OTViewIt logfile created on: 8/29/2008 7:09:18 PM - Run 1 OTViewIt by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Thadeus McGriddle\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1014.05 Mb Total Physical Memory | 548.51 Mb Available Physical Memory | 54.09% Memory free 2.38 Gb Paging File | 2.02 Gb Available in Paging File | 84.88% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.47 Gb Total Space | 53.34 Gb Free Space | 71.62% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 491.23 Mb Total Space | 221.05 Mb Free Space | 45.00% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: THADEUS-F4061AA Current User Name: Thadeus McGriddle Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Whitelist: On ===== Processes - Non-Microsoft Only ===== [11/02/2006 04:48 AM | 00,020,480 | ---- | M] () - C:\WINDOWS\system32\WLTRYSVC.EXE [12/14/2005 09:41 AM | 00,077,824 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\hkcmd.exe [12/14/2005 09:45 AM | 00,118,784 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxpers.exe [05/21/2007 10:16 AM | 00,457,728 | ---- | M] (SlySoft, Inc.) - C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [12/14/2005 09:41 AM | 00,159,744 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxsrvc.exe ===== Win32 Services - Non-Microsoft Only ===== (SavRoam) SavRoam [On_Demand | Stopped] [04/18/2005 04:30 AM | 00,124,608 | ---- | M] (symantec) - C:\Program Files\Symantec AntiVirus\SavRoam.exe (wltrysvc) Dell Wireless WLAN Tray Service [Auto | Running] [11/02/2006 04:48 AM | 00,020,480 | ---- | M] () - C:\WINDOWS\system32\WLTRYSVC.EXE (getPlus(R) Helper) getPlus(R) Helper [On_Demand | Stopped] [06/26/2008 10:24 AM | 00,031,592 | ---- | M] (NOS Microsystems Ltd.) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe ===== Driver Services - Non-Microsoft Only ===== (Afc) PPdus ASPI Shell [On_Demand | Running] [02/24/2005 06:58 AM | 00,011,776 | ---- | M] (Arcsoft, Inc.) - C:\WINDOWS\system32\drivers\afc.sys (AnyDVD) AnyDVD [On_Demand | Running] [04/05/2006 05:42 AM | 00,019,200 | ---- | M] (SlySoft, Inc.) - C:\WINDOWS\system32\drivers\AnyDVD.sys (APPDRV) APPDRV [System | Running] [08/13/2005 08:50 AM | 00,016,128 | ---- | M] (Dell Inc) - C:\WINDOWS\system32\drivers\APPDRV.SYS (cercsr6) cercsr6 [Boot | Stopped] [12/14/2004 06:14 AM | 00,039,904 | ---- | M] (Adaptec, Inc.) - C:\WINDOWS\System32\drivers\cercsr6.sys (ElbyCDIO) ElbyCDIO Driver [Auto | Running] [04/21/2005 08:40 PM | 00,010,624 | ---- | M] (Elaborate Bytes AG) - C:\WINDOWS\system32\drivers\ElbyCDIO.sys (ialm) ialm [On_Demand | Running] [12/14/2005 10:09 AM | 01,364,574 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ialmnt5.sys (PAC7311) VGA USB Camera [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\PA707UCM.SYS (SASDIFSV) SASDIFSV [System | Running] [06/14/2008 10:22 AM | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SASENUM) SASENUM [On_Demand | Stopped] [02/16/2006 05:51 PM | 00,004,096 | R--- | M] (SuperAdBlocker, Inc.) - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (SASKUTIL) SASKUTIL [System | Running] [06/14/2008 10:22 AM | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (UIUSys) Conexant Setup API [On_Demand | Stopped] File not found - C:\WINDOWS\System32\DRIVERS\UIUSYS.SYS ========== Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher" = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [06/12/2008 02:38 AM | 00,034,672 | ---- | M] (Adobe Systems Incorporated) "AnyDVD" = C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [05/21/2007 10:16 AM | 00,457,728 | ---- | M] (SlySoft, Inc.) "Apoint" = C:\Program Files\Apoint\Apoint.exe [10/08/2005 06:13 AM | 00,176,128 | R--- | M] (Alps Electric Co., Ltd.) "AppleSyncNotifier" = C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [07/22/2008 08:42 PM | 00,116,040 | ---- | M] (Apple Inc.) "Broadcom Wireless Manager UI" = C:\WINDOWS\system32\WLTRAY.exe [11/02/2006 04:48 AM | 01,392,640 | ---- | M] (Dell Inc.) "ccApp" = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [04/09/2005 07:52 AM | 00,048,752 | ---- | M] (Symantec Corporation) "DVDLauncher" = "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [04/07/2006 02:51 AM | 00,049,152 | ---- | M] (CyberLink Corp.) "HP Software Update" = "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [09/14/2004 07:49 AM | 00,049,152 | ---- | M] (Hewlett-Packard Company) "igfxhkcmd" = C:\WINDOWS\system32\hkcmd.exe [12/14/2005 09:41 AM | 00,077,824 | ---- | M] (Intel Corporation) "igfxpers" = C:\WINDOWS\system32\igfxpers.exe [12/14/2005 09:45 AM | 00,118,784 | ---- | M] (Intel Corporation) "igfxtray" = C:\WINDOWS\system32\igfxtray.exe [12/14/2005 09:44 AM | 00,098,304 | ---- | M] (Intel Corporation) "iTunesHelper" = "C:\Program Files\iTunes\iTunesHelper.exe" [07/30/2008 10:47 AM | 00,289,064 | ---- | M] (Apple Inc.) "Monitor" = C:\WINDOWS\PixArt\PAC7311\Monitor.exe [11/03/2006 11:01 AM | 00,319,488 | ---- | M] (PixArt Imaging Incorporation) "MSPY2002" = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC [08/04/2004 07:00 PM | 00,059,392 | ---- | M] () "NeroFilterCheck" = C:\WINDOWS\system32\NeroCheck.exe [07/10/2001 03:50 AM | 00,155,648 | ---- | M] (Ahead Software Gmbh) "QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [05/27/2008 10:50 AM | 00,413,696 | ---- | M] (Apple Inc.) "SigmatelSysTrayApp" = stsystra.exe [07/28/2006 06:19 AM | 00,282,624 | ---- | M] (SigmaTel, Inc.) "SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [06/10/2008 04:27 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) "vptray" = C:\PROGRA~1\SYMANT~1\VPTray.exe [04/18/2005 04:30 AM | 00,085,184 | ---- | M] (Symantec Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "getPlusUninstall" = "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1 [06/26/2008 10:24 AM | 00,031,592 | ---- | M] (NOS Microsystems Ltd.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Acidcast" = C:\DOCUME~1\THADEU~1\APPLIC~1\MP3HID~1\Activeplaydrive.exe File not found [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ========== Startup Folders ========== [All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup] [11/05/2004 11:28 AM | 00,258,048 | ---- | M] (Hewlett-Packard Co.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/05/2004 11:50 AM | 00,053,248 | ---- | M] (Hewlett-Packard Co.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [09/30/2006 03:55 AM | 00,057,344 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk = C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [Thadeus McGriddle Startup Folder - C:\Documents and Settings\Thadeus McGriddle\Start Menu\Programs\Startup] ========== BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] HKLM CLSID: (Adobe PDF Link Helper) - [06/11/2008 10:33 PM | 00,075,128 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] HKLM CLSID: (Skype add-on (mastermind)) - [02/01/2008 05:22 PM | 01,377,576 | ---- | M] (Skype Technologies S.A.) C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] HKLM CLSID: (Google Toolbar Helper) - [05/21/2007 07:56 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar1.dll ========== Toolbars ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" HKLM CLSID: (&Google) - [05/21/2007 07:56 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar1.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}" HKLM CLSID: (&Google) - [05/21/2007 07:56 PM | 02,403,392 | R--- | M] (Google Inc.) c:\Program Files\Google\GoogleToolbar1.dll ========== AppInit_Dlls ========== ========== Shell Execute Hooks ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" = HKLM CLSID: (SABShellExecuteHook Class) - [06/14/2008 10:22 AM | 00,077,824 | ---- | M] (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL ========== HKLM Security Providers ========== ========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] "Explorer.exe" - [06/13/2007 07:23 PM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] "C:\WINDOWS\system32\userinit.exe" - [08/04/2004 07:00 PM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] "logonui.exe" - [08/04/2004 07:00 PM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] "rundll32 shell32" - [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll "Control_RunDLL "sysdm.cpl"" - [08/04/2004 07:00 PM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ========== User's Winlogon Settings ========== ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] "DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [04/19/2007 01:41 PM | 00,294,912 | ---- | M] (SUPERAntiSpyware.com) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] "DllName" = C:\WINDOWS\system32\igfxdev.dll [12/14/2005 09:40 AM | 00,139,264 | ---- | M] (Intel Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] "DllName" = C:\WINDOWS\system32\NavLogon.dll [04/18/2005 04:30 AM | 00,043,712 | ---- | M] (Symantec Corporation) ========== Policies ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System] ========== Lsa Authentication Packages ========== ========== Lsa Security Packages ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe [08/04/2004 07:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = C:\WINDOWS\network diagnostic\xpnetdiag.exe [10/10/2006 09:44 PM | 00,557,568 | ---- | M] (Microsoft Corporation) "C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe" = C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe [03/31/2006 02:51 AM | 11,747,976 | ---- | M] (Firaxis Games) "C:\Program Files\Azureus\Azureus.exe" = C:\Program Files\Azureus\Azureus.exe [05/21/2008 08:35 PM | 00,254,976 | ---- | M] (Azureus Inc) "C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe [11/26/2007 04:34 PM | 01,888,256 | ---- | M] (www.sopcast.com) "C:\Documents and Settings\Thadeus McGriddle\Application Data\SopCast\adv\SopAdver.exe" = C:\Documents and Settings\Thadeus McGriddle\Application Data\SopCast\adv\SopAdver.exe [09/17/2007 06:53 PM | 00,260,944 | ---- | M] (www.sopcast.com) "C:\Program Files\Yahoo! Games\Scrabble\Scrabble.exe" = C:\Program Files\Yahoo! Games\Scrabble\Scrabble.exe [03/31/2004 05:15 PM | 01,302,529 | ---- | M] (funkitron) "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe File not found "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe File not found "C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe [09/01/2007 09:18 PM | 02,179,072 | ---- | M] (Zhejiang University) "C:\Program Files\SopCast\sopvod.exe" = C:\Program Files\SopCast\sopvod.exe [11/20/2007 04:30 PM | 01,427,560 | ---- | M] () "C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe [11/20/2007 04:30 PM | 00,567,384 | ---- | M] (www.sopcast.com) "C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe [08/04/2004 07:00 PM | 00,083,456 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe [08/04/2004 07:00 PM | 00,033,280 | ---- | M] (Microsoft Corporation) "C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe [06/17/2007 07:14 PM | 00,096,256 | ---- | M] () "C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe [07/24/2007 03:17 PM | 00,229,376 | ---- | M] (Apple Inc.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe [07/30/2008 10:47 AM | 20,252,968 | ---- | M] (Apple Inc.) "C:\WINDOWS\system32\a.exe" = C:\WINDOWS\system32\a.exe File not found "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe [08/01/2008 10:16 PM | 00,307,712 | ---- | M] (Mozilla Corporation) "C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe File not found "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe [02/01/2008 05:22 PM | 21,898,024 | R--- | M] (Skype Technologies S.A.) ========== Desktop Components ========== ========== Safeboot Options ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot] "AlternateShell" = cmd.exe ========== Disabled MsConfig Items ========== Unable to open key or key not present! ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [] [05/21/2007 08:52 AM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01ac59fd-0739-11dc-933f-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01ac59fd-0739-11dc-933f-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01ac59fd-0739-11dc-933f-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0406571e-7b09-11dc-93e5-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0406571e-7b09-11dc-93e5-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0406571e-7b09-11dc-93e5-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11683132-584d-11dd-95a0-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11683132-584d-11dd-95a0-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{11683132-584d-11dd-95a0-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{324199b7-09cf-11dc-9346-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{324199b7-09cf-11dc-9346-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{324199b7-09cf-11dc-9346-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eb9-6d0a-11dd-95c3-00197e3e347c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eb9-6d0a-11dd-95c3-00197e3e347c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eb9-6d0a-11dd-95c3-00197e3e347c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eba-6d0a-11dd-95c3-00197e3e347c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eba-6d0a-11dd-95c3-00197e3e347c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e0e8eba-6d0a-11dd-95c3-00197e3e347c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330420-c19c-11dc-9489-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330420-c19c-11dc-9489-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330420-c19c-11dc-9489-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330421-c19c-11dc-9489-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330421-c19c-11dc-9489-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71330421-c19c-11dc-9489-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eae24c1-06ef-11dc-9179-806d6172696f}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eae24c1-06ef-11dc-9179-806d6172696f}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8eae24c1-06ef-11dc-9179-806d6172696f}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{901d799e-0737-11dc-933d-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{901d799e-0737-11dc-933d-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{901d799e-0737-11dc-933d-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95d463c2-5f6d-11dd-95ad-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95d463c2-5f6d-11dd-95ad-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95d463c2-5f6d-11dd-95ad-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9976fb4a-03cc-11dd-951a-00197e3e347c}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9976fb4a-03cc-11dd-951a-00197e3e347c}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9976fb4a-03cc-11dd-951a-00197e3e347c}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b1adca8-e141-11dc-94d6-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b1adca8-e141-11dc-94d6-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9b1adca8-e141-11dc-94d6-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d59bfbb-6106-11dc-93af-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d59bfbb-6106-11dc-93af-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d59bfbb-6106-11dc-93af-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dab1fa0-56d6-11dc-93a2-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dab1fa0-56d6-11dc-93a2-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dab1fa0-56d6-11dc-93a2-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d82d1e5e-2d85-11dd-955f-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d82d1e5e-2d85-11dd-955f-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d82d1e5e-2d85-11dd-955f-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1808895-6253-11dc-93b5-00188bc8afaf}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1808895-6253-11dc-93b5-00188bc8afaf}\Shell\Autoplay] "MUIVerb" = C:\WINDOWS\system32\shell32.dll [10/26/2007 12:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1808895-6253-11dc-93b5-00188bc8afaf}\Shell\Autoplay\DropTarget] "CLSID" = {f26a669a-bcbb-4e37-abf9-7325da15f931} ========== DNS Name Servers ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{213014C4-3259-424F-BACA-5C2C9A62DE7A}] Servers: | Description: Broadcom NetXtreme 57xx Gigabit Controller [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{9564C664-F1B2-4A12-93A5-DA77F552883D}] Servers: | Description: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{B7A59E5D-5174-4E64-9B99-FE0311C1B69C}] Servers: | Description: Dell Wireless 1490 Dual Band WLAN Mini-Card ========== Hosts File ========== HOSTS File = (698 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost ========== Files/Folders - Created Within 30 days ========== [08/25/2008 01:48 AM | ---D | C] - C:\VundoFix Backups [08/29/2008 06:45 PM | -HSD | C] - C:\Config.Msi [08/29/2008 06:50 PM | ---D | C] - C:\HostsXpert 4.2 - Hosts File Manager [08/19/2008 10:11 AM | 00,000,182 | ---- | C] () - C:\WINDOWS\System32\EBPPORT.DAT [08/19/2008 10:11 AM | 00,080,742 | ---- | C] (SEIKO EPSON CORPORATION) - C:\WINDOWS\System32\E_SL2380.DLL [08/24/2008 11:48 PM | 00,025,600 | ---- | C] () - C:\WINDOWS\System32\WS2Fix.exe [08/24/2008 11:48 PM | 00,040,960 | ---- | C] () - C:\WINDOWS\System32\swsc.exe [08/24/2008 11:48 PM | 00,051,200 | ---- | C] () - C:\WINDOWS\System32\dumphive.exe [08/24/2008 11:48 PM | 00,053,248 | ---- | C] (http://www.beyondlogic.org) - C:\WINDOWS\System32\Process.exe [08/24/2008 11:48 PM | 00,079,360 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swxcacls.exe [08/24/2008 11:48 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe [08/24/2008 11:48 PM | 00,082,432 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe [08/24/2008 11:48 PM | 00,082,944 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.exe [08/24/2008 11:48 PM | 00,086,528 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\VACFix.exe [08/24/2008 11:48 PM | 00,089,600 | ---- | C] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe [08/24/2008 11:48 PM | 00,135,168 | ---- | C] (SteelWerX) - C:\WINDOWS\System32\swreg.exe [08/24/2008 11:48 PM | 00,288,417 | ---- | C] (S!Ri) - C:\WINDOWS\System32\SrchSTS.exe [08/24/2008 11:48 PM | 00,289,144 | ---- | C] (S!Ri) - C:\WINDOWS\System32\VCCLSID.exe [08/25/2008 12:01 AM | 00,003,916 | ---- | C] () - C:\WINDOWS\System32\tmp.reg [6 C:\WINDOWS\*.tmp files] [08/25/2008 02:44 AM | ---D | C] - C:\WINDOWS\ERDNT [08/25/2008 02:02 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Malwarebytes [08/29/2008 06:38 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\NOS [08/29/2008 06:45 PM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Adobe [08/25/2008 02:02 AM | ---D | C] - C:\Documents and Settings\Thadeus McGriddle\Application Data\Malwarebytes [08/07/2008 03:40 PM | 00,035,328 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Travel Itinerary for Japan.doc [08/11/2008 04:06 PM | 00,043,571 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Hong Kong Marriage Pamphlet.pdf [08/13/2008 10:51 AM | 00,026,112 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Winter Vacation SE Asia Trip.doc [08/19/2008 02:31 PM | 00,314,973 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\KL Transit Map.pdf [08/19/2008 11:00 AM | 00,028,160 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Words to use for Kokura Minami English Camp.doc [08/22/2008 11:45 AM | 00,024,576 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Hey Kobayashi sensei.doc [08/02/2008 01:25 PM | 00,001,604 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [08/02/2008 01:27 PM | 00,002,137 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk [08/25/2008 02:02 AM | 00,000,696 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [08/29/2008 06:46 PM | 00,001,729 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [08/01/2008 10:59 AM | ---D | C] - C:\Documents and Settings\Thadeus McGriddle\Desktop\Tochiku School Stuff [08/15/2008 09:16 PM | 00,034,996 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\anna.dmv.history.MDI [08/18/2008 03:28 PM | 00,087,029 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Hotel_Voucher_Booking_ID_2302335.pdf [08/24/2008 11:47 PM | 01,574,391 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\SmitfraudFix.exe [08/24/2008 11:48 PM | ---D | C] - C:\Documents and Settings\Thadeus McGriddle\Desktop\SmitfraudFix [08/25/2008 01:12 AM | 00,791,393 | ---- | C] (Lars Hederer ) - C:\Documents and Settings\Thadeus McGriddle\Desktop\erunt_setup.exe [08/25/2008 01:12 AM | ---D | C] - C:\Documents and Settings\Thadeus McGriddle\Desktop\Virus Fixer [08/25/2008 02:32 AM | 00,030,208 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Fixing Virus.doc [08/25/2008 02:33 AM | 00,000,592 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\ERUNT.lnk [08/25/2008 02:33 AM | 00,000,611 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\NTREGOPT.lnk [08/25/2008 02:33 AM | 00,096,978 | ---- | C] (Business Information Solutions) - C:\Documents and Settings\Thadeus McGriddle\Desktop\VirtumundoBeGone.exe [08/25/2008 03:38 AM | 00,001,734 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\HijackThis.lnk [08/25/2008 03:50 AM | 00,039,424 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Logfile of Trend Micro HijackThis v2.doc [08/25/2008 03:53 AM | 00,041,472 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Program List.doc [08/25/2008 04:14 AM | ---D | C] - C:\Documents and Settings\Thadeus McGriddle\Desktop\Virus Logs [08/29/2008 06:26 PM | 00,353,485 | ---- | C] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\HostsXpert.zip [08/29/2008 06:46 PM | ---D | C] - C:\Program Files\Common Files\Adobe AIR [08/02/2008 01:25 PM | ---D | C] - C:\Program Files\QuickTime [08/02/2008 01:26 PM | ---D | C] - C:\Program Files\Bonjour [08/02/2008 01:27 PM | ---D | C] - C:\Program Files\iPod [08/02/2008 01:27 PM | ---D | C] - C:\Program Files\iTunes [08/19/2008 10:11 AM | ---D | C] - C:\Program Files\EPSON [08/25/2008 02:02 AM | ---D | C] - C:\Program Files\Malwarebytes' Anti-Malware [08/25/2008 02:33 AM | ---D | C] - C:\Program Files\ERUNT [08/25/2008 03:38 AM | ---D | C] - C:\Program Files\Trend Micro [08/29/2008 06:38 PM | ---D | C] - C:\Program Files\NOS ========== Files/Folders - Modified Within 30 days ========== [4 C:\WINDOWS\System32\*.tmp files] [08/14/2008 09:52 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\IEDFix.C.exe [08/18/2008 12:19 PM | 00,082,432 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\404Fix.exe [08/23/2008 07:06 PM | 00,089,600 | ---- | M] (S!Ri.URZ) - C:\WINDOWS\System32\AntiXPVSTFix.exe [08/25/2008 04:52 PM | 00,002,206 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl [08/25/2008 12:17 AM | 00,003,916 | ---- | M] () - C:\WINDOWS\System32\tmp.reg [6 C:\WINDOWS\*.tmp files] [08/02/2008 12:31 PM | 00,054,156 | -H-- | M] () - C:\WINDOWS\QTFont.qfn [08/15/2008 03:03 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK [08/25/2008 04:51 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [08/25/2008 10:55 PM | 00,000,116 | ---- | M] () - C:\WINDOWS\NeroDigital.ini [08/25/2008 04:51 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [08/29/2008 07:00 PM | 00,000,292 | -H-- | M] () - C:\WINDOWS\tasks\ACD6A3B091852060.job [08/21/2008 09:31 AM | 00,045,056 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [08/25/2008 12:11 AM | 04,316,116 | -H-- | M] () - C:\Documents and Settings\Thadeus McGriddle\Local Settings\Application Data\IconCache.db [08/11/2008 04:06 PM | 00,043,571 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Hong Kong Marriage Pamphlet.pdf [08/19/2008 02:31 PM | 00,314,973 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\KL Transit Map.pdf [08/19/2008 04:14 PM | 00,026,112 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Winter Vacation SE Asia Trip.doc [08/19/2008 11:07 AM | 00,028,160 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Words to use for Kokura Minami English Camp.doc [08/22/2008 11:18 AM | 00,061,952 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Dear New ALT.doc [08/22/2008 11:24 AM | 00,035,328 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Travel Itinerary for Japan.doc [08/22/2008 11:45 AM | 00,024,576 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\My Documents\Hey Kobayashi sensei.doc [08/02/2008 01:25 PM | 00,001,604 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk [08/24/2008 07:02 PM | 00,002,137 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\iTunes.lnk [08/25/2008 02:02 AM | 00,000,696 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [08/29/2008 05:28 PM | 00,002,257 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Skype.lnk [08/29/2008 06:46 PM | 00,001,729 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk [08/15/2008 09:16 PM | 00,034,996 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\anna.dmv.history.MDI [08/18/2008 03:28 PM | 00,087,029 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Hotel_Voucher_Booking_ID_2302335.pdf [08/24/2008 07:45 AM | 01,574,391 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\SmitfraudFix.exe [08/24/2008 09:02 AM | 00,791,393 | ---- | M] (Lars Hederer ) - C:\Documents and Settings\Thadeus McGriddle\Desktop\erunt_setup.exe [08/24/2008 10:28 AM | 00,096,978 | ---- | M] (Business Information Solutions) - C:\Documents and Settings\Thadeus McGriddle\Desktop\VirtumundoBeGone.exe [08/25/2008 02:33 AM | 00,000,592 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\ERUNT.lnk [08/25/2008 02:33 AM | 00,000,611 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\NTREGOPT.lnk [08/25/2008 03:30 AM | 00,030,208 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Fixing Virus.doc [08/25/2008 03:38 AM | 00,001,734 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\HijackThis.lnk [08/25/2008 03:50 AM | 00,039,424 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Logfile of Trend Micro HijackThis v2.doc [08/25/2008 03:53 AM | 00,041,472 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Program List.doc [08/29/2008 01:34 AM | 00,353,485 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\HostsXpert.zip [08/29/2008 11:08 AM | 00,035,328 | ---- | M] () - C:\Documents and Settings\Thadeus McGriddle\Desktop\Dan_-_student_farewell_speech.doc < End of report > OTViewIt Extras logfile created on: 8/29/2008 7:09:18 PM - Run 1 OTViewIt by OldTimer - Version 1.0.1.0 Folder = C:\Documents and Settings\Thadeus McGriddle\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1014.05 Mb Total Physical Memory | 548.51 Mb Available Physical Memory | 54.09% Memory free 2.38 Gb Paging File | 2.02 Gb Available in Paging File | 84.88% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 74.47 Gb Total Space | 53.34 Gb Free Space | 71.62% Space Free | Partition Type: NTFS D: Drive not present or media not loaded Drive E: | 491.23 Mb Total Space | 221.05 Mb Free Space | 45.00% Space Free | Partition Type: FAT F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .bat [@ = batfile] - File not found - .cmd [@ = cmdfile] - File not found - .com [@ = comfile] - File not found - .exe [@ = exefile] - File not found - .pif [@ = piffile] - File not found - .scr [@ = scrfile] - File not found - ========== Winsock2 Catalogs ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\] NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - [07/24/2007 03:17 PM | 00,147,456 | ---- | M] (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== ========== HKEY_CURRENT_USER Protocol Defaults ========== ========== Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] ipp: [HKLM - No CLSID value] msdaipp: [HKLM - No CLSID value] skype4com:{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} [HKLM - IEProtocolHandler Class] [02/01/2008 05:22 PM | 01,934,672 | R--- | M] (Skype Technologies) C:\Program Files\Common Files\Skype\Skype4COM.dll ========== Protocol Filters ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update "{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime "{0DC86BEC-5CE3-413A-BB61-C40A3D186B24}" = Scan "{0FF18B53-CA57-40BB-B562-21A27B662005}" = 1600 "{14BEB6DF-A499-4A38-8E06-E173BCD5C087}" = ScannerCopy "{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant "{181821B7-82AA-44DA-9DAF-EF254CCB670A}" = Fax "{186A63A2-4256-43C6-8061-95EF77A5CDB6}" = Sid Meier's Civilization 4 "{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare "{1B680FBA-E317-4E93-AF43-3B59798A4BE0}" = Copy "{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{272EC8BA-5A08-4ea1-A189-684466A06B02}" = cp_dwShrek2Albums1 "{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD "{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}" = LUMIX Simple Viewer "{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver "{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload "{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11 "{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{342C7C88-D335-4bc2-8CF1-281857629CE2}" = HP PSC & OfficeJet 4.7 "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{35AD3FC5-D09D-4D9F-8E9C-E40794194EC5}" = Netflix Movie Viewer "{37477865-A3F1-4772-AD43-AAFC6BCFF99F}" = MSXML 4.0 SP2 (KB927978) "{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour "{391E18CE-7D3B-45E9-A8F0-34E77F14F47A}" = ProductContext "{3DE0053C-FD9A-483E-B7C9-B06E4392206E}" = iTunes "{442BE28B-782B-4DC0-B490-E70A403B1C69}" = Readme "{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour "{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support "{5A633ED0-E5D7-4D65-AB8D-53ED43510284}" = Symantec AntiVirus "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.6 "{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone "{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects "{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery "{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update "{655CB07D-C944-40BE-B93F-55957CAC7625}" = AiO_Scan "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.9 "{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations "{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm "{724517BD-1DE1-4986-BFCA-C1DFD379E3BC}" = cp_dwShrek2Cards1 "{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics "{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1 "{85CFD253-38AE-4DB1-ACB7-F0F4C791990D}" = AiOSoftware "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8BC3B99B-A6BE-4A0B-8535-B1B94BA4B1B1}" = DocProc "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9A9DBEBC-C800-4776-A970-D76D6AA405B1}" = PHOTOfunSTUDIO -viewer- "{9E397B40-13F7-4CA2-9943-ADB29ACBBFDF}" = ArcSoft Software Suite "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A5B9D22C-755A-4AC6-9904-875E80838BB6}" = CP_AtenaShokunin1Config "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9 "{AC76BA86-7AD7-5760-0000-705000000001}" = Adobe Reader Japanese Fonts "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom Gigabit Integrated Controller "{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director "{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181) "{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CB449D5A-7710-47aa-B9F5-352B877C90E6}" = 1600_Help "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg "{CE0C8CC5-E396-442B-A50E-D1D374A9E820}" = DocumentViewer "{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}" = getPlus(R) "{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4 "{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader "{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007 "{F4C6CC40-1142-49be-A28C-7BBD36F0B41A}" = 1600Trb "{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "AnyDVD" = AnyDVD "Azureus Vuze" = Azureus Vuze "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink_is1" = DVD Shrink 3.2 "EPSON Printer and Utilities" = EPSONÌßØÝÀÄÞײÊޥհèØè "ERUNT_is1" = ERUNT 1.1j "FLVPlayer" = FLV Player 1.3.3 "HijackThis" = HijackThis 2.0.2 "HP Photo & Imaging" = HP Image Zone 4.7 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "InstallShield_{2D91C34E-12CC-4B1B-90D5-31DAD47B6F48}" = OZ776 SCR CardBus Windows Driver "KB835221WXP" = High Definition Audio Driver Package - KB835221 "KB839210" = Windows XP Hotfix - KB839210 "KB873339" = Windows XP Hotfix - KB873339 "KB885835" = Windows XP Hotfix - KB885835 "KB885836" = Windows XP Hotfix - KB885836 "KB886185" = Windows XP Hotfix - KB886185 "KB887472" = Windows XP Hotfix - KB887472 "KB888302" = Windows XP Hotfix - KB888302 "KB890046" = Security Update for Windows XP (KB890046) "KB890859" = Windows XP Hotfix - KB890859 "KB891781" = Windows XP Hotfix - KB891781 "KB893756" = Security Update for Windows XP (KB893756) "KB893803v2" = Windows Installer 3.1 (KB893803) "KB894391" = Update for Windows XP (KB894391) "KB896358" = Security Update for Windows XP (KB896358) "KB896423" = Security Update for Windows XP (KB896423) "KB896428" = Security Update for Windows XP (KB896428) "KB898461" = Update for Windows XP (KB898461) "KB899587" = Security Update for Windows XP (KB899587) "KB899591" = Security Update for Windows XP (KB899591) "KB900485" = Update for Windows XP (KB900485) "KB900725" = Security Update for Windows XP (KB900725) "KB901017" = Security Update for Windows XP (KB901017) "KB901190" = Security Update for Windows XP (KB901190) "KB901214" = Security Update for Windows XP (KB901214) "KB902400" = Security Update for Windows XP (KB902400) "KB904706" = Security Update for Windows XP (KB904706) "KB904942" = Update for Windows XP (KB904942) "KB905414" = Security Update for Windows XP (KB905414) "KB905749" = Security Update for Windows XP (KB905749) "KB908519" = Security Update for Windows XP (KB908519) "KB908531" = Update for Windows XP (KB908531) "KB910437" = Update for Windows XP (KB910437) "KB911280" = Update for Windows XP (KB911280) "KB911562" = Security Update for Windows XP (KB911562) "KB911564" = Security Update for Windows Media Player (KB911564) "KB911927" = Security Update for Windows XP (KB911927) "KB912812" = Security Update for Windows XP (KB912812) "KB913580" = Security Update for Windows XP (KB913580) "KB914388" = Security Update for Windows XP (KB914388) "KB914389" = Security Update for Windows XP (KB914389) "KB914440" = Hotfix for Windows XP (KB914440) "KB915865" = Hotfix for Windows XP (KB915865) "KB916595" = Update for Windows XP (KB916595) "KB917344" = Security Update for Windows XP (KB917344) "KB917422" = Security Update for Windows XP (KB917422) "KB917734_WMP9" = Security Update for Windows Media Player 9 (KB917734) "KB917953" = Security Update for Windows XP (KB917953) "KB918118" = Security Update for Windows XP (KB918118) "KB918439" = Security Update for Windows XP (KB918439) "KB919007" = Security Update for Windows XP (KB919007) "KB920213" = Security Update for Windows XP (KB920213) "KB920670" = Security Update for Windows XP (KB920670) "KB920683" = Security Update for Windows XP (KB920683) "KB920685" = Security Update for Windows XP (KB920685) "KB920872" = Update for Windows XP (KB920872) "KB921503" = Security Update for Windows XP (KB921503) "KB922582" = Update for Windows XP (KB922582) "KB922819" = Security Update for Windows XP (KB922819) "KB923191" = Security Update for Windows XP (KB923191) "KB923414" = Security Update for Windows XP (KB923414) "KB923689" = Security Update for Windows XP (KB923689) "KB923694" = Security Update for Windows XP (KB923694) "KB923789" = Security Update for Windows XP (KB923789) "KB923980" = Security Update for Windows XP (KB923980) "KB924191" = Security Update for Windows XP (KB924191) "KB924270" = Security Update for Windows XP (KB924270) "KB924496" = Security Update for Windows XP (KB924496) "KB924667" = Security Update for Windows XP (KB924667) "KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398) "KB925902" = Security Update for Windows XP (KB925902) "KB926239" = Hotfix for Windows XP (KB926239) "KB926255" = Security Update for Windows XP (KB926255) "KB926436" = Security Update for Windows XP (KB926436) "KB927779" = Security Update for Windows XP (KB927779) "KB927802" = Security Update for Windows XP (KB927802) "KB927891" = Update for Windows XP (KB927891) "KB928255" = Security Update for Windows XP (KB928255) "KB928843" = Security Update for Windows XP (KB928843) "KB929123" = Security Update for Windows XP (KB929123) "KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399) "KB929969" = Security Update for Windows Internet Explorer 7 (KB929969) "KB930178" = Security Update for Windows XP (KB930178) "KB930916" = Update for Windows XP (KB930916) "KB931261" = Security Update for Windows XP (KB931261) "KB931768" = Security Update for Windows XP (KB931768) "KB931768-IE7" = Security Update for Windows Internet Explorer 7 (KB931768) "KB931784" = Security Update for Windows XP (KB931784) "KB931836" = Update for Windows XP (KB931836) "KB932168" = Security Update for Windows XP (KB932168) "KB932823-v3" = Update for Windows XP (KB932823-v3) "KB933360" = Update for Windows XP (KB933360) "KB933566-IE7" = Security Update for Windows Internet Explorer 7 (KB933566) "KB933729" = Security Update for Windows XP (KB933729) "KB935839" = Security Update for Windows XP (KB935839) "KB935840" = Security Update for Windows XP (KB935840) "KB936021" = Security Update for Windows XP (KB936021) "KB936357" = Update for Windows XP (KB936357) "KB936782_WMP11" = Security Update for Windows Media Player 11 (KB936782) "KB937143-IE7" = Security Update for Windows Internet Explorer 7 (KB937143) "KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127) "KB938828" = Update for Windows XP (KB938828) "KB938829" = Security Update for Windows XP (KB938829) "KB939653-IE7" = Security Update for Windows Internet Explorer 7 (KB939653) "KB939683" = Hotfix for Windows Media Player 11 (KB939683) "KB941202" = Security Update for Windows XP (KB941202) "KB941568" = Security Update for Windows XP (KB941568) "KB941569" = Security Update for Windows XP (KB941569) "KB941644" = Security Update for Windows XP (KB941644) "KB941693" = Security Update for Windows XP (KB941693) "KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615) "KB942763" = Update for Windows XP (KB942763) "KB943055" = Security Update for Windows XP (KB943055) "KB943460" = Security Update for Windows XP (KB943460) "KB943485" = Security Update for Windows XP (KB943485) "KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533) "KB944653" = Security Update for Windows XP (KB944653) "KB945553" = Security Update for Windows XP (KB945553) "KB946026" = Security Update for Windows XP (KB946026) "KB946648" = Security Update for Windows XP (KB946648) "KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864) "KB948590" = Security Update for Windows XP (KB948590) "KB948881" = Security Update for Windows XP (KB948881) "KB950749" = Security Update for Windows XP (KB950749) "KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759) "KB950760" = Security Update for Windows XP (KB950760) "KB950762" = Security Update for Windows XP (KB950762) "KB950974" = Security Update for Windows XP (KB950974) "KB951066" = Security Update for Windows XP (KB951066) "KB951072-v2" = Update for Windows XP (KB951072-v2) "KB951376" = Security Update for Windows XP (KB951376) "KB951376-v2" = Security Update for Windows XP (KB951376-v2) "KB951698" = Security Update for Windows XP (KB951698) "KB951748" = Security Update for Windows XP (KB951748) "KB952287" = Hotfix for Windows XP (KB952287) "KB952954" = Security Update for Windows XP (KB952954) "KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838) "KB953839" = Security Update for Windows XP (KB953839) "LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation) "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Scrabble" = Scrabble "SopCast" = SopCast 2.0.4 "SopCore" = SopCore 1.1.2 "TVAnts 1.0" = TVAnts 1.0 "VLC media player" = VideoLAN VLC media player 0.8.6c "WgaNotify" = Windows Genuine Advantage Notifications (KB905474) "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Xfire" = Xfire (remove only) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "THUNK JOY HOLD" = CiD Help ========== Event Log Warnings and Errors ========== [ Application Events ] Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 8 4746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 8 4746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:47:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 84746 PM Application - Error - 8/24/2008 8:48:54 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Security Risk FoundThreat JokeBlusod in File cwindowssystem32blphcag8j0er9gscr by Manual scan Action Leave Alone succeeded Action Description The file was l eft unchanged Application - Error - 8/24/2008 8:48:54 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Security Risk FoundThreat JokeBlusod in File cwindowssystem32blphcag8j0er9gscr by Manual scan Action Quarantine succeeded Action Description The file was quarantined successfully Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:49:02 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesLavasoftAd-Aware 2007aawserviceexe (PID 1816)Time Sunday August 24 2008 84902 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 8 5821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 8 5821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:58:21 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CDOCUME1THADEU1LOCALS1Temphckhghaiexe (PID 2176)Time Sunday August 24 2008 85821 PM Application - Error - 8/24/2008 8:59:00 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Hang Description = Hanging application tt53tmp version 0000 hang module hungapp version 0000 hang address 0x00000000 Application - Error - 8/24/2008 9:00:18 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Threat FoundThreat JokeBlusod in File cWINDOWSsystem32blphcag8j0er9gscr by Manual scan Action Quarantine succeeded Action Description The file was quarantined successfully Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:06:16 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90616 PM Application - Error - 8/24/2008 9:07:12 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90712 PM Application - Error - 8/24/2008 9:07:12 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90712 PM Application - Error - 8/24/2008 9:07:12 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90712 PM Application - Error - 8/24/2008 9:07:12 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90712 PM Application - Error - 8/24/2008 9:08:29 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90829 PM Application - Error - 8/24/2008 9:08:29 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90829 PM Application - Error - 8/24/2008 9:08:32 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90832 PM Application - Error - 8/24/2008 9:08:32 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90832 PM Application - Error - 8/24/2008 9:08:36 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90836 PM Application - Error - 8/24/2008 9:08:36 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusVPC32exeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 296)Time Sunday August 24 2008 90836 PM Application - Error - 8/24/2008 10:04:23 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Security Risk FoundThreat JokeBlusod in File cwindowssystem32blphcag8j0er9gscr by Manual scan Action Leave Alone succeeded Action Description The file was l eft unchanged Application - Error - 8/24/2008 10:04:24 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Security Risk FoundThreat JokeBlusod in File cwindowssystem32blphcag8j0er9gscr by Manual scan Action Quarantine succeeded Action Description The file was quarantined successfully Application - Error - 8/24/2008 10:04:25 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Symantec AntiVirus Description = Threat FoundThreat JokeBlusod in File cWINDOWSsystem32blphcag8j0er9gscr by Manual scan Action Quarantine succeeded Action Description The file was quarantined successfully Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:38 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101238 PM Application - Error - 8/24/2008 10:12:44 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101244 PM Application - Error - 8/24/2008 10:12:44 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101244 PM Application - Error - 8/24/2008 10:12:44 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101244 PM Application - Error - 8/24/2008 10:12:44 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101244 PM Application - Error - 8/24/2008 10:12:47 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101247 PM Application - Error - 8/24/2008 10:12:47 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101247 PM Application - Error - 8/24/2008 10:12:47 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101247 PM Application - Error - 8/24/2008 10:12:47 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2780)Time Sunday August 24 2008 101247 PM Application - Error - 8/25/2008 12:03:28 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Error Description = Application - Error - 8/25/2008 12:19:51 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Error Description = Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:40 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124340 AM Application - Error - 8/25/2008 12:43:44 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124344 AM Application - Error - 8/25/2008 12:43:44 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124344 AM Application - Error - 8/25/2008 12:43:45 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124345 AM Application - Error - 8/25/2008 12:43:45 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124345 AM Application - Error - 8/25/2008 12:43:48 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124348 AM Application - Error - 8/25/2008 12:43:48 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124348 AM Application - Error - 8/25/2008 12:43:48 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124348 AM Application - Error - 8/25/2008 12:43:48 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesSUPERAntiSpywareSUPERAntiSpywareexe (PID 2272)Time Monday August 25 2008 124348 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20323 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 2 5 2008 20323 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 2 5 2008 20323 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20323 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20323 AM Application - Error - 8/25/2008 2:03:23 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20323 AM Application - Error - 8/25/2008 2:03:24 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20324 AM Application - Error - 8/25/2008 2:03:24 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20324 AM Application - Error - 8/25/2008 2:03:24 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20324 AM Application - Error - 8/25/2008 2:03:24 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20324 AM Application - Error - 8/25/2008 2:03:25 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20325 AM Application - Error - 8/25/2008 2:03:25 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20325 AM Application - Error - 8/25/2008 2:03:25 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20325 AM Application - Error - 8/25/2008 2:03:25 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 20325 AM Application - Error - 8/25/2008 2:30:09 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23009 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 2 5 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 2 5 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 2:30:10 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4036)Time Monday August 25 2008 23010 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccSetMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 2 5 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccEvtMgrexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvcexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 2 5 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusDefWatchexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:28 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesSymantec AntiVirusRtvscanexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33328 AM Application - Error - 8/25/2008 3:33:29 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33329 AM Application - Error - 8/25/2008 3:33:29 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CProgram FilesCommon FilesSymantec SharedccAppexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33329 AM Application - Error - 8/25/2008 3:33:29 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33329 AM Application - Error - 8/25/2008 3:33:29 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = Symantec AntiVirus Description = SYMANTEC TAMPER PROTECTION ALERTTarget CPROGRA1SYMANT1VPTrayexeEvent Info Open ProcessAction Taken BlockedActor Process CProgram FilesMalwarebytes Anti-Malwarembamexe (PID 4092)Time Monday August 25 2008 33329 AM Application - Error - 8/25/2008 10:46:32 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Hang Description = Hanging application PowerDVDexe version 5000 hang module hungapp v ersion 0000 hang address 0x00000000 Application - Error - 8/25/2008 10:46:40 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Hang Description = Hanging application PowerDVDexe version 5000 hang module hungapp v ersion 0000 hang address 0x00000000 Application - Error - 8/25/2008 10:49:37 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Hang Description = Hanging application PowerDVDexe version 5000 hang module hungapp v ersion 0000 hang address 0x00000000 Application - Error - 8/25/2008 10:49:42 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Application Hang Description = Hanging application PowerDVDexe version 5000 hang module hungapp v ersion 0000 hang address 0x00000000 [ System Events ] System - Error - 8/23/2008 3:54:01 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Dhcp Description = Your computer has lost the lease to its IP address 19216802 on theNetwork Card with network address 00197E3E347C System - Error - 8/24/2008 3:21:19 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Dhcp Description = Your computer has lost the lease to its IP address 19216802 on theNetwork Card with network address 00197E3E347C System - Error - 8/24/2008 11:57:34 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/24/2008 11:57:35 PM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DNS Client service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The TCPIP NetBIOS Helper service depends on the AFD service which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Apple Mobile Device service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Bonjour Service service depends on the TCPIP Protocol Driver s ervice which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error 31 System - Error - 8/24/2008 11:58:10 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The following boot-start or system-start driver(s) failed to load AFDAPPDRVeeCtrlFipsintelppmIPSecMRxSmbNetBIOSNetBTRasAcdRdbssSASDIFSVSASKUTILSAVRTSAVRTPELSPBBCDrvSYMTDITcpip System - Error - 8/25/2008 12:05:30 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:07:34 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:08:12 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:08:18 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:08:24 AM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/25/2008 12:14:13 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:14:14 AM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DNS Client service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The TCPIP NetBIOS Helper service depends on the AFD service which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Apple Mobile Device service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Bonjour Service service depends on the TCPIP Protocol Driver s ervice which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error 31 System - Error - 8/25/2008 12:15:00 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The following boot-start or system-start driver(s) failed to load AFDAPPDRVeeCtrlFipsintelppmIPSecMRxSmbNetBIOSNetBTRasAcdRdbssSASDIFSVSASKUTILSAVRTSAVRTPELSPBBCDrvSYMTDITcpip System - Error - 8/25/2008 12:20:44 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:20:55 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:21:00 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:21:43 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:23:08 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:23:51 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:23:55 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:24:00 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:24:03 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:26:32 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:29:05 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 12:29:16 AM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/25/2008 2:38:52 AM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/25/2008 2:38:55 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Administrator - Source = DCOM Description = System - Error - 8/25/2008 2:39:12 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Administrator - Source = DCOM Description = System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The DNS Client service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The TCPIP NetBIOS Helper service depends on the AFD service which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Apple Mobile Device service depends on the TCPIP Protocol Driver service which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The Bonjour Service service depends on the TCPIP Protocol Driver s ervice which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error 31 System - Error - 8/25/2008 2:39:37 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Service Control Manager Description = The following boot-start or system-start driver(s) failed to load AFDAPPDRVeeCtrlFipsintelppmIPSecMRxSmbNetBIOSNetBTRasAcdRdbssSASDIFSVSASKUTILSAVRTSAVRTPELSPBBCDrvSYMTDITcpip System - Error - 8/25/2008 3:26:28 AM - Computer Name = THADEUS-F4061AA - User Name = NT AUTHORITY\SYSTEM - Source = DCOM Description = System - Error - 8/25/2008 4:36:48 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:37:18 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:37:49 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:40:41 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:41:11 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:41:42 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:42:16 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:42:47 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:56:18 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:56:48 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 4:57:19 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 5:40:26 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal System - Error - 8/25/2008 9:49:01 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal System - Error - 8/25/2008 9:49:07 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal System - Error - 8/25/2008 10:24:47 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 10:25:17 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 10:25:48 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/25/2008 10:44:29 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal System - Error - 8/25/2008 10:51:08 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal System - Error - 8/26/2008 8:33:47 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/26/2008 8:35:51 AM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/26/2008 2:49:41 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/26/2008 2:50:12 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/26/2008 2:50:42 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/26/2008 2:51:46 PM - Computer Name = THADEUS-F4061AA - User Name = THADEUS-F4061AA\Thadeus McGriddle - Source = DCOM Description = System - Error - 8/28/2008 8:16:10 AM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = Windows Update Agent Description = System - Error - 8/29/2008 1:18:31 PM - Computer Name = THADEUS-F4061AA - User Name = (blank) - Source = PlugPlayManager Description = The device Optiarc DVD-RW AD-5540A (IDECdRomOptiarcDVD-RWAD-5540A102C5cafda9a0000) disappeared from the system without first being prepared for removal [ Security Events ] [ Anti-Virus Events ] < End of report >