A. The only problem I had was in downloading the OTL.exe file. I had to go to the oldtimer forum and choose a mirror site to get it.
B. CKFiles.txt:
CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\cassidy\my documents\electronic arts\the sims 3\saves\fat weird butt crack.sims3
c:\documents and settings\cassidy\my documents\electronic arts\the sims 3\saves\fat weird butt crack.sims3.backup
c:\documents and settings\cassidy\my documents\my music\itunes\mobile applications\crackcode.ipa
c:\documents and settings\cassidy\my documents\my pictures\nutcracker pontecorvo ballet 2011\.picasa.ini
c:\documents and settings\cassidy\my documents\my pictures\nutcracker pontecorvo ballet 2011\thumbs.db
scanner sequence 3.BC.11.MJABVF
----- EOF -----
C. TDSSKiller - nothing found during this scan
D. ODL.txt:
OTL logfile created on: 8/3/2012 8:05:28 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Cassidy\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 76.73% Memory free
3.85 Gb Paging File | 3.52 Gb Available in Paging File | 91.62% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 17.08 Gb Free Space | 21.86% Space Free | Partition Type: NTFS
Drive D: | 387.62 Gb Total Space | 45.77 Gb Free Space | 11.81% Space Free | Partition Type: NTFS
Drive E: | 629.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 5.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CASSIDY-9AB730E | User Name: Cassidy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/08/03 20:01:43 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cassidy\Desktop\OTL (1).exe
PRC - [2012/07/11 23:15:16 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/07/09 12:53:41 | 000,688,360 | ---- | M] (Webroot) -- C:\Program Files\Webroot\WRSA.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ========== MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ========== SRV - [2012/08/03 13:18:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 12:45:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/09 12:53:41 | 000,688,360 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files\Webroot\WRSA.exe -- (WRSVC)
SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/06/27 12:29:22 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012/07/09 12:53:41 | 000,111,632 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\WRkrn.sys -- (WRkrn)
DRV - [2012/03/09 02:22:00 | 007,586,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012/02/10 22:09:12 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/12/20 03:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010/11/06 22:24:30 | 000,019,056 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2009/03/18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008/07/28 17:19:28 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2006/11/22 08:01:00 | 000,250,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/09/23 18:56:28 | 003,966,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" =
http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" =
http://dts.search-results.com/sr?src=ie ... 06&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..CT3201318.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "FLV Runner Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://www.searchnu.com/406"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3201318&SearchSource=2&q="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programs\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Cassidy\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/19 12:45:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/07/27 22:13:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Extensions
[2012/07/27 22:53:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\extensions
[2011/06/11 16:24:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/07/27 21:42:55 | 000,000,000 | ---D | M] (FLV Runner) -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\extensions\{3bbd3c14-4c16-4989-8366-95bc9179779d}
[2012/06/20 20:07:36 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\extensions\support@lastpass.com
[2012/07/27 21:43:32 | 000,000,913 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\searchplugins\conduit.xml
[2012/07/19 12:28:57 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Mozilla\Firefox\Profiles\hb52vbnf.default\searchplugins\Search_Results.xml
[2012/07/27 22:13:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/12/13 22:02:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/19 12:45:17 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/19 12:45:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/19 12:28:57 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012/07/19 12:45:15 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - homepage:
http://www.searchnu.com/406CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://www.searchnu.com/406CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: NPLastPass (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpass.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\Programs\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Add to Amazon Wish List = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.8_0\
CHR - Extension: LastPass = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.11_0\
CHR - Extension: Illyriad = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hnfbcdoedgikkjokbgejbgkgijnoaanb\1.3_0\
CHR - Extension: MLB.com Scoreboard = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ignfgamliophfaggapcolfgjiekgppld\0.1.1_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Google Mail Checker = C:\Documents and Settings\Cassidy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
O1 HOSTS File: ([2011/12/30 22:05:35 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [WRSVC] C:\Program Files\Webroot\WRSA.exe (Webroot)
O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: LastPass -
file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms -
file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-725345543-1563985344-839522115-1003\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://update.microsoft.com/windowsupda ... 7808946421 (WUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF9AAAED-6CB1-4E93-B985-B14237BE0F3D}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Cassidy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Cassidy\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (ows\s) - File not found
O30 - LSA: Security Packages - (ecurity Packages settings...) - File not found
O30 - LSA: Security Packages - (o) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/11 11:08:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/06/20 13:49:25 | 000,069,632 | R--- | M] () - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2005/06/27 15:16:04 | 000,000,053 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011/09/16 03:07:13 | 000,054,544 | R--- | M] (Electronic Arts) - H:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2011/09/16 00:58:13 | 000,000,049 | R--- | M] () - H:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\Autorun.exe -- [2011/09/16 03:07:13 | 000,054,544 | R--- | M] (Electronic Arts)
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\J\Shell\AutoRun\command - "" = "J:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-725345543-1563985344-839522115-1003..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2012/08/03 20:01:48 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Cassidy\Desktop\OTL (1).exe
[2012/08/03 19:16:30 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Cassidy\Desktop\tdsskiller.exe
[2012/08/01 20:23:36 | 000,000,000 | ---D | C] -- C:\Program Files\OpenXML-ODF Translator
[2012/08/01 20:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\Start Menu\Programs\ODF Add-in for Microsoft Office
[2012/08/01 20:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2012/07/31 22:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\GameStop App
[2012/07/31 22:20:35 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{AC1FA872-E696-4D01-A2D5-76D53ED9BA09}
[2012/07/28 15:32:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Cassidy\Start Menu\Programs\Administrative Tools
[2012/07/27 22:47:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\Application Data\.techniclauncher
[2012/07/27 22:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/07/27 22:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012/07/27 22:43:12 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/27 22:43:12 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/27 22:43:08 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/27 22:43:08 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/27 22:03:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\Application Data\Oracle
[2012/07/27 22:03:19 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/07/27 22:02:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/07/26 21:32:33 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2012/07/22 13:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\Application Data\searchquband
[2012/07/22 13:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\AppData
[2012/07/19 12:42:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Cassidy\Local Settings\Application Data\Ilivid Player
[2012/07/19 12:28:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/07/15 22:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012/07/15 22:33:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2012/01/23 16:36:11 | 000,196,608 | ---- | C] (ICSharpCode.net) -- C:\Documents and Settings\Cassidy\ICSharpCode.SharpZipLib.dll
[2011/12/21 23:10:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Cassidy\Application Data\pcouffin.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/08/03 20:02:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1563985344-839522115-1003UA.job
[2012/08/03 20:01:43 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Cassidy\Desktop\OTL (1).exe
[2012/08/03 19:20:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/03 19:18:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/03 19:16:35 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Cassidy\Desktop\tdsskiller.exe
[2012/08/03 19:09:59 | 000,458,240 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\CKScanner.exe
[2012/08/03 15:04:29 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\Google Chrome.lnk
[2012/08/03 15:04:29 | 000,002,278 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/03 13:18:14 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/03 13:18:14 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/03 09:47:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/03 09:47:29 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/03 09:47:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/02 09:02:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-1563985344-839522115-1003Core.job
[2012/08/01 23:26:49 | 000,131,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/01 17:58:02 | 000,104,476 | ---- | M] () -- C:\Documents and Settings\Cassidy\My Documents\mens tennis scores 8'1'12.JPG
[2012/07/31 22:20:54 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GameStop App.lnk
[2012/07/29 09:57:00 | 000,001,074 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to technic-launcher.lnk
[2012/07/29 00:05:22 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/07/28 10:15:13 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to .techniclauncher.lnk
[2012/07/28 10:14:59 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Shortcut to .techniclauncher.lnk
[2012/07/27 22:43:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/07/27 22:43:00 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/07/27 22:23:59 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Cassidy\My Documents\My Computer.lnk
[2012/07/26 21:37:13 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 3 Generations.lnk
[2012/07/24 21:59:45 | 000,000,581 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Minecraft Mods2.lnk
[2012/07/24 21:59:25 | 000,000,731 | ---- | M] () -- C:\Documents and Settings\Cassidy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to .minecraft.lnk
[2012/07/22 19:05:26 | 000,000,739 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to Minecraft.lnk
[2012/07/17 01:51:07 | 000,032,256 | ---- | M] () -- C:\Documents and Settings\Cassidy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/15 22:56:16 | 000,000,708 | ---- | M] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut (2) to Minecraft_Server.lnk
[2012/07/12 00:29:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/07/09 12:53:41 | 000,148,664 | ---- | M] (Webroot) -- C:\WINDOWS\System32\WRusr.dll
[2012/07/09 12:53:41 | 000,111,632 | ---- | M] (Webroot) -- C:\WINDOWS\System32\drivers\WRkrn.sys
[2012/07/05 22:07:08 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/07/05 22:06:48 | 000,227,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/07/05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/07/05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/08/03 19:10:01 | 000,458,240 | ---- | C] () -- C:\Documents and Settings\Cassidy\Desktop\CKScanner.exe
[2012/08/01 17:58:01 | 000,104,476 | ---- | C] () -- C:\Documents and Settings\Cassidy\My Documents\mens tennis scores 8'1'12.JPG
[2012/07/31 22:20:54 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GameStop App.lnk
[2012/07/29 09:57:00 | 000,001,074 | ---- | C] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to technic-launcher.lnk
[2012/07/28 10:15:13 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to .techniclauncher.lnk
[2012/07/28 10:14:59 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\Shortcut to .techniclauncher.lnk
[2012/07/27 22:23:59 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Cassidy\My Documents\My Computer.lnk
[2012/07/26 21:37:13 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\The Sims™ 3 Generations.lnk
[2012/07/24 21:59:45 | 000,000,581 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to Minecraft Mods2.lnk
[2012/07/24 21:59:25 | 000,000,731 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\Microsoft\Internet Explorer\Quick Launch\Shortcut to .minecraft.lnk
[2012/07/20 15:19:30 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut to Minecraft.lnk
[2012/07/15 22:56:16 | 000,000,708 | ---- | C] () -- C:\Documents and Settings\Cassidy\Desktop\Shortcut (2) to Minecraft_Server.lnk
[2012/05/14 23:19:37 | 000,184,288 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/04/18 00:51:44 | 000,103,370 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-725345543-1563985344-839522115-1003-0.dat
[2012/04/18 00:51:43 | 000,103,370 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/04/17 22:43:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/04/17 21:20:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/04/17 21:19:58 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012/04/17 21:19:58 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012/04/17 21:19:58 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012/04/09 23:26:26 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/04/08 14:11:50 | 002,784,050 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/04/08 14:10:26 | 000,240,124 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/04/08 14:10:16 | 000,240,124 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/04/08 14:10:16 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/01/30 19:18:46 | 000,103,784 | ---- | C] () -- C:\Documents and Settings\Cassidy\GoToAssistDownloadHelper.exe
[2011/12/21 23:10:32 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\inst.exe
[2011/12/21 23:10:32 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\pcouffin.cat
[2011/12/21 23:10:32 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\pcouffin.inf
[2011/11/06 21:22:27 | 000,354,304 | ---- | C] () -- C:\WINDOWS\System32\pythoncom27.dll
[2011/11/06 21:22:27 | 000,110,080 | ---- | C] () -- C:\WINDOWS\System32\pywintypes27.dll
[2011/11/06 21:22:27 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\pythoncomloader27.dll
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2011/08/28 00:30:53 | 000,002,255 | ---- | C] () -- C:\Documents and Settings\Cassidy\.recently-used.xbel
[2011/07/23 11:10:15 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\vso_ts_preview.xml
[2011/06/22 22:27:15 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/06/20 21:54:06 | 000,010,709 | ---- | C] () -- C:\WINDOWS\hpwscr19.dat
[2011/06/20 21:52:34 | 000,176,495 | ---- | C] () -- C:\WINDOWS\hpwins19.dat
[2011/06/20 21:52:24 | 000,000,997 | ---- | C] () -- C:\WINDOWS\hpwmdl19.dat
[2011/06/19 01:23:30 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2011/06/13 14:48:43 | 000,017,460 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/06/12 08:53:19 | 000,138,904 | ---- | C] () -- C:\Documents and Settings\Cassidy\Application Data\PnkBstrK.sys
[2011/06/12 08:52:57 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2011/06/11 16:23:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/06/11 11:20:30 | 000,032,256 | ---- | C] () -- C:\Documents and Settings\Cassidy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/11 11:17:19 | 002,293,194 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011/06/11 11:09:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/06/11 11:06:26 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/06/11 06:58:15 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/06/11 06:57:24 | 000,131,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
========== LOP Check ========== [2012/04/21 00:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[2012/07/20 08:20:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2012/02/10 22:08:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/04/20 07:39:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\DSS
[2012/02/25 00:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2012/02/26 12:58:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Logs
[2012/02/25 00:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/05/08 17:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameStop
[2011/06/11 22:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gibraltar
[2011/06/17 00:38:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ironclad Games
[2012/02/25 00:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2011/06/18 00:43:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Paradox
[2011/08/30 22:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2012/01/21 00:54:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Stardock
[2011/12/21 23:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vso
[2011/07/23 11:41:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vsosdk
[2012/08/03 19:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WRData
[2011/06/11 16:53:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/01/20 23:58:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{65A07368-8188-47C9-A998-7B7AB947F035}
[2012/07/31 22:20:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{AC1FA872-E696-4D01-A2D5-76D53ED9BA09}
[2012/08/01 11:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\.minecraft
[2012/08/02 14:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\.techniclauncher
[2012/06/22 22:39:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\BSW
[2012/02/10 22:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\DAEMON Tools Lite
[2011/08/28 00:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\gtk-2.0
[2011/09/26 19:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\My Games
[2011/11/07 01:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\ooVoo Details
[2012/07/27 22:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Oracle
[2012/02/24 23:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Origin
[2012/01/08 17:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Philipp Winterberg
[2011/08/30 22:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Research In Motion
[2012/02/27 16:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\RotMG.Production
[2011/06/12 17:40:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\runic games
[2012/07/22 13:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\searchquband
[2012/04/28 21:45:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Sony Online Entertainment
[2012/05/18 22:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Spotify
[2011/06/11 22:58:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Stardock
[2011/08/02 00:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\SystemRequirementsLab
[2011/09/16 16:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Unity
[2011/12/21 23:50:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Cassidy\Application Data\Vso
[2012/04/06 09:34:13 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ========== < End of report >
E. Extras.txt:
OTL Extras logfile created on: 8/3/2012 8:05:28 PM - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Documents and Settings\Cassidy\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 76.73% Memory free
3.85 Gb Paging File | 3.52 Gb Available in Paging File | 91.62% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 17.08 Gb Free Space | 21.86% Space Free | Partition Type: NTFS
Drive D: | 387.62 Gb Total Space | 45.77 Gb Free Space | 11.81% Space Free | Partition Type: NTFS
Drive E: | 629.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 5.31 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CASSIDY-9AB730E | User Name: Cassidy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-725345543-1563985344-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Games\Star Wars-The Old Republic\swtor\retailclient\swtor.exe" = D:\Games\Star Wars-The Old Republic\swtor\retailclient\swtor.exe:*:Enabled:Star Wars - The Old Republic -- (BioWare, A Division of Electronic Arts)
"D:\Games\Star Wars-The Old Republic\launcher.exe" = D:\Games\Star Wars-The Old Republic\launcher.exe:*:Enabled:Star Wars - The Old Republic -- (BioWare)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Games\Steam\SteamApps\common\gish\gish.exe" = D:\Games\Steam\SteamApps\common\gish\gish.exe:*:Enabled:Gish
"D:\Games\Steam\SteamApps\common\torchlight\Torchlight.exe" = D:\Games\Steam\SteamApps\common\torchlight\Torchlight.exe:*:Enabled:Torchlight -- (Runic Games, Inc.)
"D:\Games\Steam\SteamApps\common\aquaria\Aquaria.exe" = D:\Games\Steam\SteamApps\common\aquaria\Aquaria.exe:*:Enabled:Aquaria
"D:\Games\Steam\SteamApps\common\penumbra overture\redist\Penumbra.exe" = D:\Games\Steam\SteamApps\common\penumbra overture\redist\Penumbra.exe:*:Enabled:Penumbra: Overture
"D:\Games\Steam\SteamApps\common\lugaru hd\Lugaru.exe" = D:\Games\Steam\SteamApps\common\lugaru hd\Lugaru.exe:*:Enabled:Lugaru HD -- ()
"D:\Games\Steam\SteamApps\common\world of goo\WorldOfGoo.exe" = D:\Games\Steam\SteamApps\common\world of goo\WorldOfGoo.exe:*:Enabled:World of Goo
"D:\Games\Steam\SteamApps\common\osmos\osmos.exe" = D:\Games\Steam\SteamApps\common\osmos\osmos.exe:*:Enabled:Osmos
"D:\Games\Steam\SteamApps\common\machinarium\machinarium.exe" = D:\Games\Steam\SteamApps\common\machinarium\machinarium.exe:*:Enabled:Machinarium -- (Adobe Systems, Inc.)
"D:\Games\Demigod\bin\Demigod.exe" = D:\Games\Demigod\bin\Demigod.exe:*:Enabled:Demigod -- (Gas Powered Games)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB
"D:\Games\Steam\SteamApps\common\revenge of the titans\RevengeOfTheTitans.exe" = D:\Games\Steam\SteamApps\common\revenge of the titans\RevengeOfTheTitans.exe:*:Enabled:Revenge of the Titans
"D:\Games\World of Warcraft\Launcher.exe" = D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- (Blizzard Entertainment)
"D:\Games\World of Warcraft\Launcher.patch.exe" = D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher
"D:\Games\World of Warcraft\BackgroundDownloader.exe" = D:\Games\World of Warcraft\BackgroundDownloader.exe:*:Enabled:BackgroundDownloader.exe -- (Blizzard Entertainment)
"D:\Games\Sins\Sins of a Solar Empire.exe" = D:\Games\Sins\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire -- (Ironclad Games)
"D:\Games\Sins\Sins of a Solar Empire Entrenchment.exe" = D:\Games\Sins\Sins of a Solar Empire Entrenchment.exe:*:Enabled:Sins of a Solar Empire - Entrenchment -- (Ironclad Games)
"D:\Games\Sins\Sins of a Solar Empire Diplomacy.exe" = D:\Games\Sins\Sins of a Solar Empire Diplomacy.exe:*:Enabled:Sins of a Solar Empire - Diplomacy -- (Ironclad Games)
"D:\Programs\uTorrent\uTorrent.exe" = D:\Programs\uTorrent\uTorrent.exe:*:Enabled:µTorrent
"D:\Programs\Vent\Ventrilo.exe" = D:\Programs\Vent\Ventrilo.exe:*:Enabled:Ventrilo.exe -- (Flagship Industries, Inc.)
"D:\Games\RoI\RoIClientR.exe" = D:\Games\RoI\RoIClientR.exe:*:Enabled:Rise of Immortals -- (Petroglyph Games, Inc.)
"C:\Documents and Settings\Cassidy\Local Settings\Apps\2.0\VJ53CVC2.BT8\H1V5N2NJ.CQ2\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe" = C:\Documents and Settings\Cassidy\Local Settings\Apps\2.0\VJ53CVC2.BT8\H1V5N2NJ.CQ2\curs..tion_eee711038731a406_0004.0000_0d453ed5fea2fe48\CurseClient.exe:*:Enabled:Curse Client 4.0
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{036138A4-CE69-54B3-EC3A-22EC160303E0}" = CCC Help Czech
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0A68C819-3333-E57F-5881-D3FE31C1F2D5}" = CCC Help Turkish
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6A1825-474F-4124-9016-1168471D847B}" = Google Drive
"{23481C75-AA13-858C-C707-51D7744F2309}" = CCC Help English
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2E295B5B-1AD4-4d36-97C2-A316084722CF}" = Python 2.7.2
"{3179E96B-2CCF-A00A-5738-4C14DBA0DACA}" = CCC Help Chinese Traditional
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3BDCECE1-F7F8-81E3-EE26-AF8FD5172A56}" = CCC Help German
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{41B4F085-82E5-C9C2-9AB3-65D67EF60883}" = CCC Help Italian
"{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5157A26D-28AF-4E96-99EE-25D510437653}_is1" = SpaceChem
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{59A86970-E9AB-0D1D-A269-2381A89F0CF2}" = Catalyst Control Center InstallProxy
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5DCB68D8-686F-0550-6DD3-957A366F8F99}" = CCC Help Norwegian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{653B7F6E-F594-4B55-61BA-78F8FE6E500A}" = CCC Help Finnish
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66BA3D87-812D-C11B-D7EA-A62DD125099E}" = ATI AVIVO Codecs
"{69101ED4-FAEB-44EE-1A0E-0602CD6458F3}" = Catalyst Control Center
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Kingdoms of Amalur: Reckoning
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73750E8F-0277-4EF7-AD90-7723B5C0A8B8}" = Elemental: Fallen Enchantress
"{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1
"{76B0FAA5-C23B-58E8-EB51-1195A4D6BEB7}" = Catalyst Control Center Localization All
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Town Life Stuff
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{821CF756-EDC0-5A8C-6ECA-3F4682DEAFD1}" = CCC Help French
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB7E2C1-13A7-F9A0-277F-8CFB5B198E7E}" = CCC Help Polish
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{950A97A5-F8AF-26C7-8F8B-47F7C1F03363}" = CCC Help Portuguese
"{96A092BE-173D-6824-14FD-1C8C0477C1D1}" = CCC Help Greek
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B05F6FC-AE16-488C-A822-F641ADC61B6A}_is1" = VSO CopyTo 5
"{9BA4C082-183A-4869-06DB-4F563355D33F}" = CCC Help Spanish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A997829F-090A-06FC-ADDA-B907E0D2562E}" = AMD Catalyst Install Manager
"{AB4FE709-7AC5-A7FF-A947-A110CEFCB074}" = CCC Help Hungarian
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B802B2D2-C777-1876-8204-C0F360CBF955}" = CCC Help Dutch
"{BBC2068D-CE9C-48F5-A6EA-4B44B9DB14A5}" = Catalyst Control Center - Branding
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6BD88D1-A8D3-B46F-781E-80A6A6927E09}" = CCC Help Chinese Standard
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D3CD290C-C254-F440-962D-F9D0E60DD3F4}" = CCC Help Danish
"{DA3DB4D7-429D-4292-F855-C47C6EA1AFF8}" = CCC Help Thai
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.10.348
"{DE464235-13EC-F0E2-2608-9A8103F52DF8}" = CCC Help Japanese
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E8D9FAA2-D3DB-7FA3-3FFE-0AC935251F99}" = CCC Help Swedish
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = GameStop App
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.5
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F748B53A-A58F-17B4-F380-08EF92B6A6F4}" = CCC Help Korean
"{FA584B62-7ECF-A981-0D1E-A8BE67C604DB}" = Catalyst Control Center Graphics Previews Common
"{FBFC6AFA-082C-CBEC-3D28-1EE9CA16D029}" = ccc-utility
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9B0E3E-9D2E-2560-EEA2-BB35A369C491}" = CCC Help Russian
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Audacity_is1" = Audacity 1.2.6
"AudibleDownloadManager" = Audible Download Manager
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"BOSS" = BOSS
"BSW" = BrettspielWelt
"CCleaner" = CCleaner
"CleanUp!" = CleanUp!
"comtypes-py2.7" = Python 2.7 comtypes-0.6.2
"DAEMON Tools Lite" = DAEMON Tools Lite
"Demigod" = Demigod
"Elemental: Fallen Enchantress" = Elemental: Fallen Enchantress
"EQ2MAP Updater" = EQ2MAP Updater 1.2.10
"GameStop App" = GameStop App
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagicDisc 2.7.105" = MagicDisc 2.7.105
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.12
"OpenAL" = OpenAL
"Origin" = Origin
"Picasa 3" = Picasa 3
"pywin32-py2.7" = Python 2.7 pywin32-216
"RarZilla Free Unrar" = RarZilla Free Unrar
"Sins of a Solar Empire" = Sins of a Solar Empire
"Sins of a Solar Empire - Diplomacy" = Sins of a Solar Empire - Diplomacy
"Sins of a Solar Empire - Entrenchment" = Sins of a Solar Empire - Entrenchment
"Steam App 105430" = Age of Empires Online
"Steam App 105600" = Terraria
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 200210" = Realm of the Mad God
"Steam App 400" = Portal
"Steam App 6020" = Star Wars Jedi Knight: Jedi Academy
"Steam App 91600" = Sanctum
"Steam App 98200" = Frozen Synapse
"Sword of the Stars" = Sword of the Stars Complete Collection
"VideoPad" = VideoPad Video Editor
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WRUNINST" = Webroot SecureAnywhere
"Wrye Bash" = Wrye Bash
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"wxPython2.8-ansi-py27_is1" = wxPython 2.8.12.1 (ansi) for Python 2.7
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-725345543-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)
"SOE-EverQuest II" = EverQuest II
"SOE-LegendsOfNorrath" = Legends of Norrath
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/26/2012 9:28:09 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Error - 7/26/2012 9:28:23 PM | Computer Name = CASSIDY-9AB730E | Source = Application Hang | ID = 1002
Description = Hanging application DTLite.exe, version 4.45.2.287, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 7/26/2012 9:43:58 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application ts3w.exe, version 0.2.0.148, faulting module
ts3w.exe, version 0.2.0.148, fault address 0x0017f196.
Error - 7/26/2012 10:00:42 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module unknown, version 0.0.0.0, fault address 0x05770fef.
Error - 7/27/2012 10:45:48 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application , version 0.0.0.0, faulting module unknown, version
0.0.0.0, fault address 0x00000000.
Error - 7/28/2012 1:53:14 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 5.5.32.124, faulting module
kernel32.dll, version 5.1.2600.5781, fault address 0x00012afb.
Error - 7/30/2012 12:07:46 PM | Computer Name = CASSIDY-9AB730E | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 7/30/2012 6:36:18 PM | Computer Name = CASSIDY-9AB730E | Source = Application Error | ID = 1000
Description = Faulting application skype.exe, version 5.5.32.124, faulting module
skype.exe, version 5.5.32.124, fault address 0x00663fc3.
Error - 8/1/2012 11:32:03 AM | Computer Name = CASSIDY-9AB730E | Source = Application Hang | ID = 1002
Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 8/2/2012 10:10:52 AM | Computer Name = CASSIDY-9AB730E | Source = Application Hang | ID = 1002
Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 8/2/2012 9:12:43 AM | Computer Name = CASSIDY-9AB730E | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 8/2/2012 9:12:51 AM | Computer Name = CASSIDY-9AB730E | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 8/2/2012 9:12:58 AM | Computer Name = CASSIDY-9AB730E | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 8/2/2012 9:13:05 AM | Computer Name = CASSIDY-9AB730E | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 8/2/2012 9:20:00 AM | Computer Name = CASSIDY-9AB730E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service gupdate with
arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error - 8/2/2012 2:20:00 PM | Computer Name = CASSIDY-9AB730E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service gupdate with
arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error - 8/2/2012 7:20:00 PM | Computer Name = CASSIDY-9AB730E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service gupdate with
arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error - 8/3/2012 9:48:05 AM | Computer Name = CASSIDY-9AB730E | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
Error - 8/3/2012 10:20:00 AM | Computer Name = CASSIDY-9AB730E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service gupdate with
arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Error - 8/3/2012 3:20:00 PM | Computer Name = CASSIDY-9AB730E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service gupdate with
arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
< End of report >
F. Nothing different at the moment - although my wife was on the computer earlier and said that when she opened firefox the searchnu page opened again by default. I asked her to use our laptop for now until I give her the all clear.