2011 9:19:52 AM | Computer Name = BNSS-Leased | Source = Application Hang | ID = 1002
Description = The program dora.exe version 10.1.0.11 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 1894 Start Time: 01cbf13874e92e52 Termination Time: 248

[ System Events ]
Error - 4/9/2011 6:56:29 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/9/2011 6:56:29 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/9/2011 7:14:06 PM | Computer Name = BNSS-Leased | Source = LSM | ID = 1048
Description =

Error - 4/9/2011 7:15:13 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/9/2011 7:15:13 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/9/2011 7:32:43 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7011
Description =

Error - 4/11/2011 8:42:23 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/11/2011 8:42:23 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7000
Description =

Error - 4/11/2011 8:42:28 PM | Computer Name = BNSS-Leased | Source = Service Control Manager | ID = 7034
Description =

Error - 4/11/2011 8:42:28 PM | Computer Name = BNSS-Leased | Source = LSM | ID = 1048
Description =


< End of report >

Edited by crybaby, 11 April 2011 - 07:42 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP