Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus! Can't connect to internet


  • Please log in to reply

#1
banana80

banana80

    Member

  • Member
  • PipPip
  • 21 posts
Help!

When I start my computer, I get this desktop alert:

"Could not load or run C:\users\anna\appdata\local\temp\dwm.exe specified in the registry. Make sure the file exists on your computer or remove the reference to it in the registry."

I also cannot connect to the internet while logged on to my user profile, but can connect using the Guest profile.

I have performed scans with Malwarebytes and Super Anti Spyware, and the problem still exists.

PLEASE HELP!!

Thank you,

Anna
  • 0

Advertisements


#2
phillpower2

phillpower2

    Mechanised Mod

  • Moderator
  • 23,360 posts
Hi banana80 :D
If you suspect your computer has a malware issue follow the guide at the link below.
If after following the guide you still believe you have a malware issue you must start
a new thread at the malware forum and not post any details here.
If you get the all clear from the malware forum but still have this issue return to this
thread and someone will help you.
http://www.geekstogo...cleaning-guide/
  • 1

#3
banana80

banana80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Thank you for the reply.

I followed the instructions, but am still having the same problems.

Here is the Malwarebytes Anti-Malware log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4742

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

10/5/2010 12:49:14 PM
mbam-log-2010-10-05 (12-49-14).txt

Scan type: Quick scan
Objects scanned: 116432
Time elapsed: 5 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Here is the log from the virus scan from AVG:

Scan "Scan whole computer" completed.
Warnings;"24";"24";"0"
Folders selected for scanning:;"Scan whole computer"
Scan started:;"Tuesday, October 05, 2010, 12:56:48 PM"
Scan finished:;"Tuesday, October 05, 2010, 2:02:09 PM (1 hour(s) 5 minute(s) 21 second(s))"
Total object scanned:;"795740"
User who launched the scan:;"Guest"

Warnings
File;"Infection";"Result"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\tribalfusion.com.dcc03271;"Found Tracking cookie.Tribalfusion";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.f3e5803e;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.e2e71e33;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.ae53b8b;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.ad6d4010;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.a00e30b4;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected]mp[2].txt:\trafficmp.com.84c36c62;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.6b44e3b8;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt:\trafficmp.com.37644bdb;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt;"Found Tracking cookie.Trafficmp";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.db46cecc;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.ac41fe5a;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.Serving-sys";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.Serving-sys";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\atdmt.com.7247c262;"Found Tracking cookie.Atdmt";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.Atdmt";"Deleted"


After rebooting, still having same problems.

I did a GMER scan last night and it found nothing. When I tried to run one today, it opens the program but says it can't find the file specified??

Here are the OTL logs:

OTL logfile created on: 10/5/2010 5:45:40 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Guest\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.94 Gb Total Space | 166.02 Gb Free Space | 57.86% Space Free | Partition Type: NTFS
Drive D: | 11.14 Gb Total Space | 1.85 Gb Free Space | 16.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANNA-PC
Current User Name: Guest
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
PRC - [2010/10/04 11:50:19 | 002,067,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (SafeList) ==========

MOD - [2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
MOD - [2008/01/20 21:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========


========== Driver Services (SafeList) ==========


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/20 08:22:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found


O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: iphlpsvc - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 90 Days ==========

[2010/10/05 17:44:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
[2010/10/05 17:37:01 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\HPAppData
[2010/10/05 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Malwarebytes
[2010/10/05 12:36:28 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/05 12:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/10/04 15:39:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/10/04 15:39:05 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/04 15:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/04 15:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/04 15:35:54 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/10/04 15:11:40 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Macromedia
[2010/10/04 15:11:39 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Adobe
[2010/10/04 15:10:58 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Apple Computer
[2010/10/04 15:10:55 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\QuickPlay
[2010/10/04 15:10:46 | 000,000,000 | R--D | C] -- C:\Users\Guest\Searches
[2010/10/04 15:10:35 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Identities
[2010/10/04 15:10:32 | 000,000,000 | R--D | C] -- C:\Users\Guest\Contacts
[2010/10/04 15:10:31 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\VirtualStore
[2010/10/04 15:10:26 | 000,000,000 | --SD | C] -- C:\Users\Guest\AppData\Roaming\Microsoft
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Videos
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Saved Games
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Pictures
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Music
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Links
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Favorites
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Downloads
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Documents
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Desktop
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\Temporary Internet Files
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Templates
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Start Menu
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\SendTo
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Recent
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\PrintHood
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\NetHood
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Videos
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Pictures
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Music
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\My Documents
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Local Settings
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\History
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Cookies
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Application Data
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\Application Data
[2010/10/04 15:10:26 | 000,000,000 | -H-D | C] -- C:\Users\Guest\AppData
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Temp
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Microsoft Help
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Microsoft
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Media Center Programs
[2010/10/04 12:18:11 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/10/04 11:48:41 | 000,013,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/09/20 12:43:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2010/09/14 22:49:04 | 000,000,000 | ---D | C] -- C:\6cd436ebb13b20a96d0207c847
[2010/08/11 20:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Broderbund Software
[2010/08/11 19:55:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Web Publish
[2010/08/11 19:55:07 | 000,970,752 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf210.dll
[2010/08/11 18:57:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Broderbund
[2010/08/11 18:57:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Print Shop 22
[2010/08/11 18:54:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP

========== Files - Modified Within 90 Days ==========

[2010/10/05 17:45:57 | 000,786,432 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT
[2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
[2010/10/05 17:42:39 | 000,293,376 | ---- | M] () -- C:\Users\Guest\Desktop\mtcl74d7.exe
[2010/10/05 17:40:04 | 000,284,915 | ---- | M] () -- C:\Users\Guest\Desktop\gmer.zip
[2010/10/05 17:36:23 | 000,000,222 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/10/05 17:30:54 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/05 17:30:54 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/05 17:30:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/05 17:30:39 | 4222,832,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/05 17:29:43 | 000,524,288 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/10/05 17:29:43 | 000,065,536 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/10/05 17:29:39 | 001,819,995 | -H-- | M] () -- C:\Users\Guest\AppData\Local\IconCache.db
[2010/10/05 12:34:01 | 000,000,763 | ---- | M] () -- C:\Users\Guest\Desktop\NTREGOPT.lnk
[2010/10/05 12:34:01 | 000,000,744 | ---- | M] () -- C:\Users\Guest\Desktop\ERUNT.lnk
[2010/10/05 05:48:01 | 065,638,003 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/10/04 15:48:20 | 000,524,288 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/10/04 15:39:09 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 15:11:25 | 000,000,973 | ---- | M] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/04 15:10:54 | 000,419,496 | ---- | M] () -- C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/10/04 15:10:26 | 000,000,020 | -HS- | M] () -- C:\Users\Guest\ntuser.ini
[2010/10/04 11:49:20 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/10/04 11:48:41 | 000,013,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/10/04 11:48:39 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/10/04 11:45:38 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/09/20 12:43:27 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/09/19 22:52:35 | 000,704,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/19 22:52:35 | 000,604,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/19 22:52:35 | 000,105,376 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/03 17:39:58 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/08/25 19:22:45 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/08/13 03:35:28 | 001,198,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/13 03:08:45 | 000,721,824 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/11 19:54:40 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop 22.lnk

========== Files Created - No Company Name ==========

[2010/10/05 17:42:31 | 000,293,376 | ---- | C] () -- C:\Users\Guest\Desktop\mtcl74d7.exe
[2010/10/05 17:40:02 | 000,284,915 | ---- | C] () -- C:\Users\Guest\Desktop\gmer.zip
[2010/10/05 12:34:01 | 000,000,763 | ---- | C] () -- C:\Users\Guest\Desktop\NTREGOPT.lnk
[2010/10/05 12:34:01 | 000,000,744 | ---- | C] () -- C:\Users\Guest\Desktop\ERUNT.lnk
[2010/10/04 15:39:09 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 15:11:25 | 000,000,973 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\QSwitch.txt
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\DSwitch.txt
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\AtStart.txt
[2010/10/04 15:10:26 | 000,786,432 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT
[2010/10/04 15:10:26 | 000,524,288 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/10/04 15:10:26 | 000,524,288 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/10/04 15:10:26 | 000,262,144 | -H-- | C] () -- C:\Users\Guest\ntuser.dat.LOG1
[2010/10/04 15:10:26 | 000,065,536 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/10/04 15:10:26 | 000,000,258 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/04 15:10:26 | 000,000,240 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/04 15:10:26 | 000,000,020 | -HS- | C] () -- C:\Users\Guest\ntuser.ini
[2010/10/04 15:10:26 | 000,000,000 | -H-- | C] () -- C:\Users\Guest\ntuser.dat.LOG2
[2010/10/04 14:06:08 | 4222,832,640 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/20 12:43:27 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/09/03 17:39:58 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/08/25 19:22:44 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/08/11 19:54:40 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\The Print Shop 22.lnk
[2010/08/11 18:54:39 | 000,721,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/17 14:33:32 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/17 14:32:08 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/01/12 21:27:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/07/01 03:50:39 | 000,000,735 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== LOP Check ==========


========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/10/05 17:30:39 | 4222,832,640 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/16 13:20:51 | 000,000,368 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 01:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/10/05 17:30:38 | 241,451,007 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >
< End of report >


OTL Extras log:

OTL Extras logfile created on: 10/5/2010 5:45:40 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Guest\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.94 Gb Total Space | 166.02 Gb Free Space | 57.86% Space Free | Partition Type: NTFS
Drive D: | 11.14 Gb Total Space | 1.85 Gb Free Space | 16.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANNA-PC
Current User Name: Guest
NOT logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 92 69 1B 48 27 3C CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1BB2C7-95DC-428E-8EAC-0893B06398D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F08C99A-6724-4DFA-A233-2CD0CBC332BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{4AAC5F55-90A3-4F58-BBC4-6EBCE4AACE63}" = rport=139 | protocol=6 | dir=out | app=system |
"{52C228EC-0D49-4EB7-B500-FF196E11D12A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{643F49DA-5316-4F28-B9A4-820CD2A58525}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6638F3BE-2B29-4E87-BA06-11D8343B01B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{723E1D59-7D54-4DEF-B1C1-C545AA800D73}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B14D538-8A39-4466-A47D-F1BDD1AEC992}" = rport=10243 | protocol=6 | dir=out | app=system |
"{89721F09-364B-43BF-A425-32DAFAC5519B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A1F8EF59-F810-454D-8E8D-227AEEBA52D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A2FBA578-337E-4644-8795-49BF51EE9051}" = rport=445 | protocol=6 | dir=out | app=system |
"{A7F0CE42-DD08-409A-A0E7-9DBE3A34EB1B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B31999B6-5E1B-41D0-8933-1793811CA5FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1CF467F-6F67-4BD8-8EB6-2DF519383645}" = rport=137 | protocol=17 | dir=out | app=system |
"{D5498965-BAD0-4B84-AC43-FFEF4694455B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D706E4AB-E487-4F15-AF5B-2D391DA9AB8B}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8DB4DB2-56A4-450E-8899-81105FC0C45D}" = lport=138 | protocol=17 | dir=in | app=system |
"{ED4A7FAE-5B1D-457B-9BA2-8E0FA0BDA2BD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{FBB48CDB-FCB4-4B74-8C12-6F35AEF0B993}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0315BEE0-0CA0-4FF7-9F5A-254A7189318E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0393BE20-3B58-49D0-AA7C-2C69218C236C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{13073C2B-754A-4840-A8A5-63AE4E27615D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1373130F-7D20-4874-A5BD-B16ECD63ABA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{161509FD-18BF-4FEA-86F9-F9DC6F7991EB}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe |
"{1A7C1588-9DC7-45CF-889E-1C1C0DEA877C}" = protocol=1 | dir=out | [email protected],-28544 |
"{228FA6BF-2AAA-4B60-8AE2-AE3BF6C9995E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31CEE77A-BF2D-4B1A-9414-12CD770A8A07}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{32958DEF-83F1-49F4-9BFC-4590CBAA173B}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{354C0EA1-40F4-4426-B1F3-D916F2B0BE75}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{362401F7-BE19-4581-9007-609396434DDD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{376F55A3-B5A6-48DF-9F5A-EDCF1F1AA172}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AB35617-5E3D-4676-A5F9-BFAA400B80F3}" = protocol=6 | dir=out | app=system |
"{3AB74CE1-D1D5-49EE-8611-21AAAABAC489}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{49EB060B-1654-4365-8821-B53BDE9F8E8A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4CD7B22D-AEB5-46EE-B015-5360A95C25FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{4E255833-5DC9-4717-A4DC-34981FDAD3DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{574BC304-FE4A-415D-BAF2-C81CDA9E1408}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5BB8D86D-74EF-4A86-8798-1B1C7628F0A3}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{70C38BEE-48D0-4B9B-9144-1D356F9DB29F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{727984D2-2728-4CC0-9F6B-13FE281A48B1}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{769CD892-78FB-4D66-96E6-4016D4948D6A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{80497667-EC2D-4254-A180-4C2164A8AB7F}" = protocol=58 | dir=in | [email protected],-28545 |
"{90E296B1-97E6-414F-81B2-ACAAAC812BEF}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{9100CBCD-D300-4B5E-B3CE-31B3EA6BB00B}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe |
"{918DF300-3AB1-4F68-936D-64E289C5D467}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{958CC570-3F4F-430A-A08A-6798B0F4453E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{966B373B-4313-4E54-9ABA-06E5F87F5CA6}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9D1D1746-B2A0-4906-AFDD-7B5B025404D2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9F9FCA11-9991-45E1-8F10-0F033A2A56AE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A1495DAD-5610-49E2-BBE9-B09FDF162CAD}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe |
"{A4ADB981-AD5E-42DD-9BF2-EB893906F1C3}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{AECF3F41-7A38-4448-AE10-53614D55D982}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3F2252B-6D34-4242-85DC-16258DB666A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCA9C240-3902-4EFB-93A2-6B3D45F7FFD8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BD06F9A7-9405-4660-86D3-28B8A0F9B338}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE3D51CC-A33E-4EEF-AB38-53F99C99428F}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BE77454B-BB01-4A7C-8A7F-D18A9BBF03CC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3C87AB3-59F4-45D4-94DB-A7F7F0AEBF44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C425D4E5-C08B-43F1-B46B-D9AE1EBB6A81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE6883C0-D2FF-410F-83F1-738A9694F906}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{D0387CFB-D642-4B96-88BC-0BE927D94068}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7DE94BD-47D0-4AC1-B697-692AABF8C9D1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{D956CF4A-3BF7-4864-9ED6-78EDE1718599}" = protocol=58 | dir=out | [email protected],-28546 |
"{E86B7517-60EF-466A-A1BE-B2FECF81CD99}" = protocol=1 | dir=in | [email protected],-28543 |
"{EE1B3FFE-129C-4CD4-9629-D1F107C6DCF8}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe |
"{EE6A794E-FDC5-4657-990B-739E23C9611A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F3D58187-FA98-46C0-9EAE-228D99849D48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE59E72F-3B40-4EB3-83C7-F8D7BC711F26}" = dir=in | app=c:\program files (x86)\avg\avg9\avgemc.exe |
"TCP Query User{11109595-08B8-4D19-B92A-C61DF8700311}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{45F757DE-4EF7-4BBA-8E07-92D63A8CC5AE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{973DEF53-492F-4FA3-837A-5EFECB888838}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{DE476275-1E97-489D-A8EC-484032A82C07}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AD2F8FE-A357-4728-BDF8-B92D794CE793}" = HP QuickTouch 1.00 D2
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8C0DF485-DB3E-453C-BFB3-4C47E636ECF9}" = Serif WebPlus 10
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A869A1DA-9571-4287-B170-4A7246994C84}" = Serif WebPlus 10 Resources
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E34351A4-4B10-4DFF-96BC-84C642D9C625}" = The Print Shop 22
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AVG9Uninstall" = AVG Free 9.0
"BitTorrent" = BitTorrent
"DVDFab 6_is1" = DVDFab 6.0.4.0 (28/07/2009)
"ERUNT_is1" = ERUNT 1.1j
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Nursing Assistant CD" = Nursing Assistant CD
"Peggle Deluxe 1.01" = Peggle Deluxe 1.01
"Picasa 3" = Picasa 3
"RaybanMirror" = Ray-Ban Virtual Mirror
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent hp Master Uninstall" = My HP Games

< End of report >








I seem to be more confused now than ever! I hope you can help.

Thank you,

Anna
  • 0

#4
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
Maybe I can help a little. The logs need to be posted in a new topic you need to start in the Malware Forum.
We do not use these logs in any other forum here and only the Malware Techs can assist with infections.
  • 0

#5
banana80

banana80

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Thank you. I will copy this to a new forum.
  • 0

#6
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
;) ;) :D
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP