Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help Audio in my computer? commercials

Started by alhawi , Dec 31 2013 12:55 AM

  • Please log in to reply

#1
alhawi
Posted 31 December 2013 - 12:55 AM

alhawi

    Member

  • Member
  • PipPipPip
  • 123 posts
Hi,
My computer acting weird there is an audio from commercials, I don't see any program running and I don't know the origin of these commercials. by the way I have an old version of OTL I don't know it works or not.
I ran OTL and this is the log:

OTL Extras logfile created on: Monday 12 30 2013 11:56:56 PM - Run 1
OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\owner\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: dddd M/d/yyyy

3.80 Gb Total Physical Memory | 1.58 Gb Available Physical Memory | 41.62% Memory free
7.60 Gb Paging File | 5.08 Gb Available in Paging File | 66.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.20 Gb Total Space | 353.66 Gb Free Space | 79.26% Space Free | Partition Type: NTFS
Drive D: | 19.26 Gb Total Space | 2.80 Gb Free Space | 14.51% Space Free | Partition Type: NTFS

Computer Name: OWNER-HP | User Name: owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079B6450-6348-488D-967D-115F27F10943}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1019F563-07A1-4461-BE65-3B22DE80E53C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{117AABBC-9AA5-4D23-8147-769C495E3150}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2590C3AA-EDB1-42C8-8743-C6DBEB9FF1B5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F68B35D-9C54-496E-BB75-043052F2A70E}" = lport=137 | protocol=17 | dir=in | app=system |
"{3B8F8239-02E7-41A6-9F59-173E2CDB8988}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3CC858A2-B900-4576-ADF7-C6E6452244B0}" = lport=139 | protocol=6 | dir=in | app=system |
"{42FE78EE-88A7-4B11-B70E-9E5288098713}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4B394D30-03E3-420B-A245-E063FF1CEB96}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DC02456-127B-44E7-942F-2F0F85E449F0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63B0365F-8410-4B43-900F-3D7E310668B8}" = rport=138 | protocol=17 | dir=out | app=system |
"{65045BE6-F40E-4062-8706-7A776DB6BE19}" = rport=445 | protocol=6 | dir=out | app=system |
"{6E16D0E9-B6B5-4759-B7F5-9A5110BF01EB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7D50EE50-C1D2-48F0-8BB9-20735C302C33}" = lport=138 | protocol=17 | dir=in | app=system |
"{960A1A09-0F7B-44AA-9BB8-512A8CB048EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{98D31AD4-53C7-4575-8887-900A286803E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{A46D3A02-4BBF-4F82-BB88-1E2F5CAEB24D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0D8B349-E26E-45F7-AF11-4E24875161F9}" = rport=137 | protocol=17 | dir=out | app=system |
"{B4304C2A-2992-4917-917B-465FD3E44644}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B6B9AC35-3DDA-4811-A4E3-B437C0E0DF01}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{B864E690-D93B-40CF-ADB5-100EC086A289}" = lport=445 | protocol=6 | dir=in | app=system |
"{BB57C71E-99EF-4ECA-ACEC-FB5D328E54C1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C2C5B95A-A707-46D8-AF37-D14930113D18}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DA248C82-CA51-43AA-B98F-A6AEC7705F89}" = lport=10777 | protocol=17 | dir=in | name=passware kit enterprise 9.7 |
"{DADFA3A2-1DFC-4BB2-ABB0-AAD564E0A522}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E36A49D8-FFA0-4981-B072-99F7782588BD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6B86F1B-1397-4613-85B3-1AC895E0AE0D}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{EC334DD5-BFA0-4279-9E4B-D841C18EBCEE}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E4F2F4-4F15-4269-B4C9-14056E8BD639}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{01A386E2-4A58-4B02-B7D4-166E3BBE217E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{02A1E053-3891-45E3-A739-8EF9630EEA13}" = protocol=1 | dir=in | [email protected],-28543 |
"{033894EE-C75F-4809-A77F-99B1C82792DF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0738FF13-AF46-4029-8C53-977DCBCF0F6A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{082E278E-5E6D-498A-B1E3-91A5F1572425}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{09E3F106-1204-4817-9AAE-B9D7A20F00C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{0EBF909F-8D87-4E49-B29D-F33467B8D5D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17E53114-FDF7-4C79-8156-E4ADEE46BCA1}" = protocol=6 | dir=out | app=system |
"{19783A48-DC85-4B3C-8398-00CDE5DCF599}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1EACA801-1AD5-4509-8125-9CED4237B844}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{214B5E7B-D1ED-4238-9281-C430A3963BE2}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{23DAACCA-1D58-4CEA-95F3-7517C0298E0A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2F921200-4290-4A65-9EFA-7EE093F82C16}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{32B7839C-1A31-4DFA-B963-1AF271E10B34}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{3CD149B9-39A5-4F5A-85D5-9D5554C4FB23}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{42D9957A-1DDD-4268-8D39-FBDBDE6345BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{52A61C09-A5AC-4F5E-810E-B82F44C04585}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63DE6946-893F-481A-8337-CCF62D993377}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{6CA431BB-F3CE-4150-891C-2C4145DC7BB1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E7BB145-11CD-4A3D-9778-2D6D50746DDF}" = dir=in | app=e:\setup\hpznui40.exe |
"{72326C24-16B6-43CE-BFE7-786BBB50439E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{783D05B9-951C-468F-9C29-9AFBE200AEF1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{799BD0B3-CEC9-401F-BCB0-18D56142971C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7B7C0C62-787E-4CD2-86C1-FBD347D646E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7BBC6D79-9DCE-4440-9CC3-DA6964D9F466}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{7C3D68DE-F0E3-421F-BC00-C218FE04A9E2}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{7E1B04F6-DC05-4DF0-88FA-EC882B32FC67}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{7F2F1155-8E1E-4D24-9250-FF1DB007C9A6}" = protocol=58 | dir=in | [email protected],-28545 |
"{88A87DBE-2298-4A9D-B30C-867760A3EB9A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{8D9D1FBF-0C94-486F-9961-AF1D66E9DFB1}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{ADE9B8A3-721E-4478-961D-08350DC08D33}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B3C21FA0-E319-4935-BAC7-991DDB05C1EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{B45CF53C-223B-4050-93D1-FF6AE7FA2FD9}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B480BB2A-F10C-4873-BF65-E2B752C2C82F}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{B93690C2-26C0-4EFA-954B-A1491DB73B7F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B936F3F6-10C2-4FD6-8B50-EAAF5BFC6507}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{BE678E29-9682-4B94-AE63-FBCE98C0BF8F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C273C8C4-7EE1-4AFA-8DE0-49B55733BDEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C3C89DAC-B0F1-47C0-B8CF-D5A338CDB2B7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8982F5D-91DE-4BAD-BC90-6BFE8AB87196}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{C9B9AB32-6AC8-4927-957C-6FD0242A7CA4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D0C87859-7521-4AAA-9C69-B3111D91BF35}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D23F2545-59FE-4B03-9597-B5781A2129DC}" = protocol=58 | dir=out | [email protected],-28546 |
"{D566DAB4-1AD8-425E-BE2B-BB631593B39C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8B06BDE-F2D5-4176-9FC6-042D5515C8DB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{DD9972D6-EB98-4657-8299-DA06A4518A6B}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{DDBEE5C8-7CCF-4723-A057-E497DF5FF30A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E3E58C0D-8CB9-4CC5-9F4E-09AC2D5EA4B8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E709389D-4A66-46A0-A711-1EF949DEC433}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3A060B6-DE99-4535-8433-C8ABD20065B0}" = protocol=1 | dir=out | [email protected],-28544 |
"{FD3512E8-6944-4EA4-84AB-A5984AA08771}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FF3F547B-E622-4CFF-9F13-1B0200026617}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"TCP Query User{0A1E760F-F9FC-4A92-9E76-0F900809CD02}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{117F13F0-9652-467B-841F-5665CD9D8F08}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{50C0A3B3-4C31-4413-8875-650F73C14936}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"TCP Query User{99094BF3-97EE-41A9-879A-F944BE8144C1}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"TCP Query User{B6B8C36C-4CF5-4EE4-A3D0-32AEC10F5365}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"TCP Query User{E193A027-83F3-4A9D-8450-0A8F46294CC3}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{07CE17C2-87EB-4ADB-A9F8-AE3C139C7DE8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{12986575-B154-4B3D-BFB3-B2C5E1C12C5E}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |
"UDP Query User{288DF05A-370E-4CCA-94BA-3822FCBC6856}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{67CA7ED8-F37E-42B5-A167-23FE8816BE4C}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{69E45420-FD1E-43DC-B29C-1C34529A705E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{D1598875-F089-4460-9C9D-944630455228}C:\program files (x86)\nimbuzz\nimbuzz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nimbuzz\nimbuzz.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java™ 6 Update 20 (64-bit)
"{299625B9-6C69-462C-9CEA-8E06D878B1C5}" = HP 3D DriveGuard
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}" = HP MediaSmart Movies and TV
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}" = HP MediaSmart SmartMenu
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F145F5B-EB12-4132-9D5D-0D8B61E2A0F6}" = Windows 7 Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07E49BC1-24FF-4D7A-AC74-727BE95801AF}" = LightScribe System Software
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1" = BusinessCards MX
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{132234A4-9362-4829-957F-FF11715F7815}" = HP Documentation
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java™ 7 Update 5
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A83AD05-56E6-3FBD-8752-B4143162EF59}" = Google Talk Plugin
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{31EEA563-3544-4EA1-8773-BCBF83F9627A}" = HP Software Framework
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}" = HP MediaSmart/TouchSmart Netflix
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{872B1C80-38EC-4A31-A25C-980820593900}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{A0C65E65-5CF2-4C16-8023-950BA678FE15}" = XTNDConnect Blue Manager 1.0.8
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF41D6B8-6A76-4F95-8AFC-D53503808167}" = YAMAHA Tyros2 Voice Editor
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{E9B6202B-7B7F-5F3C-3CFA-05C3CE978BAB}" = Ayat
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{EC582A43-F524-4018-B4A5-D2A981B6AE70}" = Payroll Accounting 2010
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE6CC1A6-D898-4D34-99B8-4D5F29E8DC91}" = Passware Kit Enterprise 9.7
"AccmeWare FileBulldog Toolbar" = AccmeWare FileBulldog Toolbar
"AD Sound Recorder_is1" = AD Sound Recorder 5.4.4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Flash Player_is1" = Adobe Flash Player 9.0.45.0
"dBpoweramp Ogg Vorbis Codec" = dBpoweramp Ogg Vorbis Codec
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JetMP3" = JetMP3
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Mozilla Firefox 10.0 (x86 en-US)" = Mozilla Firefox 10.0 (x86 en-US)
"My HP Game Console" = HP Game Console
"Nimbuzz" = Nimbuzz 2.2.1
"PROPLUS" = Microsoft Office Professional Plus 2007
"RCA Detective™_is1" = RCA Detective™ 2.0.0.99
"RCA Digital Voice Manager_is1" = RCA Digital Voice Manager 5.1.1.2
"RealPlayer 15.0" = RealPlayer
"sa.edu.ksa.ayat" = Ayat
"ST6UNST #1" = Producer
"Stellarium_is1" = Stellarium 0.11.0
"Style Format 2 Converter_is1" = Style Format 2 Converter 1.17
"Style ReMixer_is1" = Style ReMixer 1.11
"Style Works 2000 Universal v1.99" = Style Works 2000 Universal v1.99
"USB Disk Security_is1" = USB Disk Security
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WT087328" = Blackhawk Striker 2
"WT087335" = Build-a-lot 2
"WT087342" = Dora's Carnival Adventure
"WT087360" = Escape Rosecliff Island
"WT087361" = FATE
"WT087362" = Final Drive Nitro
"WT087372" = Heroes of Hellas 2 - Olympia
"WT087373" = Jewel Quest 3
"WT087379" = Jewel Quest Solitaire 2
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087414" = Virtual Families
"WT087415" = Wheel of Fortune 2
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087501" = Plants vs. Zombies
"WT087513" = Virtual Villagers - The Secret City
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe
"3b826b783ab170b8" = Tyros Registration Memory Editor
"6c2290d276fa0f0d" = RabbitTV
"ad808331ea904e32" = Tyros Registration File Composer
"e77f897b48967c41" = Tyros Global Registration Bank Changer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - Monday 10 1 2012 11:06:16 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1045

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2059

Error - Monday 10 1 2012 11:06:17 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2059

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3104

Error - Monday 10 1 2012 11:06:18 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3104

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4103

Error - Monday 10 1 2012 11:06:19 PM | Computer Name = owner-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4103

[ HP Wireless Assistant Events ]
Error - Monday 9 24 2012 1:40:29 PM | Computer Name = owner-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()

at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList()

Error - Friday 11 16 2012 11:16:41 AM | Computer Name = owner-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Unexpected error at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()

at HPPA_Service.CurrentConfiguration.FindDevice(String hostPath, String portName)

at HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) at System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() at System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()

at HPPA_Service.CurrentConfiguration.ApplyFriendlyNames() at HPPA_Service.CurrentConfiguration.ReloadRadioList()

[ System Events ]
Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Event Log service failed to start due to the following
error: %%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The DcomLaunch service was unable to log on as NT AUTHORITY\SYSTEM
with the currently configured password due to the following error: %%50 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The DCOM Server Process Launcher service failed to start due to the
following error: %%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The AudioSrv service was unable to log on as NT AUTHORITY\LocalService
with the currently configured password due to the following error: %%50 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Windows Audio service failed to start due to the following error:
%%1069

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7038
Description = The PlugPlay service was unable to log on as NT AUTHORITY\SYSTEM with
the currently configured password due to the following error: %%50 To ensure that
the service is configured properly, use the Services snap-in in Microsoft Management
Console (MMC).

Error - Tuesday 12 31 2013 1:03:47 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7000
Description = The Plug and Play service failed to start due to the following error:
%%1069

Error - Tuesday 12 31 2013 1:04:34 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - Tuesday 12 31 2013 1:09:58 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203

Error - Tuesday 12 31 2013 1:45:31 AM | Computer Name = owner-HP | Source = Service Control Manager | ID = 7023
Description = The Power service terminated with the following error: %%4203


< End of report >
  • 0

Advertisements

#2
alhawi
Posted 31 December 2013 - 01:04 AM

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
Also My Malwarebytes kept blocking a site that melacious, with an IP address of 66.45.56.109
I also ran aswMBR and here is the log:

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-12-31 00:07:36
-----------------------------
00:07:36.557 OS Version: Windows x64 6.1.7600
00:07:36.557 Number of processors: 4 586 0x2502
00:07:36.558 ComputerName: OWNER-HP UserName: owner
00:07:42.770 Initialize success
00:38:16.084 AVAST engine defs: 13123001
00:40:22.857 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:40:22.860 Disk 0 Vendor: ST950042 0006 Size: 476940MB BusType: 3
00:40:22.962 Disk 0 MBR read successfully
00:40:22.965 Disk 0 MBR scan
00:40:22.970 Disk 0 unknown MBR code
00:40:22.979 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
00:40:22.990 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 456913 MB offset 409600
00:40:23.020 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 19723 MB offset 936167424
00:40:23.037 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
00:40:23.094 Disk 0 scanning C:\Windows\system32\drivers
00:40:33.499 Service scanning
00:40:54.399 Modules scanning
00:40:54.400 Disk 0 trace - called modules:
00:40:54.422 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
00:40:54.423 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051f5060]
00:40:54.424 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa8005082950]
00:40:54.424 5 hpdskflt.sys[fffff88001857189] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f30050]
00:40:58.973 AVAST engine scan C:\Windows
00:41:04.415 AVAST engine scan C:\Windows\system32
00:46:05.270 AVAST engine scan C:\Windows\system32\drivers
00:46:25.201 AVAST engine scan C:\Users\owner
00:49:10.045 Disk 0 MBR has been saved successfully to "C:\Users\owner\Desktop\MBR.dat"
00:49:10.068 The log file has been saved successfully to "C:\Users\owner\Desktop\aswMBR.txt"
  • 0

#3
alhawi
Posted 04 January 2014 - 11:17 PM

alhawi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 123 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by owner on Sat 01/04/2014 at 23:04:53.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\theseaapp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{E62B7ADD-C6FD-402C-BBAE-230ADD1D4166}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\owner\appdata\local\jetmp3"
Successfully deleted: [Folder] "C:\Users\owner\appdata\locallow\somototoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\extensions\[email protected] [Tracur]
Successfully deleted: [Folder] C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\extensions\jetmp3@jetpack
Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\cvea1g3c.default\minidumps [14 files]



~~~ Chrome

Dumping contents of C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\background.js
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\ContentScript.js
C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default\aaaaaddfdigfdadcgedfdfdidadfgddf\manifest.json

Successfully deleted: [Folder] C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/04/2014 at 23:12:41.69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP