Thank you!
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4460
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
8/22/2010 2:25:06 PM
mbam-log-2010-08-22 (14-25-06).txt
Scan type: Quick scan
Objects scanned: 134452
Time elapsed: 8 minute(s), 14 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Users\Sara\AppData\Local\Temp\low\COUPON~1.DLL (Trojan.BHO.H) -> Quarantined and deleted successfully.
OTL logfile created on: 8/22/2010 3:16:52 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Sara\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 63.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.45 Gb Total Space | 177.45 Gb Free Space | 62.16% Space Free | Partition Type: NTFS
Drive D: | 12.63 Gb Total Space | 1.99 Gb Free Space | 15.78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SARA-LAPTOP
Current User Name: Sara
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/08/22 15:16:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
PRC - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2009/12/20 10:10:35 | 000,392,520 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\Rps.exe
PRC - [2009/09/15 18:09:35 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe
PRC - [2009/08/05 13:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
PRC - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\Fws.exe
PRC - [2009/04/03 14:51:32 | 000,143,360 | ---- | M] (Kaspersky Lab.) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\Kav\Bin\ScanningProcess.exe
PRC - [2009/03/12 12:31:56 | 000,308,464 | ---- | M] (Radialpoint Inc.) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepointComHandler.exe
PRC - [2009/03/12 12:31:54 | 002,303,216 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\VSP\VerizonServicepoint.exe
PRC - [2009/01/06 18:40:20 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2009/01/06 18:40:20 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2008/12/23 16:18:20 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/14 18:28:12 | 000,592,408 | ---- | M] (Sana Security) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\SafeConnect\bin\SanaMonitor.exe
PRC - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\SafeConnect\bin\SanaAgent.exe
PRC - [2007/09/28 11:30:55 | 001,002,496 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files (x86)\Verizon\McciTrayApp.exe
========== Modules (SafeList) ==========
MOD - [2010/08/22 15:16:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
MOD - [2008/01/20 19:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009/01/20 06:37:30 | 000,935,936 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/12/21 11:33:04 | 000,290,304 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_9afbc1bd\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/09/22 17:14:20 | 001,285,896 | ---- | M] (Raxco Software, Inc.) [On_Demand | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe -- (PD91Engine)
SRV:64bit: - [2008/09/22 17:14:12 | 001,101,064 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe -- (PD91Agent)
SRV:64bit: - [2008/03/18 16:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/06/10 21:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/05/14 12:59:44 | 000,455,944 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/03/18 14:27:14 | 001,020,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/15 18:09:35 | 000,175,184 | ---- | M] (Radialpoint SafeCare Inc.) [On_Demand | Running] -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\RpsSecurityAwareR.exe -- (Radialpoint Security Services)
SRV - [2009/08/05 13:49:44 | 000,284,016 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe -- (Kodak AiO Network Discovery Service)
SRV - [2009/04/22 10:37:48 | 000,371,440 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\Fws.exe -- (RP_FWS)
SRV - [2009/01/06 18:40:20 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2009/01/06 18:40:20 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/12/23 16:18:20 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/14 18:28:10 | 004,937,752 | R--- | M] (Sana Security) [Auto | Running] -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\SafeConnect\Bin\SanaAgent.exe -- (RadialpointSafeConnectAgent)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SRTSPX64.SYS -- (SRTSPX)
DRV:64bit: - File not found [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/09 12:16:04 | 000,021,504 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/14 06:13:54 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2009/04/03 14:51:34 | 000,160,272 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
DRV:64bit: - [2009/03/06 09:06:18 | 000,197,120 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/01/20 06:38:02 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2009/01/20 06:37:54 | 004,988,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/01/08 14:29:20 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/12/21 11:33:06 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/11/26 15:20:00 | 000,071,456 | ---- | M] (Radialpoint Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rp_skt64.sys -- (RPSKT) Security Services Driver (x64)
DRV:64bit: - [2008/08/06 22:20:10 | 000,059,136 | ---- | M] (Radialpoint, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rp_pkt64.sys -- (RPPKT) Radialpoint Filter (x64)
DRV:64bit: - [2008/03/27 12:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 12:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/01/31 16:23:14 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/01/20 19:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel®
DRV:64bit: - [2008/01/20 19:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/06/18 16:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/11/09 11:04:00 | 000,026,112 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pelmouse.sys -- (pelmouse)
DRV:64bit: - [2006/11/09 11:04:00 | 000,023,040 | R--- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\pelusblf.sys -- (pelusblf)
DRV:64bit: - [2006/10/03 18:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 14:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2009/01/08 01:19:08 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/05/14 06:56:22] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2008/11/14 18:28:36 | 000,204,824 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys -- (RadialpointSafeConnectDriver)
DRV - [2008/11/14 18:28:36 | 000,035,352 | ---- | M] (Sana Security, Inc. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys -- (RadialpointSafeConnectFilter)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
O1 HOSTS File: ([2006/09/18 14:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files (x86)\Verizon\Verizon Internet Security Suite\pkR.dll (Verizon)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (TTB000000 Class) - {62960D20-6D0D-1AB4-4BF1-95B0B5B8783A} - C:\Users\Sara\AppData\Local\Temp\low\COUPON~1.DLL File not found
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (CouponBar) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\Users\Sara\AppData\Local\Temp\low\CouponsBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (CouponBar) - {5BED3930-2E9E-76D8-BACC-80DF2188D455} - C:\Users\Sara\AppData\Local\Temp\low\CouponsBar.dll File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Conime] C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files (x86)\Verizon\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 68.238.64.12
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sara\Pictures\Photos\Hawaii 2010\102_1562.JPG
O24 - Desktop BackupWallPaper: C:\Users\Sara\Pictures\Photos\Hawaii 2010\102_1562.JPG
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8d49490f-1462-11df-a3e7-0021cc3996a2}\Shell\AutoRun\command - "" = E:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{8d49490f-1462-11df-a3e7-0021cc3996a2}\Shell\Setup FlipShare\command - "" = E:\Setup_FlipShare.exe -- File not found
O33 - MountPoints2\{bf1bfbd3-798d-11de-8349-0021cc3996a2}\Shell - "" = AutoRun
O33 - MountPoints2\{bf1bfbd3-798d-11de-8349-0021cc3996a2}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.3IV2 - C:\Windows\SysWow64\3ivxVfWCodec.dll (3ivx Technologies Pty. Ltd.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/08/22 15:14:07 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2010/08/22 14:13:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/08/22 14:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/08/22 10:41:58 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Sara\Desktop\TFC.exe
[2010/08/21 20:00:42 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Roaming\Malwarebytes
[2010/08/21 20:00:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/08/21 20:00:03 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/08/21 20:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/08/21 20:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/08/01 17:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/08/01 17:20:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/08/01 17:20:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/07/23 21:53:28 | 000,000,000 | ---D | C] -- C:\Users\Sara\AppData\Local\Microsoft Corporation
[2010/07/20 20:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flip Video
[2010/06/21 12:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/21 12:59:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/06/21 12:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2010/06/14 21:45:01 | 000,000,000 | ---D | C] -- C:\Users\Sara\Documents\USB Data
========== Files - Modified Within 90 Days ==========
[2010/08/22 15:25:13 | 001,835,008 | -HS- | M] () -- C:\Users\Sara\NTUSER.DAT
[2010/08/22 15:25:08 | 063,795,260 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat
[2010/08/22 15:16:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2010/08/22 14:29:26 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/08/22 14:29:25 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/08/22 14:27:40 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/08/22 14:27:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/08/22 14:26:25 | 001,143,084 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx
[2010/08/22 14:25:55 | 000,524,288 | -HS- | M] () -- C:\Users\Sara\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/08/22 14:25:55 | 000,065,536 | -HS- | M] () -- C:\Users\Sara\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/08/22 14:25:54 | 001,693,134 | -H-- | M] () -- C:\Users\Sara\AppData\Local\IconCache.db
[2010/08/22 14:12:33 | 000,000,943 | ---- | M] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/08/22 14:12:26 | 000,000,763 | ---- | M] () -- C:\Users\Sara\Desktop\NTREGOPT.lnk
[2010/08/22 14:12:26 | 000,000,744 | ---- | M] () -- C:\Users\Sara\Desktop\ERUNT.lnk
[2010/08/22 10:42:12 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\TFC.exe
[2010/08/22 08:54:41 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/21 20:00:10 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/16 13:39:11 | 000,314,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/01 17:25:26 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/08/01 17:25:26 | 000,604,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/08/01 17:25:26 | 000,104,170 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/08/01 17:23:38 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/30 19:08:09 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForSara.job
[2010/07/23 21:26:13 | 000,016,896 | ---- | M] () -- C:\Users\Sara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/20 20:48:49 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\FlipShare.lnk
[2010/07/12 19:53:14 | 000,001,782 | -H-- | M] () -- C:\Users\Sara\Documents\Default.rdp
[2010/06/21 14:02:47 | 000,000,629 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2010/06/21 12:57:07 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/06/21 12:57:07 | 000,001,866 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/06/16 08:17:59 | 000,511,661 | ---- | M] () -- C:\Users\Sara\Documents\FORKLIFT SAFETY Slide Show.pptx
[2010/06/14 18:10:31 | 001,331,466 | ---- | M] () -- C:\Users\Sara\Documents\ITSDF%20B56-1-2009-rev-02-23-10 forklift.pdf
[2010/06/04 00:27:18 | 000,000,540 | ---- | M] () -- C:\Windows\SysNative\PDBootState
[2010/05/31 18:40:35 | 000,002,617 | ---- | M] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk
[2010/05/31 18:40:35 | 000,002,593 | ---- | M] () -- C:\Users\Public\Desktop\HP MediaSmart.lnk
========== Files Created - No Company Name ==========
[2010/08/22 14:12:33 | 000,000,943 | ---- | C] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/08/22 14:12:26 | 000,000,763 | ---- | C] () -- C:\Users\Sara\Desktop\NTREGOPT.lnk
[2010/08/22 14:12:26 | 000,000,744 | ---- | C] () -- C:\Users\Sara\Desktop\ERUNT.lnk
[2010/08/21 20:00:10 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/01 17:23:38 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/07/20 20:48:49 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\FlipShare.lnk
[2010/07/04 18:46:07 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/21 14:02:47 | 000,000,629 | ---- | C] () -- C:\Windows\SysNative\mapisvc.inf
[2010/06/21 12:57:07 | 000,001,866 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/06/21 12:57:07 | 000,001,866 | ---- | C] () -- C:\Users\Sara\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/06/15 20:18:31 | 000,511,661 | ---- | C] () -- C:\Users\Sara\Documents\FORKLIFT SAFETY Slide Show.pptx
[2010/06/14 18:10:23 | 001,331,466 | ---- | C] () -- C:\Users\Sara\Documents\ITSDF%20B56-1-2009-rev-02-23-10 forklift.pdf
[2009/12/12 22:01:18 | 000,171,238 | R--- | C] () -- C:\Windows\PMUninst.ini
[2009/12/12 22:01:18 | 000,000,554 | R--- | C] () -- C:\Windows\xUninstEx.ini
[2009/12/12 22:01:18 | 000,000,162 | R--- | C] () -- C:\Windows\xUninst.ini
[2009/11/08 19:52:50 | 000,000,183 | ---- | C] () -- C:\Users\Sara\AppData\Local\LaunchHomeCenter.log
[2009/11/08 19:25:15 | 000,293,076 | ---- | C] () -- C:\Users\Sara\AppData\Local\installer.log
[2009/10/20 21:33:47 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/10/20 21:27:12 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/06 21:45:36 | 000,016,896 | ---- | C] () -- C:\Users\Sara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/27 15:52:11 | 000,000,000 | ---- | C] () -- C:\Users\Sara\AppData\Roaming\wklnhst.dat
[2009/07/25 10:39:07 | 000,000,000 | ---- | C] () -- C:\Users\Sara\AppData\Local\QSwitch.txt
[2009/07/25 10:39:07 | 000,000,000 | ---- | C] () -- C:\Users\Sara\AppData\Local\DSwitch.txt
[2009/07/25 10:39:07 | 000,000,000 | ---- | C] () -- C:\Users\Sara\AppData\Local\AtStart.txt
[2009/07/25 10:39:05 | 000,008,338 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/05/14 07:10:58 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/05/14 07:10:21 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/05/14 07:10:10 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/05/14 07:09:29 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/05/14 07:07:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/03/26 13:13:02 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/03/26 13:03:50 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/03/26 13:00:54 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/03/26 12:58:34 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/02/18 23:33:34 | 000,446,352 | ---- | C] () -- C:\Windows\SysWow64\OpenQuicktimeLib.dll
[2008/01/20 19:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== LOP Check ==========
[2010/02/25 22:45:51 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/11/08 19:28:42 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\Temp
[2009/07/27 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\Template
[2009/07/28 20:00:50 | 000,000,000 | ---D | M] -- C:\Users\Sara\AppData\Roaming\WildTangent
[2010/08/22 14:26:03 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/12/01 23:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2009/07/25 13:20:47 | 000,001,713 | ---- | M] () -- C:\NTDClient.log
[2010/08/22 14:27:20 | 311,492,607 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
[2006/11/02 08:06:41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:06:41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:06:41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/11/11 20:54:46 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2006/09/18 14:35:48 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008/01/20 20:21:59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2009/09/23 18:20:36 | 000,000,286 | -HS- | M] () -- C:\Users\Sara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
[2010/08/22 15:16:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\OTL.exe
[2010/08/22 10:42:12 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Sara\Desktop\TFC.exe
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Files - Unicode (All) ==========
[2009/07/25 13:59:18 | 000,000,036 | ---- | M] ()(C:\Windows\SysWow64\???????????????????????4???????????????????????) -- C:\Windows\SysWow64\㩃停潲牧浡䘠汩獥⠠㡸⤶噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩
[2009/07/25 11:09:50 | 000,000,036 | ---- | C] ()(C:\Windows\SysWow64\???????????????????????4???????????????????????) -- C:\Windows\SysWow64\㩃停潲牧浡䘠汩獥⠠㡸⤶噜牥穩湯噜牥穩湯䤠瑮牥敮⁴敓畣楲祴匠極整卜晡䍥湯敮瑣䍜湯楦屧噘敩潣普杩
< End of report >
OTL Extras logfile created on: 8/22/2010 3:16:52 PM - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Sara\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 63.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.45 Gb Total Space | 177.45 Gb Free Space | 62.16% Space Free | Partition Type: NTFS
Drive D: | 12.63 Gb Total Space | 1.99 Gb Free Space | 15.78% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: SARA-LAPTOP
Current User Name: Sara
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 5B D7 CE 55 00 64 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CE8564E-4AE2-4D1C-B125-8AD103C58D8E}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{1D8B4F8A-838E-48E9-B070-4480CAB110D4}" = rport=139 | protocol=6 | dir=out | app=system |
"{3DCE200E-E7C9-4069-874C-ED0AE08747D5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{64A067C6-15F5-419C-AC6C-4F6723AF171D}" = lport=137 | protocol=17 | dir=in | app=system |
"{6972ED73-BAF9-4715-98B0-6677137B446D}" = lport=138 | protocol=17 | dir=in | app=system |
"{8163BB59-C8CA-455F-90D8-61040F8F033B}" = lport=139 | protocol=6 | dir=in | app=system |
"{92059B0C-FBDB-4E57-B69D-6FC6E9DEE676}" = lport=445 | protocol=6 | dir=in | app=system |
"{9F5B8311-3066-48A4-BB94-920E919CC83F}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{A37DF11F-6D16-436E-B8A3-5C4D92A063D9}" = rport=445 | protocol=6 | dir=out | app=system |
"{ACC066C9-A953-4C6B-8822-2F9676D433BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BD70010E-02F4-4B08-BCF7-D807FB8CB087}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CD9B7406-BF4E-4A40-99AC-72F10B714FD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E4845CCF-32DA-4DC0-BF2C-76222CA60A5F}" = rport=137 | protocol=17 | dir=out | app=system |
"{FDE0ED26-78E6-4583-814D-17AA04FCB846}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055F5BD9-1EBF-40DD-94BF-E718F891CE6C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{093F89AE-2777-4CA9-8831-B2D05DB7CAF0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1845EF7E-6C57-4919-8764-5C91956C5965}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{23D7C594-8A5D-476E-A99A-3CC8AA344C67}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{35827343-2D9A-4890-99CB-F630EFD9A121}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{38AE635D-51AB-41D3-9A28-06D8702127EF}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{4122122D-12D5-42B1-8F77-9A16AA8609DD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{4A239E4E-1BA8-4529-9392-C3F4E3FB829B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4B09B7F3-3103-4335-BE7E-B851E7133305}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{4D398070-318E-4979-990A-552BFD44F6D3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{54431470-1CAF-4BCA-BFF4-A36CEAD96829}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{5556F1EA-F0CA-4614-8A44-B10E63C42E42}" = protocol=58 | dir=out | [email protected],-28546 |
"{5CECA6D2-0CBF-4F8A-A1EB-41335044D1C7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{5D3B1BEF-6433-4CFF-AED7-CAFF1B074A08}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{658B89F5-FE16-426A-ADBC-00858AF9F326}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{8C14FBF6-C62C-4965-BAFA-A5CB8FA733FB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9F174FC9-55AA-4A43-9F99-9458F7514248}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A2E77D85-221D-422E-8EA6-14FE76B935E9}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{AB62B69E-0449-49FA-835E-FCC6F5C8CBE3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{B5E04870-EFBB-4EF1-9766-E6413DE3BAF7}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{BC6F551D-F551-43EB-B725-7CA64D9946E0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{C600C1B1-A3C1-4B81-B1FA-0D3B0442D444}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{C9EB4765-685B-4043-A1C0-088ECCA9E7E8}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{CF99DB8A-B259-402E-87A4-766ED0F0B0D1}" = protocol=1 | dir=in | [email protected],-28543 |
"{D47BCCD6-D6F7-4024-A8ED-13C01AD459C7}" = protocol=58 | dir=in | [email protected],-28545 |
"{D9DA6E8F-AB65-4C64-99B2-8F89566D1B8D}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DCACC69E-B5E9-41EC-BEE4-931471B91BFA}" = protocol=1 | dir=out | [email protected],-28544 |
"{E51648F3-7819-404C-AC54-A93FF49E6034}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{06CB1559-8956-4F61-8D12-498715F67ECC}" = MobileMe Control Panel
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes
"{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}" = PerfectDisk 2008
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{4E1C2F9E-888A-3742-42FE-A0B26448DEF3}" = ATI Catalyst Install Manager
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A17FE11B-FFE7-4900-8120-0703F1BFD0C3}" = RPS Burn64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF3D6899-2C8D-DCB4-8601-924FE44732DF}" = ccc-utility64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MouseSuite98" = Mouse Suite
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{148D093E-113F-824E-4AD1-D986BA0CF904}" = Catalyst Control Center Localization Italian
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1F40420C-835B-0950-050C-737A7123612A}" = CCC Help Chinese Traditional
"{1F88DF73-339D-8D26-85C3-8F592861ED65}" = Catalyst Control Center Localization Turkish
"{1FB0B1BA-FA72-8D0B-A684-AAB24EF68569}" = Catalyst Control Center Core Implementation
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235F2B14-B178-8377-2529-90CA3D8F6BED}" = CCC Help Italian
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{258749E2-3A46-42B1-9A01-BF977AA06FAC}" = RPS CRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 14
"{27471967-23FC-08FB-232C-E4618312076E}" = CCC Help Norwegian
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2C37847C-3E25-CC8E-ED9B-664B20B6BAFE}" = Catalyst Control Center Localization Japanese
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{338FA5E6-4215-F340-2748-6A2F2DBF440C}" = CCC Help Danish
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 M1
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C7B1086-F873-4826-91A5-195CB5364C5B}" = RPS PerfectDiskStub
"{3E090892-8A98-8910-785C-F078C75658E8}" = Catalyst Control Center Localization French
"{3E713D52-C967-41FB-AA24-3A92CC1025A4}" = Remote Desktop Connection
"{3FD0AA0F-556A-B51E-4ADD-BF1F506E953A}" = ccc-core-static
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{427F07CD-4F39-8819-3BAF-64D99768BC69}" = Catalyst Control Center Localization Spanish
"{44850125-B5A7-420F-BF19-FFF249F95896}" = RPS Firewall
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{462DED50-EC2E-4237-ABCF-B5C463C0EE51}" = HP Wireless Assistant
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{48899974-2A8E-8E6A-A7CD-8032A9B8DF69}" = CCC Help Dutch
"{4CB90CB9-DD58-4CCC-A053-08FA70A42941}" = Verizon Internet Security Suite
"{4E4B8D8C-3953-43F1-BF28-3CDC2F107893}" = Microsoft Store Download Manager
"{4F432ABC-08A0-03C3-D863-147D40256581}" = CCC Help Turkish
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{59FCC39D-E148-6E83-F7B6-196E18E07764}" = Catalyst Control Center InstallProxy
"{5ACFB9DC-5187-0E85-2077-579953E0B595}" = CCC Help French
"{5DE3D989-A820-4247-8963-9287C28B3613}" = RPS Ksdk
"{5F7A238D-91A9-D755-E9B1-CEBA6993D5AE}" = Catalyst Control Center Localization Russian
"{61D85BCA-6150-4A90-938B-D426BF166777}" = RPS ParentalControl
"{63D30539-D9C1-AB9B-CEEC-5697981EA8E0}" = Catalyst Control Center Graphics Light
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{64525EA6-B64E-5C0B-6556-ADC2FA98A145}" = CCC Help Spanish
"{64F8B5EE-F7B9-E02F-705B-A5A9AF898425}" = CCC Help Chinese Standard
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6B6574E6-F534-E575-B813-BBE305F115BA}" = CCC Help Swedish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77CF3FDC-85F9-6223-909B-8FE57DD070FF}" = CCC Help Thai
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B1351FC-0B3F-8CFF-60DD-FBD57791B06A}" = Catalyst Control Center Localization Czech
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{7C6AA635-A9EB-BE76-5BFB-49F5C0C329A6}" = Catalyst Control Center Localization Swedish
"{7D988BD6-A70F-35F8-D9CA-2D7FE04EF452}" = Catalyst Control Center Localization Norwegian
"{7FBF6153-8392-AFAC-D443-62438F34F596}" = Catalyst Control Center Localization Polish
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83CA14F0-5AED-93A6-8462-61356AC4BD69}" = CCC Help Korean
"{85115174-53AF-5854-A23F-7C7C9750B1AF}" = Catalyst Control Center Localization Dutch
"{867E78FF-0065-E1B6-391A-E0BEA6C71D24}" = Catalyst Control Center Localization Chinese Traditional
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{9757B760-0708-F95B-C430-0CAC42FD02A2}" = Catalyst Control Center Localization Hungarian
"{A23CF2DE-7F49-5659-A8DF-C79501121935}" = Catalyst Control Center Localization Finnish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A486CFF9-A3E6-4312-A1B9-ABD28F9FC255}" = RPS PopupBlocker
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A9051724-EC0D-8C2B-6F23-94F9FF111B49}" = Catalyst Control Center Localization German
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{AFAD6009-AD81-9990-DEF1-39260D5EAFEE}" = Catalyst Control Center Localization Korean
"{B1C0D829-FE30-059E-E93F-CDC7A48235C0}" = FlipShare
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4922E65-C79C-4130-9295-CDF8716DB873}" = CCC Help Finnish
"{BEB50A25-8EC7-11C1-7174-BCAF87F76ACA}" = Catalyst Control Center Localization Greek
"{BF139C21-E549-77BE-AB95-BBCA9CAC7DFE}" = Catalyst Control Center Graphics Full Existing
"{C03B8026-694C-4326-88A8-1387097B50E8}" = RPS RpsCore
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6F7F0AE-F809-EFFB-D0C4-8FAB9682D92E}" = Catalyst Control Center Graphics Full New
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CF70FB86-378E-28D2-4CE5-2108292D8BC4}" = CCC Help Greek
"{D55DA406-3031-42AB-B7C4-2183C00803F3}" = RPS SafeConnect
"{D590F022-35E6-45B5-A140-324FD614EF88}" = HP User Guides 0127
"{D6E31D68-949E-D612-E46E-9989AE8765F3}" = CCC Help English
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Home Center
"{E1043293-CDE3-B030-740A-9194411F0B16}" = CCC Help Russian
"{E245B6E7-79B6-E1FB-4048-DF70122E0087}" = CCC Help German
"{E2A3432F-9622-7101-1636-33258BF52760}" = CCC Help Hungarian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3CEC3C7-962E-8DCF-777B-D9FE7CB5E09E}" = CCC Help Polish
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{EAEBB027-DB8A-0711-F377-FF1AEB84C71C}" = CCC Help Portuguese
"{EBBE1D36-F72E-90CE-2E31-03C064011E28}" = Catalyst Control Center Localization Chinese Standard
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EF6102C9-7864-36B1-2B51-B90C939A4AEF}" = Catalyst Control Center Localization Portuguese
"{EF7AB3F1-74F9-EE50-B1EA-62E013E13B41}" = CCC Help Japanese
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F3D5484F-D1CB-E80E-4759-DA1E3DE81D6A}" = CCC Help Czech
"{F573B950-CC14-4E55-8F29-F054485E11AA}" = RPS Diagnostic Utility
"{F6BCFF19-6D85-9B55-FCC0-4A56771F79CC}" = Catalyst Control Center Localization Thai
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F9DFBB28-5564-621C-4D5F-E69514CBCEC7}" = Catalyst Control Center Localization Danish
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"ERUNT_is1" = ERUNT 1.1j
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.24
"TTB000001.TTB000001Toolbar" = CouponBar
"Verizon FiOS Activation_is1" = Verizon FiOS Activation
"Verizon Online Help and Support" = Verizon Online Help and Support
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 8/9/2010 1:15:06 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:07 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:33 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:34 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:35 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:37 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 1:15:37 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 2:10:45 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 2:10:50 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 8/9/2010 2:10:54 PM | Computer Name = Sara-Laptop | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 11/21/2009 10:43:01 PM | Computer Name = Sara-Laptop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 12/2/2009 10:30:02 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7011
Description =
Error - 12/3/2009 11:49:09 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 12/3/2009 11:49:09 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7026
Description =
Error - 12/5/2009 9:40:07 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 12/5/2009 9:40:07 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7026
Description =
Error - 12/5/2009 9:41:51 PM | Computer Name = Sara-Laptop | Source = DCOM | ID = 10005
Description =
Error - 12/5/2009 9:42:06 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7009
Description =
Error - 12/5/2009 9:42:06 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 12/5/2009 9:58:05 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7000
Description =
Error - 12/5/2009 9:58:05 PM | Computer Name = Sara-Laptop | Source = Service Control Manager | ID = 7026
Description =
< End of report >