I've been having the strangest issues with my laptop the last day or so. I've posted here years ago with some issues and everyone was so great, so I'm back!
Basic system specs:
- Windows 7 Professional
- Macbook Pro laptop
- Using Bootcamp
I noticed 5 main issues (in this order):
1. PowerPoint would not open any slides, or even let me create a new slideshow.
2. Any window that was open could not be closed by clicking the close ("X") button. Alt+F4 worked, as well as "File->Exit", but the close button did nothing. I also could not maximize or minimize any windows, nor could I resize or move any of them.
3. Any windows pop-up dialogs were missing the text on the buttons ("OK", "Cancel", etc). The buttons were there and could be clicked on, but they didn't have any text
4. Task Manager refused to start
5. "Hide extensions for known file types" mysteriously got turned back on.
A few things I immediately tried:
- Downloaded and did a full scan with AVG Free Edition. It found 3 severe issues all related to Java/bytecode or something similar (and some tracking cookies). They were "fixed", but none of the issues above were resolved.
- Downloaded and ran Spybot Search & Destroy. It didn't find anything major, just the remains of some toolbars that were accidentally installed during the installation of other programs.
- Tried to do a system restore, but that ended up giving me a few errors (including a "Catastrophic Failure" error), and couldn't complete.
- Downloaded a replacement task-manager-like program called "Process Explorer". Didn't see anything specifically odd running.
I eventually found a post on a forum from a person who had a very similar problem (the "windows won't close/move/etc" issue). The solution that worked for him was to open a command window and do "sfc /scannow". Once that was done, my windows immediately started to work normally. I was able to move them, resize them, minimize them, etc. PowerPoint even started working normally, and dialog boxes once again had text on their buttons (after a restart).
The task manager issue is still unfortunately unresolved, and I'm not convinced that whatever caused the original issues is truly "fixed".
I read through the FAQ here, and followed as many of the steps as I could. Here's what I did:
1. Downloaded and ran Temp File Cleaner. Cleaned up about 180mb, did not need to restart.
2. Downloaded and ran SysRestorePoint and created a System Restore point.
3. Downloaded and ran ERUNT and created a backup of my registry.
4. Downloaded and ran MBAM. Did a quick scan. (log posted below)
5. Rebooted - task manager still not working
6. Downloaded and ran RootRepeal. Got several errors which prevented it from running properly. (log posted below).
7. Downloaded and ran OTL. Did a quick scan. (log posted below).
Thanks for taking the time to read this. Let me know if there's anything else I need to post, or other steps I should take.
-Chris
==================================================
MBAM Log
==================================================
Malwarebytes' Anti-Malware 1.41
Database version: 3268
Windows 6.1.7600
12/1/2009 12:59:48 PM
mbam-log-2009-12-01 (12-59-48).txt
Scan type: Quick Scan
Objects scanned: 97936
Time elapsed: 4 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
==================================================
RootRepeal Error Log (timestamps are off, had to run again and save the log)
==================================================
14:05:40: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x00000114)
14:05:40: DeviceIoControl Error! Error Code = 0x1e7
14:05:40: FOPS - DeviceIoControl Error! Error Code = 0xc0000024 Extended Info (0x00000114)
==================================================
OTL Log
==================================================
OTL logfile created on: 12/1/2009 1:22:07 PM - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Users\Chris Cascioli\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.98 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 62.49% Memory free
3.97 Gb Paging File | 2.89 Gb Available in Paging File | 72.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151.11 Gb Total Space | 40.53 Gb Free Space | 26.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ZOMGMACBOOK
Current User Name: Chris Cascioli
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/12/01 13:07:42 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Users\Chris Cascioli\Desktop\OTL.exe
PRC - [2009/11/30 16:17:34 | 01,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2009/11/30 16:17:33 | 02,020,120 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2009/11/30 16:17:32 | 00,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2009/11/30 16:17:32 | 00,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2009/11/30 16:17:32 | 00,502,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2009/11/30 16:17:27 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2009/11/14 15:27:21 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/25 17:13:12 | 26,801,794 | ---- | M] () -- C:\Users\Chris Cascioli\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/20 11:44:38 | 00,615,688 | ---- | M] (http://tortoisesvn.net) -- C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
PRC - [2009/08/19 14:24:18 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009/08/12 16:11:01 | 08,318,056 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
PRC - [2009/08/03 00:35:50 | 02,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/22 09:16:52 | 00,431,408 | ---- | M] (Apple Inc.) -- C:\Program Files\Boot Camp\Bootcamp.exe
PRC - [2009/07/22 09:16:50 | 00,099,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe
PRC - [2009/07/22 09:16:48 | 00,136,496 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe
PRC - [2009/07/22 09:14:42 | 07,289,376 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/07/20 11:30:50 | 00,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/13 20:14:42 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/10 11:42:32 | 00,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/09/10 21:37:36 | 00,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
========== Modules (SafeList) ==========
MOD - [2009/12/01 13:07:42 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Users\Chris Cascioli\Desktop\OTL.exe
MOD - [2009/11/30 16:17:54 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2009/07/20 11:29:06 | 00,045,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\lgscroll.dll
MOD - [2009/07/13 20:16:15 | 00,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/13 20:16:13 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/13 20:16:13 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/13 20:16:12 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/13 20:16:03 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/13 20:15:35 | 00,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/13 20:15:13 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/13 20:15:11 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/13 20:15:07 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/13 20:15:02 | 00,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/13 20:03:50 | 01,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/06/10 16:23:11 | 00,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (ClearCanvas Shred Host Service)
SRV - [2009/11/30 16:17:27 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009/11/01 18:54:37 | 00,320,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/02 10:20:28 | 00,655,624 | ---- | M] (Acresso Software Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/08/19 14:24:18 | 00,211,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009/07/26 06:43:14 | 00,025,832 | ---- | M] (BioWare) -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/07/22 09:16:50 | 00,099,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\AppleTimeSrv.exe -- (AppleTimeSrv)
SRV - [2009/07/22 09:16:48 | 00,136,496 | ---- | M] () -- C:\Windows\System32\AppleOSSMgr.exe -- (AppleOSSMgr)
SRV - [2009/07/20 11:28:10 | 00,121,360 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 20:16:21 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/13 20:16:17 | 00,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/13 20:16:17 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/13 20:16:16 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/13 20:16:15 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/13 20:16:15 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/13 20:16:13 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 01,004,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/13 20:16:12 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/13 20:16:12 | 00,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/13 20:16:12 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/13 20:15:41 | 00,680,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/13 20:15:36 | 00,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/13 20:15:21 | 00,797,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/13 20:15:11 | 00,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 20:15:10 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/13 20:14:59 | 00,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/13 20:14:58 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/13 20:14:53 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/13 20:14:29 | 03,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/10 21:37:36 | 00,024,576 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/08/08 20:10:46 | 00,061,440 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/11/07 07:58:18 | 03,004,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe -- (msvsmon90)
SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 96 2E B4 7C 8E 5A CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.0.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.4.5
FF - prefs.js..extensions.enabledItems: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.3.9
FF - prefs.js..extensions.enabledItems: ShortenURL@loucypher:0.3.4
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.1.10042009
FF - prefs.js..extensions.enabledItems: [email protected]:3.1.1
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2009/11/30 16:17:27 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/01 11:30:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/14 15:27:22 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009/10/07 21:33:24 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2009/10/08 10:50:29 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Extensions
[2009/10/08 10:50:29 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/11/30 16:33:43 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions
[2009/11/04 13:22:43 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2009/11/04 13:22:43 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}
[2009/11/05 20:36:20 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\[email protected]
[2009/09/02 01:46:30 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\[email protected]
[2009/11/09 09:18:43 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\ShortenURL@loucypher
[2009/11/12 14:51:49 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\extensions\SkipScreen@SkipScreen
[2009/09/02 11:58:45 | 00,001,554 | ---- | M] () -- C:\Users\Chris Cascioli\AppData\Roaming\Mozilla\Firefox\Profiles\2n5cfzns.default\searchplugins\wowhead.xml
[2009/11/30 16:33:43 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - Startup: C:\Users\Chris Cascioli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Chris Cascioli\AppData\Roaming\Dropbox\bin\Dropbox.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 129.21.3.17 129.21.4.18
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/13 21:37:08 | 00,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (8463256485814599680)
========== Files/Folders - Created Within 14 Days ==========
[2009/12/01 13:07:38 | 00,535,552 | ---- | C] (OldTimer Tools) -- C:\Users\Chris Cascioli\Desktop\OTL.exe
[2009/12/01 13:04:23 | 00,472,064 | ---- | C] ( ) -- C:\Users\Chris Cascioli\Desktop\RootRepeal.exe
[2009/12/01 12:54:16 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Roaming\Malwarebytes
[2009/12/01 12:54:11 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/01 12:54:10 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/01 12:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/12/01 12:54:10 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/01 12:53:23 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/12/01 12:52:38 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/12/01 11:57:54 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/12/01 11:47:30 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/01 11:25:15 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Roaming\AVG9
[2009/11/30 20:33:02 | 03,550,592 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Chris Cascioli\Desktop\procexp.exe
[2009/11/30 16:53:06 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/11/30 16:53:06 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/11/30 16:17:55 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/11/30 16:17:54 | 00,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/11/30 16:17:53 | 00,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/11/30 16:17:44 | 00,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/11/30 16:17:42 | 00,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/11/30 16:17:42 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2009/11/30 16:17:26 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/11/30 16:17:23 | 00,000,000 | ---D | C] -- C:\ProgramData\avg9
[2009/11/28 10:07:24 | 00,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll
[2009/11/28 10:07:24 | 00,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll
[2009/11/28 10:04:59 | 00,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2009/11/28 10:04:58 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Roaming\Propellerhead Software
[2009/11/25 15:14:00 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Local\HandBrake
[2009/11/25 15:13:58 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Roaming\HandBrake
[2009/11/25 15:13:31 | 00,000,000 | ---D | C] -- C:\Program Files\Handbrake
[2009/11/22 19:37:22 | 00,000,000 | ---D | C] -- C:\Users\Chris Cascioli\AppData\Roaming\Broad Intelligence
[2009/11/22 19:36:10 | 00,000,000 | ---D | C] -- C:\Program Files\MediaCoder
========== Files - Modified Within 14 Days ==========
[2009/12/01 13:24:10 | 02,097,152 | -HS- | M] () -- C:\Users\Chris Cascioli\NTUSER.DAT
[2009/12/01 13:09:30 | 00,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/01 13:09:30 | 00,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/01 13:07:42 | 00,535,552 | ---- | M] (OldTimer Tools) -- C:\Users\Chris Cascioli\Desktop\OTL.exe
[2009/12/01 13:05:30 | 00,000,015 | ---- | M] () -- C:\Users\Chris Cascioli\Desktop\settings.dat
[2009/12/01 13:04:26 | 00,472,064 | ---- | M] ( ) -- C:\Users\Chris Cascioli\Desktop\RootRepeal.exe
[2009/12/01 13:02:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/01 13:01:58 | 15,968,29696 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/01 13:00:46 | 00,780,310 | -H-- | M] () -- C:\Users\Chris Cascioli\AppData\Local\IconCache.db
[2009/12/01 12:48:23 | 10,616,551 | ---- | M] () -- C:\Users\Chris Cascioli\Desktop\TwinkleWish.themepack
[2009/12/01 11:58:22 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/01 11:13:31 | 00,615,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/01 11:13:31 | 00,103,702 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/01 11:13:30 | 00,713,888 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/01 08:32:08 | 45,983,486 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/12/01 08:31:54 | 00,106,272 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/11/30 16:17:54 | 00,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2009/11/30 16:17:53 | 00,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2009/11/30 16:17:44 | 00,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2009/11/30 16:17:42 | 06,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/11/30 16:17:42 | 00,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/11/30 16:17:42 | 00,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2009/11/30 16:17:42 | 00,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2009/11/30 09:38:00 | 00,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2585278648-751120258-375630043-1001UA.job
[2009/11/30 08:58:11 | 00,001,269 | ---- | M] () -- C:\Users\Chris Cascioli\Desktop\09-10 - GSD 2.lnk
[2009/11/30 08:35:16 | 00,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2585278648-751120258-375630043-1001Core.job
[2009/11/28 10:07:24 | 00,368,640 | ---- | M] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll
[2009/11/28 10:07:24 | 00,233,472 | ---- | M] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll
========== Files Created - No Company Name ==========
[2009/12/01 13:04:36 | 00,000,015 | ---- | C] () -- C:\Users\Chris Cascioli\Desktop\settings.dat
[2009/12/01 12:48:08 | 10,616,551 | ---- | C] () -- C:\Users\Chris Cascioli\Desktop\TwinkleWish.themepack
[2009/11/30 16:17:42 | 45,983,486 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/11/30 16:17:42 | 06,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2009/11/30 16:17:42 | 00,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2009/11/30 16:17:42 | 00,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2009/11/30 16:17:42 | 00,106,272 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/11/30 10:24:49 | 00,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
[2009/11/30 10:24:49 | 00,001,976 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
[2009/11/30 10:24:48 | 00,001,039 | ---- | C] () -- C:\Users\Chris Cascioli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2009/11/30 08:58:11 | 00,001,269 | ---- | C] () -- C:\Users\Chris Cascioli\Desktop\09-10 - GSD 2.lnk
[2009/11/21 12:18:17 | 00,015,867 | ---- | C] () -- C:\Windows\System32\empty.ico
[2009/11/06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/07 22:11:22 | 00,003,584 | ---- | C] () -- C:\Users\Chris Cascioli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/25 15:25:47 | 00,007,606 | ---- | C] () -- C:\Users\Chris Cascioli\AppData\Local\Resmon.ResmonCfg
[2009/09/03 14:46:44 | 00,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/09/02 15:53:46 | 00,000,332 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2009/09/02 01:20:39 | 00,131,366 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/09/02 01:16:37 | 00,131,366 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/07/13 18:51:43 | 00,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2008/10/07 08:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
========== LOP Check ==========
[2009/10/01 12:48:04 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\.purple
[2009/10/01 12:53:53 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\acccore
[2009/12/01 11:25:15 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\AVG9
[2009/11/28 02:42:47 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\BitTorrent
[2009/11/22 19:37:22 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Broad Intelligence
[2009/11/30 16:21:30 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\DiskAid
[2009/10/07 21:49:51 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\DNA
[2009/12/01 13:02:59 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Dropbox
[2009/11/21 17:36:16 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\FileZilla
[2009/10/08 06:39:54 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\GetRightToGo
[2009/10/01 11:25:09 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\gtk-2.0
[2009/11/25 15:13:59 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\HandBrake
[2009/09/02 11:17:56 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Leadertech
[2009/11/28 10:07:57 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Propellerhead Software
[2009/10/08 10:50:24 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Songbird2
[2009/09/02 14:40:34 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Subversion
[2009/10/05 11:11:17 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\SystemRequirementsLab
[2009/09/02 09:44:36 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Thunderbird
[2009/10/14 13:43:52 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\Trillian
[2009/10/07 22:03:02 | 00,000,000 | ---D | M] -- C:\Users\Chris Cascioli\AppData\Roaming\WindSolutions
[2009/07/13 23:53:46 | 00,007,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009/07/13 20:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 20:26:15 | 00,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 20:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 20:26:15 | 00,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 20:15:06 | 00,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2009/07/13 20:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 20:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 20:20:36 | 00,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 20:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 20:16:02 | 00,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 20:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 20:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 20:20:44 | 00,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 20:16:13 | 00,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< End of report >
==================================================
OTL Extras log
==================================================
OTL Extras logfile created on: 12/1/2009 1:22:07 PM - Run 1
OTL by OldTimer - Version 3.1.11.4 Folder = C:\Users\Chris Cascioli\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.98 Gb Total Physical Memory | 1.24 Gb Available Physical Memory | 62.49% Memory free
3.97 Gb Paging File | 2.89 Gb Available in Paging File | 72.84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 151.11 Gb Total Space | 40.53 Gb Free Space | 26.82% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ZOMGMACBOOK
Current User Name: Chris Cascioli
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007BECB0-17DD-4230-9D2F-185287262B14}" = Microsoft XNA Game Studio 3.1 (Platformer)
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05EC21B8-4593-3037-A781-A6B5AFFCB19D}" = Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC16794-7E69-4534-82FA-9DD0500FF338}" = Microsoft XNA Game Studio 3.1 (Redists)
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17DFE70E-5FF7-4C87-BF4C-E944952B3C71}" = QuickBooks SDK 8.0
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{241F2BF7-69EB-42A4-9156-96B2426C7504}" = Microsoft SQL Server Compact 3.5 for Devices ENU
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16
"{291B3A3B-F808-45B8-8113-DF232FCB6C82}" = Microsoft .NET Compact Framework 3.5
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E402AA9-5C0E-45E7-8E70-C23FA0F265D5}" = Microsoft XNA Game Studio 3.1 (devenv)
"{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}" = Microsoft SQL Server Compact 3.5 Design Tools ENU
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{33BBE45C-6296-488A-B7D5-37E692E71B3F}" = TortoiseSVN 1.6.5.16974 (32 bit)
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64c5b887-b5ee-42b8-8596-78905a6b5f1f}" = Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6C9F6D23-E9AD-43C9-B43A-011562AAF876}" = Windows Mobile 5.0 SDK R2 for Pocket PC
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7FD30AE7-281D-455F-AF9F-0C6C5E334EAD}" = Microsoft XNA Game Studio 3.1 Documentation
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}" = Windows Mobile 5.0 SDK R2 for Smartphone
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A2F0810-3619-4E86-9072-973FBE1679C5}" = QuickBooks Simple Start 2009
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.2
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{AF9BDE67-11A5-449A-B9F0-BE572A093DDB}" = Microsoft XNA Game Studio 3.1 (Shared Components)
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B268E9A1-04A9-40D0-9866-846BE2B74BA7}" = Microsoft Windows SDK for Visual Studio 2008 Win32 Tools
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B32E7732-B2FB-3FD0-81AC-6025B1104C66}" = Microsoft Device Emulator version 3.0 - ENU
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B56ACF7B-D7B5-442B-8E1D-6B41347D88B2}" = Boot Camp Services
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}" = Microsoft SQL Server Compact 3.5 ENU
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BED4CEEC-863F-4AB3-BA23-541764E2D2CE}" = Microsoft XNA Game Studio Platform Tools
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}" = Microsoft Windows SDK for Visual Studio 2008 Tools
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}" = Microsoft Visual Studio 2008 Professional Edition - ENU
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DFB81F19-ED3A-4DA5-AFE4-1B999E2A8DC5}" = Microsoft XNA Game Studio 3.1 (XnaLiveProxy)
"{E1D78366-91DA-4AD0-B417-28155743CC22}" = Microsoft XNA Game Studio 3.1 (ARP entry)
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"065B919FD23D12E588F6E2BFB21F7836E2F0E704" = Windows Driver Package - Intel (e1yexpress) Net (07/16/2008 9.52.10.0)
"0A86889A63334895E2898E1C618451C13E8BEC74" = Windows Driver Package - Atheros Communications Inc. (athr) Net (09/18/2008 7.6.1.122)
"1D68F7A8B8397256B162B831457A6775BD17F3F4" = Windows Driver Package - Marvell (yukonwlh) Net (03/23/2007 10.12.7.3)
"1E934494E1FDB938ED1D9B958D5D5D465A07F06A" = Windows Driver Package - Intel (e1qexpress) Net (08/05/2008 10.3.49.0)
"2A220AD1D71245D60F803E0D8C463ABFFE7C6244" = Windows Driver Package - Apple Inc. Apple Trackpad Enabler (02/19/2009 3.0.0.0)
"2AC97D2605162B73D046D68013D1030CB7CFB87E" = Windows Driver Package - Intel (E1G60) Net (01/08/2008 8.3.9.0)
"3A712FAD839A90C4CD37CE06FA695DCC4E91A52F" = Windows Driver Package - Apple Inc. Apple Trackpad (03/05/2009 3.0.0.0)
"4D00971668041EDAD7097C5827D1739F03B9E5D7" = Windows Driver Package - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0)
"5A42EC04483B9307C1A29CDA2199268A7A8FA52D" = Windows Driver Package - Atheros Communications Inc. Net (09/18/2008 7.6.1.122)
"5F8BE32FAE3D6BC77B512F7B0624D7B6C8A26EFB" = Windows Driver Package - Apple Inc. Apple Bluetooth Enabler (06/27/2007 2.0.0.1)
"627745F8E8BB901B043047C3E308B4A76C1194FE" = Windows Driver Package - Intel Net (11/07/2007 8.10.1.0)
"675AAC36E980D647C94EAFFB2F929F247E711708" = Windows Driver Package - Intel Net (07/22/2008 10.3.45.0)
"695F4B9353FEE9320C20D297713F8828693D8AF3" = Windows Driver Package - Apple Inc. Apple Multitouch Mouse (03/25/2009 2.1.2.112)
"75B57AFB407D191B0DAEF05EE9665A5A86701A9A" = Windows Driver Package - Broadcom (BCM43XX) Net (10/22/2008 5.10.38.26)
"78C67451B87511098A9A0EC86E75B99B12298F5C" = Windows Driver Package - Intel Net (02/06/2008 9.12.18.0)
"7BD968405DE73C7E0F8E489DB5A5853A6CCB8D1D" = Windows Driver Package - Intel Net (08/05/2008 10.3.49.0)
"82BE89CA9B7493FA05D2D4D32B415CF07EA08B47" = Windows Driver Package - Intel System (07/20/2007 1.2.76.0)
"8D5DC06C9163DD58555F626F30703DA7B27EB8EB" = Windows Driver Package - Apple Inc. Apple Multitouch (03/25/2009 2.1.2.112)
"9324ED54E32F5399037F87E076CA01C6CEB92830" = Windows Driver Package - Apple Inc. Apple Built-in iSight (10/25/2007 2.0.1.0)
"9747248FCA6A074E791AABC17F527823A8225756" = Windows Driver Package - Intel (e1kexpress) Net (07/22/2008 10.3.45.0)
"A06888013552B918232820F81FDBA706F5CAAD39" = Windows Driver Package - Intel Net (06/13/2008 9.52.9.0)
"AD3493E108434977125BBF78F47699626F8AF64B" = Windows Driver Package - Apple Inc. (AppleUSBEthernet) Net (01/11/2008 3.4.3.18)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_d2f336b2c5feeb945c28b7a0a45170f" = Adobe Creative Suite 4 Master Collection
"AIM_7" = AIM 7
"ASIO4ALL" = ASIO4ALL
"AVG9Uninstall" = AVG Free 9.0
"B345101E6CC8B2FD9765620B9C7BCD3D7002BE6D" = Windows Driver Package - Intel (e1express) Net (02/06/2008 9.12.17.0)
"B4AC4F962DDC0DD6B71FCF20B8F2F694214FAE69" = Windows Driver Package - Apple Inc. Apple ODD (01/17/2008 2.0.2.2)
"BitTorrent" = BitTorrent
"C5CE3BA75A23622D2140C5D5D0998C07DDC4CF1C" = Windows Driver Package - Apple Inc. Apple Display (01/23/2009 3.0.0.0)
"ClearCanvas Workstation" = ClearCanvas Workstation 1.3
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"D7BD0CDD4F84752390916F44F40574507E36FE5E" = Windows Driver Package - Apple Inc. (applebt) Bluetooth (01/19/2009 2.1.2.1)
"DCEFA559AE3275AB4F80389685E1BD3D978A5707" = Windows Driver Package - Cirrus Logic, Inc. (CirrusFilter) MEDIA (04/29/2009 6.6001.1.8)
"DD660B87FBFA46A1E99C15466EA26AA41E678250" = Windows Driver Package - Apple Inc. Apple Keyboard (03/05/2009 3.0.0.0)
"Digsby" = Digsby
"DiskAid_is1" = DiskAid 3.1
"doPDF 6 printer_is1" = doPDF 6.3 printer
"EditPlus 3" = EditPlus 3
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"F24CB85E5983448F6319803791DEACED91E6565B" = Windows Driver Package - Apple Inc. System (08/22/2008 2.1.1.1)
"FileZilla Client" = FileZilla Client 3.3.0
"FL Studio 8" = FL Studio 8
"FlashDevelop" = FlashDevelop 3.0.3
"Fraps" = Fraps (remove only)
"Handbrake" = Handbrake 0.9.4
"IL Download Manager" = IL Download Manager
"IrfanView" = IrfanView (remove only)
"Launch of the Screaming Narwhal" = Tales of Monkey Island - Launch of the Screaming Narwhal
"Luster Platform Runtime" = Luster Platform Runtime
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.2.4536
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Microsoft Visual Studio 2008 Professional Edition - ENU" = Microsoft Visual Studio 2008 Professional Edition - ENU
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"NVIDIA Drivers" = NVIDIA Drivers
"PoiZone" = PoiZone
"PowerISO" = PowerISO
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 440" = Team Fortress 2
"Toxic Biohazard" = Toxic Biohazard
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"VLC media player" = VLC media player 1.0.1
"WinRAR archiver" = WinRAR archiver
"XNA Game Studio 3.1" = Microsoft XNA Game Studio 3.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Edited by bucksworld, 01 December 2009 - 01:14 PM.