Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my laptop is running very slow

Started by Alex R , Jul 02 2012 08:49 PM

  • Please log in to reply

#1
Alex R
Posted 02 July 2012 - 08:49 PM

Alex R

    Member

  • Member
  • PipPip
  • 20 posts
I have an hp pavilion dv5. For the last year it has been running very slowly, or at times the webpage just freezes when it starts thinking or loading a new page. I previously ran the macafee software, and now run avg. No malware/spyware comes up. Please help.

0 Report
Back to top of the page up there ^
MultiQuote
Quote Reply Add Reply
--------------------------------------------------------------------------------
#2 Gammo

Trusted Helper

Group: Malware Removal Posts: 2,025 Joined: 21-December 08 Location:The Netherlands
Posted 01 June 2012 - 10:49 AM

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

•Check the box that says Scan All Users.

•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

◦Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.


In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.





Please post the final results, good or bad. We like to know!
Malware Cleaning Guide - please read before starting a new topic

My help is always free, but if I have helped you, please consider making a donation to help me continue the fight against malware!

0 + Like Report
Back to top of the page up there ^
MultiQuote
Quote Reply Add Reply
--------------------------------------------------------------------------------
#3 Alex R

Member

Group: Member Posts: 19 Joined: 20-August 10
Posted 15 June 2012 - 11:27 PM

OTL logfile created on: 6/15/2012 10:13:00 PM - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\amron\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 62.90% Memory free
7.49 Gb Paging File | 5.63 Gb Available in Paging File | 75.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.85 Gb Total Space | 391.22 Gb Free Space | 87.35% Space Free | Partition Type: NTFS
Drive D: | 17.61 Gb Total Space | 2.55 Gb Free Space | 14.48% Space Free | Partition Type: NTFS

Computer Name: BLAZE | User Name: amron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012/06/15 22:12:34 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\amron\Downloads\OTL.exe
PRC - [2012/06/11 20:27:35 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/06/11 20:16:31 | 000,935,480 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012/02/06 16:25:08 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/08/04 14:56:58 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/06/25 05:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/06/24 22:32:50 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/11 20:27:35 | 002,068,536 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
MOD - [2012/06/11 20:27:35 | 001,104,440 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/06/11 20:16:32 | 000,132,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/07/01 14:40:20 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/07/01 14:40:14 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2010/06/23 22:57:48 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/06/18 16:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 12:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2012/06/11 20:16:31 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012/02/06 16:25:08 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/11/10 06:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/08/04 14:56:58 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/25 05:15:46 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/04/03 16:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/07/01 14:40:26 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010/06/24 22:32:52 | 000,032,880 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/06/24 00:38:58 | 006,792,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/06/23 22:24:34 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/06/08 16:32:16 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/05/06 06:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/29 06:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/03/09 23:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010/03/04 22:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/11/11 13:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/08 12:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 12:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 13:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}
IE:64bit: - HKLM\..\SearchScopes\{7A2A4C0E-2A72-489C-9E69-35859CB004E6}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{CA47E5DF-75ED-42E3-A8E0-70800E6C59B9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{ED813F52-528C-4BBD-8EC6-75E733452E7B}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}
IE - HKLM\..\SearchScopes\{7A2A4C0E-2A72-489C-9E69-35859CB004E6}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{CA47E5DF-75ED-42E3-A8E0-70800E6C59B9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{ED813F52-528C-4BBD-8EC6-75E733452E7B}: "URL" = http://en.wikipedia....h={searchTerms}


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\SearchScopes\{7A2A4C0E-2A72-489C-9E69-35859CB004E6}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-11 20:27:38&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\SearchScopes\{CA47E5DF-75ED-42E3-A8E0-70800E6C59B9}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\SearchScopes\{D83C662E-BC7A-43C1-B9D8-5642CAF6DE85}: "URL" = http://findgala.com/...q={searchTerms}
IE - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/01/31 20:08:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012/06/11 20:16:58 | 000,000,000 | ---D | M]


Hosts file not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (I Want This) - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll (215 Apps)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1872625909-1230257937-1546510436-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{230D3655-3EE8-42BD-A615-9683544ED54A}: DhcpNameServer = 192.168.0.1 205.171.2.25
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/11 20:28:12 | 000,000,000 | ---D | C] -- C:\Users\amron\AppData\Local\AVG Secure Search
[2012/06/11 20:27:55 | 000,000,000 | ---D | C] -- C:\Users\amron\AppData\Roaming\.minecraft
[2012/06/11 20:27:45 | 000,000,000 | ---D | C] -- C:\Users\amron\AppData\Local\Google
[2012/06/11 20:27:42 | 000,000,000 | ---D | C] -- C:\Users\amron\AppData\Local\I Want This
[2012/06/11 20:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\I Want This
[2012/05/21 21:53:11 | 000,000,000 | ---D | C] -- C:\Users\amron\Desktop\Ebay Pics

========== Files - Modified Within 30 Days ==========

[2012/06/15 22:12:22 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 22:12:22 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/15 22:03:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/15 22:03:13 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/15 18:33:47 | 100,470,954 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/06/14 09:53:54 | 000,285,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/06/12 18:09:34 | 000,364,109 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/06/12 07:24:11 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForamron.job
[2012/05/21 21:57:06 | 018,816,769 | ---- | M] () -- C:\Users\amron\Desktop\ebay.zip

========== Files Created - No Company Name ==========

[2012/05/21 21:56:46 | 018,816,769 | ---- | C] () -- C:\Users\amron\Desktop\ebay.zip
[2012/03/01 20:20:25 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2010/12/01 22:19:57 | 000,731,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/26 21:56:52 | 000,000,136 | ---- | C] () -- C:\Users\amron\AppData\Local\mv_Photo.xml
[2010/11/26 21:56:52 | 000,000,127 | ---- | C] () -- C:\Users\amron\AppData\Local\mv_music.xml
[2010/10/21 07:08:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/10/21 07:01:20 | 000,000,298 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/10/21 07:01:20 | 000,000,239 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/07/12 13:52:54 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/07/12 11:23:43 | 000,000,189 | ---- | C] () -- C:\Windows\SysWow64\HP Documentation.ini

========== LOP Check ==========

[2012/06/12 17:06:13 | 000,000,000 | ---D | M] -- C:\Users\amron\AppData\Roaming\.minecraft
[2011/12/16 18:51:43 | 000,000,000 | ---D | M] -- C:\Users\amron\AppData\Roaming\AVG2012
[2011/02/12 09:05:32 | 000,000,000 | -HSD | M] -- C:\Users\amron\AppData\Roaming\Smart Internet Protection 2011
[2012/06/04 23:40:21 | 000,000,000 | ---D | M] -- C:\Users\amron\AppData\Roaming\SoftGrid Client
[2010/12/01 22:21:00 | 000,000,000 | ---D | M] -- C:\Users\amron\AppData\Roaming\TP
[2011/04/04 22:18:31 | 000,000,000 | ---D | M] -- C:\Users\amron\AppData\Roaming\WildTangent
[2012/04/22 21:30:00 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

0 Report
Back to top of the page up there ^
MultiQuote
Quote Reply Add Reply
--------------------------------------------------------------------------------
#4 Alex R

Member

Group: Member Posts: 19 Joined: 20-August 10
Posted 15 June 2012 - 11:28 PM

OTL Extras logfile created on: 6/15/2012 10:13:00 PM - Run 1
OTL by OldTimer - Version 3.2.49.0 Folder = C:\Users\amron\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.75 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 62.90% Memory free
7.49 Gb Paging File | 5.63 Gb Available in Paging File | 75.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.85 Gb Total Space | 391.22 Gb Free Space | 87.35% Space Free | Partition Type: NTFS
Drive D: | 17.61 Gb Total Space | 2.55 Gb Free Space | 14.48% Space Free | Partition Type: NTFS

Computer Name: BLAZE | User Name: amron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18803788-6A92-481D-B221-90E5F2F45FF0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1A6B6DA2-2203-4855-93DA-62920A1C4492}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2F26FF8A-365C-454A-A675-71475510909B}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32E77FA4-B164-4740-8B18-545C4233055D}" = rport=139 | protocol=6 | dir=out | app=system |
"{4433A30D-577D-42F2-8411-37103899131C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{451EEBE3-29B2-4BBB-AB02-710231DE5B71}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4C6F71B5-8A38-400E-A40C-6065809A0702}" = lport=139 | protocol=6 | dir=in | app=system |
"{7755E5C8-E41A-4CC7-9744-891E11419ABF}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{82A1E629-4996-44E8-86A5-4180E04DFA0C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{86E9C870-8D01-4521-9001-FDC5DBFB32F7}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9456FA75-403D-4C2B-BFE5-B3CAB6E62232}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{949EEF23-EEC0-486C-B20B-7CED43E99E2F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC42DF96-1216-4C7F-A8E2-753299FD0F42}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1F5FB64-D30E-441E-A186-AA05FF171D32}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B6389C98-ED65-4E98-90AA-9DFB8295544E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8A61794-0823-48C3-9684-1EC9E26490CA}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC9D6331-8FFA-4F17-8342-CACF75782392}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{BE8FE3B5-ADC5-4B9B-A349-4039F795F185}" = lport=138 | protocol=17 | dir=in | app=system |
"{BED2096B-E064-4071-BAFF-4C8B75F8DEEA}" = rport=137 | protocol=17 | dir=out | app=system |
"{C1DB8DE8-845E-421E-AEAA-F03CD85F2813}" = rport=445 | protocol=6 | dir=out | app=system |
"{C765BCE2-9B5B-45CC-B7FE-605D28FC8B11}" = lport=445 | protocol=6 | dir=in | app=system |
"{CED85950-8459-42DE-9846-6CDD266D9722}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D160B26C-EE8E-4ACF-A9E7-0A355E92C751}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E684F97F-0114-414D-8ED6-F1A4D45E29BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{EE54A89E-365C-46FE-988A-17F3DCC2F513}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028E3F27-3590-4C5E-9A1D-1AFB517D881F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{0863E53E-C2C1-4C60-AC21-72DE04BA38BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AE42475-E2C4-44A6-9BD0-1C7DEF340AB0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BFE491A-F527-4045-B498-AB8ED25E63AD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{10DD3254-694C-4244-8F9C-CE7A8961266D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{11A91B2D-4E13-4B69-85C5-D718E996D940}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1C233098-F675-4048-AC03-2FF37255FF54}" = protocol=1 | dir=out | [email protected],-28544 |
"{1D66558B-C861-4BB7-8201-7CDF10500CB6}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{1E31B30C-117A-468E-BA8E-E5A1EB2653F7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{254C53B3-6FCE-41A0-9427-95704DA00E1F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{278CC072-D273-43A2-B640-C4A73C0BA306}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{29440AF5-3FD7-46D8-8792-AFAA00B483C8}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{2D05BCB8-A87E-4C40-ACF7-CFD8D195BB1D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{34FA3814-6238-4052-9E7C-DF6D8FB26E77}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{393BCAAD-FEDC-4B97-A3D7-A5294AA45EA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CEA7213-B297-4405-A2EB-1183F72E229A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{3CFCD7C7-7B70-4A26-BDA3-EAE732B84806}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{3E68DB7D-F1E8-4C70-8877-3F823128922D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{3FD55F18-A1F9-4073-ADA6-E170BA0757EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{470729BE-0EEF-42F5-A95B-8E64977CDE42}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{4AB62066-B4F8-4C37-9D70-D33A59FB7E56}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{4F04287F-CA0A-40C9-983E-37AC097F6132}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{58D5FC77-EF80-4662-AFC6-13378CCE6EA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5FD7FF10-6A6A-417B-8BAC-A51CAF232395}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{5FE587DE-A4EC-452F-9956-49193BD94D88}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{6E4B2F81-BDD8-4BC2-9FBF-A3B1E545AAED}" = protocol=58 | dir=in | [email protected],-28545 |
"{73090284-7B83-4C27-B485-711C32A0EDB5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{736B9936-DC66-4B79-AC41-B624AA354FC7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7A7F4B67-8AC9-4971-86A2-1EE45382C638}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7A955D9F-D8F8-4727-B00E-7A21B8B53F5A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{7B8301DF-C720-46C9-A924-2F142AB74844}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{878A4F87-9117-413E-821D-DA40E048DE83}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8AAD2E77-BAC3-405E-AEF7-D915ED739C47}" = protocol=58 | dir=out | [email protected],-28546 |
"{97A005D8-A228-4E46-AF70-7C6BA8E335A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{98539557-3FFA-44FE-A468-4EE4A340B7EE}" = protocol=6 | dir=out | app=system |
"{9D34D88B-C341-4FD6-AC15-237766BEB206}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{9F6CBCDD-EF3C-450C-9A68-E46BC600DE01}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{A776A603-30C7-401A-A694-F46508ECBDBB}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{AFA2C6B6-874F-47FD-9D1F-D8B11BD9644B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{B1AC44E4-6184-4EBF-B40E-B27A5B30524F}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{B3C7FAC8-EFAB-463D-B9C7-6F6D9CEC5196}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C27532F8-6C55-4AC0-85D9-A7E12289A409}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{CE91F319-431C-4FD8-9F8E-8D8399513E99}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{CFAE8797-E152-48EF-AEFE-A2A7D300219A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D305888C-7B8D-42FA-8298-E03125C836BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9544B22-0293-4A86-A44A-2345E8517A9A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E468FB8E-0E7D-4A3B-A2CF-04600684F75D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{E5168FF6-C1F2-444D-A890-968B59DC7012}" = protocol=1 | dir=in | [email protected],-28543 |
"{F22242FC-D406-43CF-8B78-C559F7F7C22D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{F802EB0C-87BE-4233-9D22-1FD0B7E960BB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"TCP Query User{8E9F21C8-3E5B-4F76-B8DC-4527120D9C9D}C:\programdata\4de314\si4de_2145.exe" = protocol=6 | dir=in | app=c:\programdata\4de314\si4de_2145.exe |
"UDP Query User{49855C64-B4D4-46D2-9160-8C3926C86F61}C:\programdata\4de314\si4de_2145.exe" = protocol=17 | dir=in | app=c:\programdata\4de314\si4de_2145.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{24F117AA-3F3A-6575-D73E-7A5006EC640A}" = ccc-utility64
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7CAD117F-315D-5016-A128-D227FE197913}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{BFF4A9FB-75F3-4162-84CD-16CE48C19173}" = AVG 2012
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{16B7E983-E3F3-DDEF-D101-86BF7842922B}" = CCC Help German
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1DBDD92E-F199-10B0-5BED-424407AA8844}" = CCC Help Turkish
"{1DF6F066-9DBE-FCE6-018E-C233CACA1793}" = Catalyst Control Center Graphics Full New
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D2ED3BD-6838-74FF-73E8-1A97D6E56DE5}" = Catalyst Control Center Localization All
"{30F4D459-824A-498C-826C-7721B777207F}" = Catalyst Control Center - Branding
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{394FA67A-FF0A-4356-BB77-D85E5A300BDE}" = HP QuickWeb Installer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{460C111D-64C5-06DB-E336-63549004C101}" = Catalyst Control Center Graphics Previews Common
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4BCB77BC-BD26-753D-EA91-F2A2340AEBD8}" = CCC Help Japanese
"{54EBCD2E-9020-7AFC-A54F-707EC5B5029E}" = CCC Help Polish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{644D5D68-8AB9-3EE0-A0CF-A617D7A9156E}" = ccc-core-static
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A10E86F-C9BB-4A8A-2B38-0EEA51D1ACE7}" = CCC Help Korean
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{70A4AB76-727A-1A8F-28F8-8D90D84F7CCD}" = CCC Help Finnish
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7221D07E-D60E-419C-BC3E-9525BF3EC7C3}" = HP Documentation
"{725DBD1D-B75D-CA58-70B4-3E2E6CB6E92A}" = CCC Help Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5CC6AC-5807-4348-B963-87CE46DACA3F}" = TurboTax 2011 waziper
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{94089FFA-AC79-4DBA-EF4D-986BDD17960F}" = CCC Help Swedish
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{96064BB9-83B6-E972-D80D-ED391BB44EC7}" = CCC Help Norwegian
"{9799A154-130D-6776-2E63-3DF424BCE4BB}" = Catalyst Control Center Graphics Previews Vista
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AC7295C-2B4B-361E-A0CD-503274F33C17}" = CCC Help Portuguese
"{9E4EB4E5-E3BE-A8CC-6020-E2ADCC411540}" = CCC Help English
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A1BDCF05-A4CC-0AAE-0D82-6B21F64A2E0F}" = CCC Help Chinese Traditional
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A807CEB4-96A8-46A8-A298-C3AA87B47B00}" = HP Software Framework
"{A9814077-8193-E8CF-CF5A-32A5C932C1B3}" = CCC Help Russian
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI
"{AC911C72-3BA1-6FB6-2A73-DA3BA6FC36DE}" = CCC Help Czech
"{AD692A27-D061-A7BC-A4D2-83803FDCC327}" = Catalyst Control Center InstallProxy
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B5EDA143-2C52-EFC9-B8F7-A2434AE7A11B}" = Catalyst Control Center Core Implementation
"{BBEA6281-F991-FF80-B630-30842578BCBA}" = Catalyst Control Center Graphics Light
"{BCF6C7E9-0ED4-3EB9-DEA5-978BE18658FB}" = CCC Help Dutch
"{BDFD5005-6ABD-59A4-E810-AA48738764EE}" = CCC Help Chinese Standard
"{C486808A-6580-BD78-FC55-68E1DC0B27A6}" = CCC Help Greek
"{C7294D0A-0226-3811-8AC9-F7250CCA732D}" = CCC Help Thai
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB0771A2-590B-2401-31C5-B4783A26FA82}" = CCC Help Hungarian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC52C9F3-30FE-5A8A-E24B-65C19F064C5A}" = Catalyst Control Center Graphics Full Existing
"{D0542C70-BFEA-E202-030D-8B93634126BF}" = CCC Help Italian
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F06A951A-1E2D-133C-11AD-3308B599DB3D}" = CCC Help French
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FAD8147D-778E-0E95-B17A-441ABAD418A3}" = CCC Help Danish
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe AIR" = Adobe AIR
"AVG Secure Search" = AVG Security Toolbar
"HP Photo Creations" = HP Photo Creations
"I Want This" = I Want This
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{33C7BB7A-4C65-4605-A0CD-76C38F59B0A3}" = Alcor Micro USB Card Reader
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"TurboTax 2011" = TurboTax 2011
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/28/2012 7:12:24 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:25 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:26 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:48 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:49 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:52 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:52 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:52 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:52 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

Error - 5/28/2012 7:12:52 PM | Computer Name = blaze | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <http://www.download....uthrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file. .

[ Hewlett-Packard Events ]
Error - 12/19/2010 10:29:15 PM | Computer Name = blaze | Source = Hewlett-Packard | ID = 0
Description = en-US Object reference not set to an instance of an object. Configurator

at Configurator.ConfiguratorClass.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

at HPAssistant.csSettings.loadApplicationResources(Boolean isOnAppLoad)

Error - 10/8/2011 8:12:10 PM | Computer Name = blaze | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\101108051207.xml
File not created by asset agent

[ HP Wireless Assistant Events ]
Error - 8/1/2011 11:26:28 AM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 11/6/2011 9:24:53 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 12/24/2011 12:33:41 AM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 1/3/2012 12:59:42 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 1/4/2012 11:50:16 AM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 2/21/2012 11:05:47 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Threading.ThreadAbortException Thread was being aborted. at
System.Management.IEnumWbemClassObject.Next_(Int32 lTimeout, UInt32 uCount, IWbemClassObject_DoNotMarshal[]
apObjects, UInt32& puReturned) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware radio)

at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/27/2012 5:53:26 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/28/2012 2:38:08 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 4/28/2012 2:59:00 PM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - 6/7/2012 1:21:23 AM | Computer Name = blaze | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__9(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ System Events ]
Error - 6/15/2012 11:12:47 PM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/15/2012 11:12:47 PM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 12:14:58 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:02:26 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:02:26 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:02:26 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:04:11 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:04:31 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:04:36 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.

Error - 6/16/2012 1:04:36 AM | Computer Name = blaze | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP