When I start my computer, I get this desktop alert:
"Could not load or run C:\users\anna\appdata\local\temp\dwm.exe specified in the registry. Make sure the file exists on your computer or remove the reference to it in the registry."
I also cannot connect to the internet while logged on to my user profile, but can connect using the Guest profile.
I have followed the instructions to remove malware before posting this topic, and I still have the same problem. I will post the log results below.
PLEASE HELP!!
Thank you,
Anna
Here is the Malwarebytes Anti-Malware log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4742
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
10/5/2010 12:49:14 PM
mbam-log-2010-10-05 (12-49-14).txt
Scan type: Quick scan
Objects scanned: 116432
Time elapsed: 5 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
***Here is the log from the virus scan from AVG:
Scan "Scan whole computer" completed.
Warnings;"24";"24";"0"
Folders selected for scanning:;"Scan whole computer"
Scan started:;"Tuesday, October 05, 2010, 12:56:48 PM"
Scan finished:;"Tuesday, October 05, 2010, 2:02:09 PM (1 hour(s) 5 minute(s) 21 second(s))"
Total object scanned:;"795740"
User who launched the scan:;"Guest"
Warnings
File;"Infection";"Result"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@tribalfusion[1].txt:\tribalfusion.com.dcc03271;"Found Tracking cookie.Tribalfusion";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@tribalfusion[1].txt;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.f3e5803e;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.e2e71e33;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.ae53b8b;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.ad6d4010;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.a00e30b4;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.84c36c62;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.6b44e3b8;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt:\trafficmp.com.37644bdb;"Found Tracking cookie.Trafficmp";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@trafficmp[2].txt;"Found Tracking cookie.Trafficmp";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.db46cecc;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.ac41fe5a;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt;"Found Tracking cookie.Serving-sys";"Healed"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@atdmt[1].txt:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@atdmt[1].txt:\atdmt.com.7247c262;"Found Tracking cookie.Atdmt";"Deleted"
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@atdmt[1].txt;"Found Tracking cookie.Atdmt";"Deleted"
After rebooting, still having same problems.
I did a GMER scan last night and it found nothing. When I tried to run one today, it opens the program but says it can't find the file specified??
Here are the OTL logs:
OTL logfile created on: 10/5/2010 5:45:40 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Guest\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.94 Gb Total Space | 166.02 Gb Free Space | 57.86% Space Free | Partition Type: NTFS
Drive D: | 11.14 Gb Total Space | 1.85 Gb Free Space | 16.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANNA-PC
Current User Name: Guest
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
PRC - [2010/10/04 11:50:19 | 002,067,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (SafeList) ==========
MOD - [2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
MOD - [2008/01/20 21:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
========== Win32 Services (SafeList) ==========
========== Driver Services (SafeList) ==========
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/20 08:22:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin File not found
O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Silhouette.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: iphlpsvc - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 90 Days ==========
[2010/10/05 17:44:27 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
[2010/10/05 17:37:01 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\HPAppData
[2010/10/05 12:43:12 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Malwarebytes
[2010/10/05 12:36:28 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/05 12:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/10/04 15:39:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/10/04 15:39:05 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/10/04 15:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/10/04 15:39:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/10/04 15:35:54 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/10/04 15:11:40 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Macromedia
[2010/10/04 15:11:39 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Adobe
[2010/10/04 15:10:58 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Apple Computer
[2010/10/04 15:10:55 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\QuickPlay
[2010/10/04 15:10:46 | 000,000,000 | R--D | C] -- C:\Users\Guest\Searches
[2010/10/04 15:10:35 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Identities
[2010/10/04 15:10:32 | 000,000,000 | R--D | C] -- C:\Users\Guest\Contacts
[2010/10/04 15:10:31 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\VirtualStore
[2010/10/04 15:10:26 | 000,000,000 | --SD | C] -- C:\Users\Guest\AppData\Roaming\Microsoft
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Videos
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Saved Games
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Pictures
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Music
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Links
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Favorites
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Downloads
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Documents
[2010/10/04 15:10:26 | 000,000,000 | R--D | C] -- C:\Users\Guest\Desktop
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\Temporary Internet Files
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Templates
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Start Menu
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\SendTo
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Recent
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\PrintHood
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\NetHood
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Videos
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Pictures
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Documents\My Music
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\My Documents
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Local Settings
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\History
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Cookies
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\Application Data
[2010/10/04 15:10:26 | 000,000,000 | -HSD | C] -- C:\Users\Guest\AppData\Local\Application Data
[2010/10/04 15:10:26 | 000,000,000 | -H-D | C] -- C:\Users\Guest\AppData
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Temp
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Microsoft Help
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Local\Microsoft
[2010/10/04 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Guest\AppData\Roaming\Media Center Programs
[2010/10/04 12:18:11 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/10/04 11:48:41 | 000,013,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/09/20 12:43:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitTorrent
[2010/09/14 22:49:04 | 000,000,000 | ---D | C] -- C:\6cd436ebb13b20a96d0207c847
[2010/08/11 20:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Broderbund Software
[2010/08/11 19:55:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Web Publish
[2010/08/11 19:55:07 | 000,970,752 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\Windows\SysWow64\cdintf210.dll
[2010/08/11 18:57:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Broderbund
[2010/08/11 18:57:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Print Shop 22
[2010/08/11 18:54:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
========== Files - Modified Within 90 Days ==========
[2010/10/05 17:45:57 | 000,786,432 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT
[2010/10/05 17:44:33 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Desktop\OTL.exe
[2010/10/05 17:42:39 | 000,293,376 | ---- | M] () -- C:\Users\Guest\Desktop\mtcl74d7.exe
[2010/10/05 17:40:04 | 000,284,915 | ---- | M] () -- C:\Users\Guest\Desktop\gmer.zip
[2010/10/05 17:36:23 | 000,000,222 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/10/05 17:30:54 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/05 17:30:54 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/05 17:30:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/05 17:30:39 | 4222,832,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/05 17:29:43 | 000,524,288 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/10/05 17:29:43 | 000,065,536 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/10/05 17:29:39 | 001,819,995 | -H-- | M] () -- C:\Users\Guest\AppData\Local\IconCache.db
[2010/10/05 12:34:01 | 000,000,763 | ---- | M] () -- C:\Users\Guest\Desktop\NTREGOPT.lnk
[2010/10/05 12:34:01 | 000,000,744 | ---- | M] () -- C:\Users\Guest\Desktop\ERUNT.lnk
[2010/10/05 05:48:01 | 065,638,003 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/10/04 15:48:20 | 000,524,288 | -HS- | M] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/10/04 15:39:09 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 15:11:25 | 000,000,973 | ---- | M] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/04 15:10:54 | 000,419,496 | ---- | M] () -- C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/10/04 15:10:26 | 000,000,020 | -HS- | M] () -- C:\Users\Guest\ntuser.ini
[2010/10/04 11:49:20 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/10/04 11:48:41 | 000,013,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010/10/04 11:48:39 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010/10/04 11:45:38 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010/09/20 12:43:27 | 000,000,802 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/09/19 22:52:35 | 000,704,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/19 22:52:35 | 000,604,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/19 22:52:35 | 000,105,376 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/03 17:39:58 | 000,002,115 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/08/25 19:22:45 | 000,001,917 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/08/13 03:35:28 | 001,198,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/08/13 03:08:45 | 000,721,824 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/11 19:54:40 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\The Print Shop 22.lnk
========== Files Created - No Company Name ==========
[2010/10/05 17:42:31 | 000,293,376 | ---- | C] () -- C:\Users\Guest\Desktop\mtcl74d7.exe
[2010/10/05 17:40:02 | 000,284,915 | ---- | C] () -- C:\Users\Guest\Desktop\gmer.zip
[2010/10/05 12:34:01 | 000,000,763 | ---- | C] () -- C:\Users\Guest\Desktop\NTREGOPT.lnk
[2010/10/05 12:34:01 | 000,000,744 | ---- | C] () -- C:\Users\Guest\Desktop\ERUNT.lnk
[2010/10/04 15:39:09 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/04 15:11:25 | 000,000,973 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\QSwitch.txt
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\DSwitch.txt
[2010/10/04 15:10:59 | 000,000,000 | ---- | C] () -- C:\Users\Guest\AppData\Local\AtStart.txt
[2010/10/04 15:10:26 | 000,786,432 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT
[2010/10/04 15:10:26 | 000,524,288 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2010/10/04 15:10:26 | 000,524,288 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/10/04 15:10:26 | 000,262,144 | -H-- | C] () -- C:\Users\Guest\ntuser.dat.LOG1
[2010/10/04 15:10:26 | 000,065,536 | -HS- | C] () -- C:\Users\Guest\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/10/04 15:10:26 | 000,000,258 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/10/04 15:10:26 | 000,000,240 | ---- | C] () -- C:\Users\Guest\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/10/04 15:10:26 | 000,000,020 | -HS- | C] () -- C:\Users\Guest\ntuser.ini
[2010/10/04 15:10:26 | 000,000,000 | -H-- | C] () -- C:\Users\Guest\ntuser.dat.LOG2
[2010/10/04 14:06:08 | 4222,832,640 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/20 12:43:27 | 000,000,802 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk
[2010/09/03 17:39:58 | 000,002,115 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/08/25 19:22:44 | 000,001,917 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/08/11 19:54:40 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\The Print Shop 22.lnk
[2010/08/11 18:54:39 | 000,721,824 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/09/17 14:33:32 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/17 14:32:08 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/01/12 21:27:23 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/07/01 03:50:39 | 000,000,735 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
========== LOP Check ==========
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2010/10/05 17:30:39 | 4222,832,640 | -HS- | M] () -- C:\hiberfil.sys
[2008/12/16 13:20:51 | 000,000,368 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 01:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2010/10/05 17:30:38 | 241,451,007 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
< End of report >
OTL Extras log:
OTL Extras logfile created on: 10/5/2010 5:45:40 PM - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Guest\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.94 Gb Total Space | 166.02 Gb Free Space | 57.86% Space Free | Partition Type: NTFS
Drive D: | 11.14 Gb Total Space | 1.85 Gb Free Space | 16.60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANNA-PC
Current User Name: Guest
NOT logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 92 69 1B 48 27 3C CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C1BB2C7-95DC-428E-8EAC-0893B06398D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F08C99A-6724-4DFA-A233-2CD0CBC332BE}" = lport=137 | protocol=17 | dir=in | app=system |
"{4AAC5F55-90A3-4F58-BBC4-6EBCE4AACE63}" = rport=139 | protocol=6 | dir=out | app=system |
"{52C228EC-0D49-4EB7-B500-FF196E11D12A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{643F49DA-5316-4F28-B9A4-820CD2A58525}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6638F3BE-2B29-4E87-BA06-11D8343B01B6}" = rport=138 | protocol=17 | dir=out | app=system |
"{723E1D59-7D54-4DEF-B1C1-C545AA800D73}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B14D538-8A39-4466-A47D-F1BDD1AEC992}" = rport=10243 | protocol=6 | dir=out | app=system |
"{89721F09-364B-43BF-A425-32DAFAC5519B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A1F8EF59-F810-454D-8E8D-227AEEBA52D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A2FBA578-337E-4644-8795-49BF51EE9051}" = rport=445 | protocol=6 | dir=out | app=system |
"{A7F0CE42-DD08-409A-A0E7-9DBE3A34EB1B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B31999B6-5E1B-41D0-8933-1793811CA5FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C1CF467F-6F67-4BD8-8EB6-2DF519383645}" = rport=137 | protocol=17 | dir=out | app=system |
"{D5498965-BAD0-4B84-AC43-FFEF4694455B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D706E4AB-E487-4F15-AF5B-2D391DA9AB8B}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8DB4DB2-56A4-450E-8899-81105FC0C45D}" = lport=138 | protocol=17 | dir=in | app=system |
"{ED4A7FAE-5B1D-457B-9BA2-8E0FA0BDA2BD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{FBB48CDB-FCB4-4B74-8C12-6F35AEF0B993}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0315BEE0-0CA0-4FF7-9F5A-254A7189318E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0393BE20-3B58-49D0-AA7C-2C69218C236C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{13073C2B-754A-4840-A8A5-63AE4E27615D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1373130F-7D20-4874-A5BD-B16ECD63ABA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{161509FD-18BF-4FEA-86F9-F9DC6F7991EB}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe |
"{1A7C1588-9DC7-45CF-889E-1C1C0DEA877C}" = protocol=1 | dir=out | [email protected],-28544 |
"{228FA6BF-2AAA-4B60-8AE2-AE3BF6C9995E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31CEE77A-BF2D-4B1A-9414-12CD770A8A07}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{32958DEF-83F1-49F4-9BFC-4590CBAA173B}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{354C0EA1-40F4-4426-B1F3-D916F2B0BE75}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{362401F7-BE19-4581-9007-609396434DDD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{376F55A3-B5A6-48DF-9F5A-EDCF1F1AA172}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3AB35617-5E3D-4676-A5F9-BFAA400B80F3}" = protocol=6 | dir=out | app=system |
"{3AB74CE1-D1D5-49EE-8611-21AAAABAC489}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{49EB060B-1654-4365-8821-B53BDE9F8E8A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4CD7B22D-AEB5-46EE-B015-5360A95C25FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{4E255833-5DC9-4717-A4DC-34981FDAD3DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{574BC304-FE4A-415D-BAF2-C81CDA9E1408}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5BB8D86D-74EF-4A86-8798-1B1C7628F0A3}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{70C38BEE-48D0-4B9B-9144-1D356F9DB29F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{727984D2-2728-4CC0-9F6B-13FE281A48B1}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{769CD892-78FB-4D66-96E6-4016D4948D6A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{80497667-EC2D-4254-A180-4C2164A8AB7F}" = protocol=58 | dir=in | [email protected],-28545 |
"{90E296B1-97E6-414F-81B2-ACAAAC812BEF}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{9100CBCD-D300-4B5E-B3CE-31B3EA6BB00B}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe |
"{918DF300-3AB1-4F68-936D-64E289C5D467}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{958CC570-3F4F-430A-A08A-6798B0F4453E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{966B373B-4313-4E54-9ABA-06E5F87F5CA6}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{9D1D1746-B2A0-4906-AFDD-7B5B025404D2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9F9FCA11-9991-45E1-8F10-0F033A2A56AE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A1495DAD-5610-49E2-BBE9-B09FDF162CAD}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe |
"{A4ADB981-AD5E-42DD-9BF2-EB893906F1C3}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{AECF3F41-7A38-4448-AE10-53614D55D982}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B3F2252B-6D34-4242-85DC-16258DB666A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCA9C240-3902-4EFB-93A2-6B3D45F7FFD8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BD06F9A7-9405-4660-86D3-28B8A0F9B338}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE3D51CC-A33E-4EEF-AB38-53F99C99428F}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BE77454B-BB01-4A7C-8A7F-D18A9BBF03CC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3C87AB3-59F4-45D4-94DB-A7F7F0AEBF44}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C425D4E5-C08B-43F1-B46B-D9AE1EBB6A81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE6883C0-D2FF-410F-83F1-738A9694F906}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{D0387CFB-D642-4B96-88BC-0BE927D94068}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7DE94BD-47D0-4AC1-B697-692AABF8C9D1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{D956CF4A-3BF7-4864-9ED6-78EDE1718599}" = protocol=58 | dir=out | [email protected],-28546 |
"{E86B7517-60EF-466A-A1BE-B2FECF81CD99}" = protocol=1 | dir=in | [email protected],-28543 |
"{EE1B3FFE-129C-4CD4-9629-D1F107C6DCF8}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe |
"{EE6A794E-FDC5-4657-990B-739E23C9611A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F3D58187-FA98-46C0-9EAE-228D99849D48}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE59E72F-3B40-4EB3-83C7-F8D7BC711F26}" = dir=in | app=c:\program files (x86)\avg\avg9\avgemc.exe |
"TCP Query User{11109595-08B8-4D19-B92A-C61DF8700311}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{45F757DE-4EF7-4BBA-8E07-92D63A8CC5AE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{973DEF53-492F-4FA3-837A-5EFECB888838}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{DE476275-1E97-489D-A8EC-484032A82C07}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AD2F8FE-A357-4728-BDF8-B92D794CE793}" = HP QuickTouch 1.00 D2
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{53529DAD-F7C9-476E-87CC-1547C4E3E821}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8C0DF485-DB3E-453C-BFB3-4C47E636ECF9}" = Serif WebPlus 10
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A869A1DA-9571-4287-B170-4A7246994C84}" = Serif WebPlus 10 Resources
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E34351A4-4B10-4DFF-96BC-84C642D9C625}" = The Print Shop 22
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AVG9Uninstall" = AVG Free 9.0
"BitTorrent" = BitTorrent
"DVDFab 6_is1" = DVDFab 6.0.4.0 (28/07/2009)
"ERUNT_is1" = ERUNT 1.1j
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Nursing Assistant CD" = Nursing Assistant CD
"Peggle Deluxe 1.01" = Peggle Deluxe 1.01
"Picasa 3" = Picasa 3
"RaybanMirror" = Ray-Ban Virtual Mirror
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebPost" = Microsoft Web Publishing Wizard 1.52
"WildTangent hp Master Uninstall" = My HP Games
< End of report >
I seem to be more confused now than ever! I hope you can help.
Thank you,
Anna