Thank you, whitehat!
# AdwCleaner v1.801 - Logfile created 08/15/2012 at 18:00:06
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Danielle - DANIELLE-HP
# Boot Mode : Normal
# Running from : C:\Users\Danielle\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : Browser Manager
***** [Files / Folders] *****
Folder Deleted : C:\Users\Danielle\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\ProgramData\Babylon
Deleted on reboot : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Program Files (x86)\Funmoods
File Deleted : C:\user.js
***** [Registry] *****
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEHelperv2.5.0.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder
Key Deleted : HKLM\SOFTWARE\Classes\IEHelperv250.WeCareReminder.1
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Funmoods
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods
Key Deleted : HKLM\SOFTWARE\SweetIM
***** [Registre - GUID] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4FBBF769-ECEB-420A-B536-133B1D505C36}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC5B6CDA-8F90-4740-9A8C-28AC5D3C73FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
[x64] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Google Chrome v21.0.1180.79
File : C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted : "description": "The fastest way to search the web.",
Deleted : "default_icon": "browser_icon_babylon48.png",
Deleted : "default_title": "Babylon Toolbar"
Deleted : "description": "Babylon ToolBar",
Deleted : "128": "babylon48.png",
Deleted : "48": "babylon48.png"
Deleted : "name": "Babylon Toolbar",
Deleted : "path": "BabylonChromeToolBar.dll",
Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml",
Deleted : "default_icon": "funmoods/img/16.png",
Deleted : "default_popup": "funmoods/dropdown.html",
Deleted : "128": "funmoods/img/128.png",
Deleted : "32": "funmoods/img/32.png",
Deleted : "48": "funmoods/img/48.png"
Deleted : "name": "Funmoods",
Deleted : "update_url": "hxxp://funmoods.com/public/download/chrome/update.xml",
*************************
AdwCleaner[S1].txt - [9551 octets] - [15/08/2012 18:00:06]
########## EOF - C:\AdwCleaner[S1].txt - [9679 octets] ##########
OTL logfile created on: 8/15/2012 6:08:57 PM - Run 2
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Danielle\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.60 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 61.99% Memory free
7.21 Gb Paging File | 5.61 Gb Available in Paging File | 77.81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274.54 Gb Total Space | 201.44 Gb Free Space | 73.37% Space Free | Partition Type: NTFS
Drive D: | 19.39 Gb Total Space | 2.10 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.28% Space Free | Partition Type: FAT32
Computer Name: DANIELLE-HP | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/08/14 21:32:39 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Danielle\Downloads\OTL.exe
PRC - [2012/08/11 00:19:29 | 007,601,880 | ---- | M] (Spotify Ltd) -- C:\Users\Danielle\AppData\Roaming\Spotify\spotify.exe
PRC - [2012/06/13 21:08:56 | 027,595,032 | ---- | M] (Dropbox, Inc.) -- C:\Users\Danielle\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/06 21:19:16 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/29 14:33:42 | 000,169,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/09/12 19:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 16:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/07/20 13:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/06/06 14:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/27 18:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
========== Modules (No Company Name) ========== MOD - [2012/08/14 20:26:50 | 002,049,056 | ---- | M] () -- c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012/08/13 23:30:59 | 000,442,392 | ---- | M] () -- C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppgooglenaclpluginchrome.dll
MOD - [2012/08/13 23:30:57 | 003,997,720 | ---- | M] () -- C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
MOD - [2012/08/13 23:29:28 | 000,144,424 | ---- | M] () -- C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll
MOD - [2012/08/13 23:29:27 | 000,266,792 | ---- | M] () -- C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll
MOD - [2012/08/13 23:29:26 | 002,480,680 | ---- | M] () -- C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll
MOD - [2012/08/11 00:19:10 | 020,219,096 | ---- | M] () -- C:\Users\Danielle\AppData\Roaming\Spotify\Data\libcef.dll
MOD - [2012/05/18 14:45:16 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/18 14:44:59 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/05/08 11:51:58 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ========== SRV:
64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:
64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:
64bit: - [2011/07/06 02:08:26 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2011/07/05 13:27:04 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:
64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:
64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:
64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:
64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/12 19:55:46 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/09/09 19:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/08/01 16:43:36 | 000,195,320 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/07/20 13:16:56 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/06 14:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/12/27 18:30:22 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:
64bit: - [2012/03/05 20:39:44 | 001,857,600 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:
64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2011/10/14 15:11:03 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2011/10/14 15:11:03 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2011/08/19 14:29:32 | 000,391,728 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2011/07/06 02:50:28 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2011/07/06 01:32:20 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2011/04/16 05:37:50 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:
64bit: - [2011/04/16 05:37:50 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:
64bit: - [2011/03/05 02:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2011/02/15 13:37:10 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:
64bit: - [2010/12/16 14:06:46 | 000,047,232 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:
64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:
64bit: - [2010/02/18 11:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:
64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:
64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:
64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:
64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:
64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:
64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT/1IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE:
64bit: - HKLM\..\SearchScopes\{16998BEE-89C9-4162-BCC1-9EFB8175025C}: "URL" =
http://www.amazon.co...s={searchTerms}IE:
64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo....psg&type=CPNTDFIE:
64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia....h={searchTerms}IE:
64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.co...w={searchTerms}IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT/1IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKLM\..\SearchScopes\{16998BEE-89C9-4162-BCC1-9EFB8175025C}: "URL" =
http://www.amazon.co...s={searchTerms}IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" =
http://search.yahoo....psg&type=CPNTDFIE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia....h={searchTerms}IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" =
http://rover.ebay.co...w={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page =
http://google.com/IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT/1IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://google.com/IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\SearchScopes\{16998BEE-89C9-4162-BCC1-9EFB8175025C}: "URL" =
http://www.amazon.co...s={searchTerms}IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" =
http://en.wikipedia....h={searchTerms}IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
[2012/06/29 20:58:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012/06/29 20:58:52 | 000,000,000 | ---D | M] (OneClickDownloader) -- C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\
[email protected][2012/05/06 16:06:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
========== Chrome ========== CHR - homepage:
http://isearch.claro...000ac162d5050adCHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url =
http://www.bing.com/...q={searchTerms}CHR - default_search_provider: suggest_url =
http://api.bing.com/...uage={language}CHR - homepage:
http://isearch.claro...000ac162d5050adCHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Danielle\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2099094845-2174692129-776121041-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-21-2099094845-2174692129-776121041-1001..\Run: [Spotify] C:\Users\Danielle\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Danielle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Danielle\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction =
http://hp.digitalriv..._US&keywords=%wO7 - HKU\S-1-5-21-2099094845-2174692129-776121041-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Find Software on HP Download Store (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A26BF54B-6145-4872-BC4A-22E15B53A252}: DhcpNameServer = 192.168.72.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2178C6E-B034-49AD-9791-32A49378537C}: DhcpNameServer = 192.168.1.1
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22565~1.25\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2012/08/14 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Roaming\YourFileDownloader
[2012/08/14 20:27:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/08/14 20:27:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/08/14 20:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/07 21:19:47 | 000,000,000 | ---D | C] -- C:\Users\Danielle\Desktop\Stewart Calculus 7th edition and solutions manual
[2012/08/07 21:17:03 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Roaming\ExpressFiles
[2012/08/07 21:17:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressFiles
[2012/07/31 18:11:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POWERPREP II
[2012/07/31 18:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ETS
[2012/07/21 20:31:46 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{7676AA9D-C720-43C0-AB8F-ACBF67FC8253}
[2012/07/21 20:31:35 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{8EDEA8BC-85D5-4A24-9176-6470BFF1E7C3}
[2012/07/21 20:31:21 | 000,000,000 | ---D | C] -- C:\Users\Danielle\Tracing
[2012/07/21 20:28:28 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/07/21 20:22:48 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{1763F520-D1AE-4C2C-AD08-C870CC4A0208}
[2012/07/21 20:21:58 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{DEB87A9C-76FF-4A14-A4E5-8F2A5A996F77}
[2012/07/21 20:21:24 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{4703A4A0-0349-45D4-8942-7B4981DC4A77}
[2012/07/17 20:36:31 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{755B4C41-6B6B-43DF-AA06-141EEA9DC6D2}
[2012/07/17 20:36:10 | 000,000,000 | ---D | C] -- C:\Users\Danielle\AppData\Local\{29BB8109-2AF5-478C-ADA1-BF7D0F8921AD}
========== Files - Modified Within 30 Days ========== [2012/08/15 18:10:17 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 18:10:17 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/15 18:07:11 | 000,730,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/15 18:07:11 | 000,626,722 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/15 18:07:11 | 000,107,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/15 18:04:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2099094845-2174692129-776121041-1001UA.job
[2012/08/15 18:02:50 | 000,289,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 18:02:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/15 18:02:05 | 2902,646,784 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/14 18:07:54 | 000,002,426 | ---- | M] () -- C:\Users\Danielle\Desktop\Google Chrome.lnk
[2012/08/14 17:33:36 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2099094845-2174692129-776121041-1001Core.job
[2012/08/12 23:48:25 | 000,221,515 | ---- | M] () -- C:\Users\Danielle\Desktop\profile.jpg
[2012/08/12 23:30:14 | 000,046,378 | ---- | M] () -- C:\Users\Danielle\Desktop\lb.jpg
[2012/08/12 23:27:45 | 000,100,578 | ---- | M] () -- C:\Users\Danielle\Desktop\bar.jpg
[2012/08/12 23:02:43 | 000,057,975 | ---- | M] () -- C:\Users\Danielle\Desktop\mani.jpg
[2012/08/12 23:01:15 | 000,018,647 | ---- | M] () -- C:\Users\Danielle\Desktop\wlby.jpg
[2012/08/12 22:54:54 | 000,054,160 | ---- | M] () -- C:\Users\Danielle\Desktop\homeless.jpg
[2012/08/12 22:53:57 | 000,062,866 | ---- | M] () -- C:\Users\Danielle\Desktop\park.jpg
[2012/08/11 00:18:15 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForDanielle.job
[2012/08/10 00:31:48 | 000,033,131 | ---- | M] () -- C:\Users\Danielle\Desktop\Tropicana-No-Pulp-orange-juice-0610-xl-71981406.jpg
[2012/08/10 00:29:16 | 000,334,563 | ---- | M] () -- C:\Users\Danielle\Desktop\caillou.jpg
[2012/07/31 18:20:36 | 000,000,248 | ---- | M] () -- C:\Users\Danielle\Desktop\POWERPREP II SOFTWARE - GRE revised General Test.url
[2012/07/28 15:44:05 | 000,010,768 | ---- | M] () -- C:\Users\Danielle\Desktop\Minneapolis International Hostel in Minneapolis, USA.htm
[2012/07/28 13:50:32 | 000,086,010 | ---- | M] () -- C:\Users\Danielle\Desktop\Ch 19.pdf
[2012/07/28 12:41:08 | 000,089,279 | ---- | M] () -- C:\Users\Danielle\Desktop\Ch 18.pdf
[2012/07/28 12:40:11 | 000,134,125 | ---- | M] () -- C:\Users\Danielle\Desktop\Final Study Guide Mico 2012.pdf
[2012/07/25 22:46:17 | 000,022,107 | ---- | M] () -- C:\Users\Danielle\Desktop\CL.pdf
[2012/07/25 19:41:28 | 000,027,969 | ---- | M] () -- C:\Users\Danielle\Desktop\scoring.png
[2012/07/25 17:16:17 | 000,132,608 | ---- | M] () -- C:\Users\Danielle\Desktop\Team Meeting.pdf
[2012/07/25 17:15:26 | 000,005,381 | ---- | M] () -- C:\Users\Danielle\Desktop\Team Meeting.htm
[2012/07/21 01:11:01 | 006,939,177 | ---- | M] () -- C:\Users\Danielle\Desktop\NYU1.JPG
========== Files Created - No Company Name ========== [2012/08/12 23:48:35 | 000,221,515 | ---- | C] () -- C:\Users\Danielle\Desktop\profile.jpg
[2012/08/12 23:30:14 | 000,046,378 | ---- | C] () -- C:\Users\Danielle\Desktop\lb.jpg
[2012/08/12 23:27:55 | 000,100,578 | ---- | C] () -- C:\Users\Danielle\Desktop\bar.jpg
[2012/08/12 23:02:51 | 000,057,975 | ---- | C] () -- C:\Users\Danielle\Desktop\mani.jpg
[2012/08/12 23:01:21 | 000,018,647 | ---- | C] () -- C:\Users\Danielle\Desktop\wlby.jpg
[2012/08/12 22:55:02 | 000,054,160 | ---- | C] () -- C:\Users\Danielle\Desktop\homeless.jpg
[2012/08/12 22:54:05 | 000,062,866 | ---- | C] () -- C:\Users\Danielle\Desktop\park.jpg
[2012/08/10 00:31:55 | 000,033,131 | ---- | C] () -- C:\Users\Danielle\Desktop\Tropicana-No-Pulp-orange-juice-0610-xl-71981406.jpg
[2012/08/10 00:29:44 | 000,334,563 | ---- | C] () -- C:\Users\Danielle\Desktop\caillou.jpg
[2012/07/31 18:20:36 | 000,000,248 | ---- | C] () -- C:\Users\Danielle\Desktop\POWERPREP II SOFTWARE - GRE revised General Test.url
[2012/07/28 15:44:04 | 000,010,768 | ---- | C] () -- C:\Users\Danielle\Desktop\Minneapolis International Hostel in Minneapolis, USA.htm
[2012/07/28 13:50:31 | 000,086,010 | ---- | C] () -- C:\Users\Danielle\Desktop\Ch 19.pdf
[2012/07/28 12:41:07 | 000,089,279 | ---- | C] () -- C:\Users\Danielle\Desktop\Ch 18.pdf
[2012/07/28 12:40:09 | 000,134,125 | ---- | C] () -- C:\Users\Danielle\Desktop\Final Study Guide Mico 2012.pdf
[2012/07/25 22:46:29 | 000,022,107 | ---- | C] () -- C:\Users\Danielle\Desktop\CL.pdf
[2012/07/25 19:41:44 | 000,027,969 | ---- | C] () -- C:\Users\Danielle\Desktop\scoring.png
[2012/07/25 17:16:16 | 000,132,608 | ---- | C] () -- C:\Users\Danielle\Desktop\Team Meeting.pdf
[2012/07/25 17:15:24 | 000,005,381 | ---- | C] () -- C:\Users\Danielle\Desktop\Team Meeting.htm
[2012/07/21 01:11:19 | 006,939,177 | ---- | C] () -- C:\Users\Danielle\Desktop\NYU1.JPG
[2012/05/06 16:12:55 | 000,744,400 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/05/06 16:07:17 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2012/03/27 14:24:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/03/27 14:17:38 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/03/02 15:53:16 | 003,219,456 | ---- | C] () -- C:\ProgramData\ReadOnlyInstaller.msi
[2011/09/06 14:34:28 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/08/19 14:26:18 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/07/05 13:47:06 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/18 04:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ========== [2012/08/15 18:11:24 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Dropbox
[2012/08/07 21:19:27 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\ExpressFiles
[2012/08/14 23:09:54 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\SoftGrid Client
[2012/08/15 18:13:41 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Spotify
[2012/05/06 14:52:15 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Synaptics
[2012/05/06 16:14:02 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\TP
[2012/05/07 17:17:22 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\Windows Live Writer
[2012/08/14 20:50:49 | 000,000,000 | ---D | M] -- C:\Users\Danielle\AppData\Roaming\YourFileDownloader
[2009/07/14 00:08:49 | 000,009,150 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== < End of report >
The scan didn't open a new file called extras. The only file with that name on my computer is from yesterday, before I posted. I'll repost that one in case it helps.OTL Extras logfile created on: 8/14/2012 9:33:23 PM - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Danielle\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.60 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 57.31% Memory free
7.21 Gb Paging File | 4.33 Gb Available in Paging File | 60.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274.54 Gb Total Space | 200.75 Gb Free Space | 73.12% Space Free | Partition Type: NTFS
Drive D: | 19.39 Gb Total Space | 2.10 Gb Free Space | 10.85% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.28% Space Free | Partition Type: FAT32
Computer Name: DANIELLE-HP | User Name: Danielle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{12485372-E6AD-4BE5-8C0C-4155A1E56ABA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D3875090-2DAA-4664-8BEB-190AA8CDCBDE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15CD8943-5CEA-4D22-A385-CAD7116E554B}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{27E2AD31-D824-4E29-B7BE-68DF7061803B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{34A7637C-7816-49E9-9916-CE307A0460DF}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{3D6F75A0-70A0-423D-A89C-9FDCD1F4975A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4771D0A0-D5B7-467F-9E06-AA22CAACDD67}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{48E34E3F-A1CB-4688-9A5D-7C4F23372ADA}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{52E41CA0-41DE-41DA-9741-7EE294092218}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{576A4F05-0898-4C7F-AA7E-0365DA1B4729}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6462E1DF-58F6-4B3B-8B95-C8B4B10EA285}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{85367DB7-6529-4F85-A216-8FC4A9ACA67C}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8B0E3490-A849-40DE-9FB6-2007ED684E26}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{9286AB1F-9ABE-4552-B677-DA54F1C550FA}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{9E137AA2-5AC2-4CFC-A661-B0C8297FE3A7}" = protocol=17 | dir=in | app=c:\users\danielle\appdata\roaming\dropbox\bin\dropbox.exe |
"{A37F33B0-D50B-4A10-B543-D9766CE00EA7}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |
"{AB4E4C9F-F548-4695-9CEB-A59E872A030B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BCE2C5BB-55C4-472D-B234-6B18C574128D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C7A5D874-6481-48D3-9491-9B13FB722AD6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{CB24B4C5-D86D-4A34-9B47-90A63847AEC0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{CECD06BF-0D00-471B-A427-08928F85553B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DC3047AD-4FA9-4816-B7E8-507428985733}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{E7A3AAA3-EE63-48BA-BF19-5A054E1458DF}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{F85550CD-2D0E-4E39-AF4A-7A784BDD0134}" = protocol=6 | dir=in | app=c:\users\danielle\appdata\roaming\dropbox\bin\dropbox.exe |
"{F9AC56B8-760E-4EB6-B39B-6764C911D971}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |
"{FBE6B4FB-C908-44CB-AC89-B7F79AEBC82E}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"TCP Query User{8861E5EC-5703-443F-9D97-D638D5EB0881}C:\users\danielle\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\danielle\appdata\roaming\spotify\spotify.exe |
"UDP Query User{8D00D737-E4AD-46EB-8EFA-4F78668A52DB}C:\users\danielle\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\danielle\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{45DA9E62-D2BD-81D6-80FD-F57E2FEB00A8}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{562608FE-2051-4488-BF22-8CE4C03046AC}" = HP Security Assistant
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6032497A-4479-462B-ADB8-A0A372BB9A23}" = HP Application Assistant
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{B3C4ADC9-637E-DDD9-A66C-782AE5E2E667}" = ATI Catalyst Install Manager
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C075E733-EA9C-AAAC-A95B-0D987A3C3266}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC27906A-5898-02B7-8D19-2617A7B85E09}" = AMD Media Foundation Decoders
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics TouchPad Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{05273A09-55BF-AB2D-DD22-D98690309C28}" = CCC Help Portuguese
"{0612A263-0976-324B-BEA9-82F01CA7370F}" = CCC Help Finnish
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2687340C-C114-47DC-9F0E-C1BA85FEB001}" = POWERPREP II
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34866446-F784-B458-40BA-672A7D546591}" = CCC Help German
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{391E468C-D459-7278-D506-01A5CA340E97}" = CCC Help Swedish
"{39B1BCF0-5D12-A5F8-616F-F31B3355C913}" = CCC Help Danish
"{39FCC6B7-FFF5-4075-A5E8-B5CEBD54C331}" = HP Documentation
"{3F71B6A1-B563-0FC9-12A0-D9897AC6BE45}" = CCC Help Czech
"{41298BF3-DF6B-449C-BFB7-83663ECB5108}" = HP QuickWeb
"{438DE441-C9B0-AEBB-907E-3D09E620FE62}" = CCC Help Japanese
"{45E31E25-3F02-AFF2-EBC8-ACECE264E126}" = CCC Help Hungarian
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{584413CB-336A-EC10-BDA1-210DC882895D}" = CCC Help Russian
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{741006D1-7B2B-4E33-B2B0-831F282EEF64}" = Blio
"{741F5171-235B-F5B0-6590-F4BB53B76D36}" = CCC Help Dutch
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{789C9644-9F82-44d3-B4CA-AC31F46F5882}" = Python 3.2.3
"{7971B0A3-2A0E-C212-257C-DF308908E62E}" = CCC Help English
"{7DDBDDCD-651C-F923-DED6-7DA7049F06CA}" = Catalyst Control Center InstallProxy
"{7E799992-5DA0-4A1A-9443-B1836B063FEC}" = HP Power Manager
"{83772A97-05A6-3528-897E-097CE0A92BFF}" = CCC Help Greek
"{83B3CCC5-4C76-9873-66AD-08FF11723C90}" = CCC Help Spanish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT5390 802.11b/g/n WiFi Adapter
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94358C28-335B-4E43-BC4E-C59576BAB653}" = ASPCA Reminder by We-Care.com v4.0.16.1
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EF417DB-7CAE-E311-06EE-DB828439677C}" = Catalyst Control Center Localization All
"{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}" = Bing Bar
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{AD7B5622-C999-C9C8-26E4-6EEAFEC3065C}" = Catalyst Control Center Graphics Previews Common
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF240B18-034B-4A82-B3FC-0B879C4BAE2E}" = HP Software Framework
"{B1BC0AC7-EFC8-930E-474E-6EE4FAD46367}" = CCC Help Chinese Standard
"{B1E51748-B432-20BF-D875-5BE7FCB9DD0C}" = CCC Help Polish
"{B86CCC49-ED61-F1C2-47E2-9A817FAAABC8}" = CCC Help Thai
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C376EBB6-4079-197E-1A15-005FDA8CACB3}" = CCC Help Chinese Traditional
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CC5878A9-FB51-90A0-633E-65123F136283}" = AMD VISION Engine Control Center
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CDC1661D-4EEC-E4A8-4B57-96C89E97DAD7}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB4E432-A339-1D85-1B5D-98572E65DE95}" = CCC Help French
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E60E35BD-8A1F-3CF9-5EB7-49DF5FACE9AD}" = CCC Help Korean
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E96CAA2A-0244-4A2A-8403-0C3C9534778B}" = ESU for Microsoft Windows 7 SP1
"{EB4CD629-A912-6D02-B562-C43EFED96680}" = CCC Help Turkish
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F4F82474-C548-2814-32FD-34D372AC189E}" = CCC Help Italian
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.3
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"1ClickDownload" = 1ClickDownloader
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"funmoods" = Funmoods on IE and Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-04d75abf-63ed-4d1f-9755-c39c658e343b" = Poker Superstars III
"WTA-18731067-0ebf-4f05-8a81-f1b909bd9bc6" = Bejeweled 3
"WTA-28f9d177-058b-4bc1-badf-5c567b2f981e" = Plants vs. Zombies - Game of the Year
"WTA-32f15186-31b3-49d7-82e2-51ecacb89e7c" = FATE
"WTA-34fe126c-f607-49c2-bef1-da4d89eae246" = John Deere Drive Green
"WTA-37a8a6c7-cc87-457b-9c87-e66364a41401" = Farm Frenzy
"WTA-3d1eb84a-acc1-4297-be4a-30da9c2580cf" = Polar Golfer
"WTA-4cd444fc-c44e-41f9-94e3-bfe4a473b3a1" = Virtual Villagers 4 - The Tree of Life
"WTA-4d4673cd-82ab-4d47-9fa2-26d012c035a1" = RollerCoaster Tycoon 3: Platinum
"WTA-4f8d6ce1-c3a1-4350-88f5-0f971b14fdd5" = Cradle of Rome 2
"WTA-4fb4bf30-5f9e-42d8-8927-33e9db7db9a8" = Torchlight
"WTA-641cee75-d9df-47ff-8390-82b05ec507b6" = Dora's World Adventure
"WTA-68130830-3f2e-4876-922f-33bb7c649597" = Zuma's Revenge
"WTA-7268b3d8-8f92-44cb-bf49-d452ddd37e3d" = Hoyle Card Games
"WTA-764b173b-40c4-4248-91eb-bc4a6772a32d" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-7a39f062-ad78-4681-8cba-1045fb524db2" = Chuzzle Deluxe
"WTA-97af4e4a-5905-4702-acd8-dadf83eb002d" = Farmscapes
"WTA-a45595e6-854a-44fe-a462-2186a2fad86e" = Luxor HD
"WTA-a6250714-9168-4318-bb4d-99f334c0b191" = Final Drive Fury
"WTA-b2666182-f787-4701-a8e8-e57bb7d368ab" = Mah Jong Medley
"WTA-c346b29c-0300-4bf7-b248-fcdef0ce3e30" = Jewel Match 3
"WTA-d9568f83-0331-482c-9671-67da1f1a67f1" = Letters from Nowhere 2
"WTA-e6542445-e145-4da9-b4db-fe4c5589ecb3" = Polar Bowler
"WTA-e99f12a0-14dc-43c6-9766-06f25d6f4a65" = Penguins!
"WTA-eba654d1-57ca-4b4b-9f5a-1ae4c37133fb" = The Treasures of Mystery Island: The Ghost Ship
"WTA-f21c7e79-6d63-431c-8123-6b2f86989d35" = Blackhawk Striker 2
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 7/20/2012 8:23:25 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2590
Error - 7/20/2012 8:23:26 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/20/2012 8:23:26 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3760
Error - 7/20/2012 8:23:26 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3760
Error - 7/20/2012 8:23:27 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/20/2012 8:23:27 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4867
Error - 7/20/2012 8:23:27 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4867
Error - 7/20/2012 9:13:22 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 7/20/2012 9:13:22 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1732
Error - 7/20/2012 9:13:22 PM | Computer Name = Danielle-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1732
[ Hewlett-Packard Events ]
Error - 5/8/2012 3:52:35 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 7/30/2012 11:39:56 PM | Computer Name = Danielle-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Object '/d9869a10_323a_4f43_b26a_b995fcad7118/dsxond_lkaobkjdu6dk+enfb_35.rem'
has been disconnected or does not exist at the server. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3690 Ram Utilization: 60 TargetSite: Void UpdateDetail(System.String)
Error - 8/13/2012 10:20:23 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The server did not provide a meaningful
reply; this might be caused by a contract mismatch, a premature session shutdown
or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String
action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[]
outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3690 Ram Utilization: TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)
Error - 8/13/2012 10:20:37 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/13/2012 10:20:37 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/13/2012 10:20:37 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 8/13/2012 10:20:42 PM | Computer Name = Danielle-HP | Source = HPSF.exe | ID = 4000
Description =
[ HP Software Framework Events ]
Error - 7/2/2012 11:56:57 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/02 22:56:57.136|00000EC0|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Not supported '
Error - 7/2/2012 11:56:58 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/02 22:56:58.083|00000EC0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/9/2012 11:46:21 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/09 22:46:21.750|00001234|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/16/2012 11:51:14 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/16 22:51:14.919|00001468|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/16/2012 11:53:11 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/16 22:53:11.193|00001AE0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/23/2012 11:17:22 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/23 22:17:22.059|000012C8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/28/2012 1:21:16 AM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/28 00:21:16.368|00000C98|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/30/2012 11:32:26 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/30 22:32:26.326|00001FE0|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/30/2012 11:40:10 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/30 22:40:10.596|000016A4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 7/30/2012 11:40:21 PM | Computer Name = Danielle-HP | Source = CaslWmi | ID = 5
Description = 2012/07/30 22:40:21.179|00002644|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
[ System Events ]
Error - 7/5/2012 2:15:47 PM | Computer Name = Danielle-HP | Source = DCOM | ID = 10010
Description =
Error - 7/5/2012 11:59:57 PM | Computer Name = Danielle-HP | Source = DCOM | ID = 10010
Description =
Error - 7/12/2012 2:20:42 PM | Computer Name = Danielle-HP | Source = DCOM | ID = 10010
Description =
Error - 7/28/2012 1:25:03 PM | Computer Name = Danielle-HP | Source = DCOM | ID = 10005
Description =
Error - 7/28/2012 1:25:02 PM | Computer Name = Danielle-HP | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Volume
Shadow Copy service to connect.
Error - 7/28/2012 1:25:02 PM | Computer Name = Danielle-HP | Source = Service Control Manager | ID = 7000
Description = The Volume Shadow Copy service failed to start due to the following
error: %%1053
Error - 8/6/2012 6:17:27 PM | Computer Name = Danielle-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPClientSvc service.
Error - 8/11/2012 1:16:03 AM | Computer Name = Danielle-HP | Source = DCOM | ID = 10010
Description =
< End of report >