Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible Malware Toolbar/Hijacker/etc

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible Malware Toolbar/Hijacker/etc

Unread postby anya0234 » April 22nd, 2011, 2:22 am

I use Mozilla Firefox, and my toolbar is continuously redirecting me from my pages. It happens when the accurate link is entered, when a search is performed and when I am browsing pages that have been secured, it boots me out of that site and onto a yahoo search site. Attached is the system scan that I ran. Also, I ran a scan through Malwarebytes' Anti-Malware and it found these three objects:
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.


Information per your scan:

OTL Extras logfile created on: 4/22/2011 12:18:07 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\McAlpine\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 42.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.80 Gb Total Space | 29.12 Gb Free Space | 10.15% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.59 Gb Free Space | 14.13% Space Free | Partition Type: NTFS
Drive F: | 122.41 Mb Total Space | 118.03 Mb Free Space | 96.43% Space Free | Partition Type: FAT

Computer Name: MCALPINE-PC | User Name: McAlpine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 1
"AntiSpyWareDisableNotify" = 1
"AntiVirusDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
"FirewallDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3813002812-403067811-3136601845-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3813002812-403067811-3136601845-500]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3813002812-403067811-3136601845-501]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09EB98B5-11D3-4B1F-8C2B-E132D1D4A7BA}" = lport=10244 | protocol=6 | dir=in | app=system |
"{128852BF-73AF-4E4A-BC17-B86C76A340D6}" = rport=10244 | protocol=6 | dir=out | app=system |
"{13931CCB-4E84-431F-9492-B2D51E38DC61}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{144AE309-BEC1-4F4E-8AFA-741CCD5D7F1E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{1AE8C004-DAA7-4649-B9FD-ABE0F9A9E450}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{294BF7C9-6D80-4218-ABD1-935E0A63BEB8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2D7C4A93-CFBB-46A4-9CCB-33DC568C560A}" = lport=3390 | protocol=6 | dir=in | app=system |
"{2F10FBDE-0F9B-4BB5-8AD7-2F891604D56B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30B9E1AB-8C79-4C22-A568-2B0F18B2070F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31EB2856-54F9-4D74-AFC0-AD95169CC2B5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{33824C7E-14D7-4F71-8D5B-6F09306DD134}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3515AB8D-169A-41BC-8781-9C7AF6C679D3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51BEE88F-31A3-4121-9D4D-44AB66ED0F74}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5273A67C-A678-46E0-8F64-69E3DC2B41B7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5E826539-E84C-4463-B35C-3DCB4E20242E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60B31A3B-57D0-4534-A067-2667115B8589}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A6689C0-D061-4DD2-9E72-9CAF3931658A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84289188-35C7-4650-B6B8-03E1DD1012B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{90B3CEC1-A7FF-40D2-A84E-F4B9CC48BE7F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9F91B0BC-BC13-4BD2-AF0A-C1E30F6427A1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A72A6B75-DCEB-4D83-BB1D-1EEB4324B434}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A95DAA90-1F71-4F16-80D9-95CF953392ED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AE6CAB57-5D46-49BC-94CE-3053D7DB5375}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B40355E6-FF09-4F4D-BC97-E1C85DFE7128}" = rport=10244 | protocol=6 | dir=out | app=system |
"{B61417DA-3720-4904-984C-2692CA5EA321}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B9AA3318-4A96-4FA7-A04E-86FA9629B94E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BABDE5AE-856C-4DC7-8A4A-DB16C061021E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BD4B0012-376E-4D59-8252-405CCAE23AD7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF32E7F1-847D-44FF-8A06-217BF6CD0922}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C06D4176-693C-491A-BF61-4632D674BC19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C10D7B78-28FC-44C0-8C55-4709D1EA3743}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{CB1F0258-89B7-4DB2-9957-238B16A33722}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CE2F7430-6378-470B-8C9D-9D67D6093A64}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DFCF0DC8-5EC2-4263-9AE3-CDE8B89B2492}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E1522F11-74BB-451D-971C-FB543AD6C4A3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1F1A20E-3AFA-4FFD-9EFA-1CB4B5E3F458}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E2448A8F-69B5-4C29-97EA-8ED9233070E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E687E7F6-A593-4E7C-B422-C891C478E2B4}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{E834AC43-8FED-4137-8894-D378EC65E3B9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{ED744F7F-01E2-427A-81B2-E2ED892ABAB5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EF21D165-C138-4AEA-AD8E-7A2F2F5BFC9E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027A85D0-060E-4DB0-9BE9-0D4227649CBD}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{0347C347-B91C-4852-907C-9C0C77E15C35}" = protocol=17 | dir=out | app=%programfiles%\zune\zunenss.exe |
"{0F55B178-121B-4F60-8766-D16112DB40F8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{14A831E0-FD55-4429-B298-73DF1974272D}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{14BFF402-F28B-4335-9397-6352A871B187}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{16E03C19-9E92-4490-B92D-F035273C1261}" = protocol=6 | dir=out | app=%programfiles%\zune\zunenss.exe |
"{1D0D0A88-C59A-49E4-9B99-2D91D2310371}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{1D31ECD1-ADEA-49FC-8359-2740EB2428EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{1F3B50BC-2525-4A82-B049-7E3E71BC2C93}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\oddworld abes exoddus demo\exoddus.exe |
"{22FEA0DE-BD1F-4DB3-9EBC-5F9C5542EB66}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{245B32D1-8E53-4CCC-85CA-B3D4688D493C}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\conflict denied ops demo\conflictdeniedops.exe |
"{249B11AC-A592-4256-95E7-770E63563A56}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{24D1E7A7-5E2A-427A-B2B1-0E6655EA387E}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{270669D5-1B17-4985-8E16-502745A8A983}" = protocol=17 | dir=in | app=%programfiles%\zune\zunenss.exe |
"{2730D73F-FA76-47FB-9FB4-0A12ED08FE20}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{29F7FBF5-6644-4F37-895A-06180EC9D927}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amnesia the dark descent demo\launcher.exe |
"{2B2D4DE0-0411-4417-B0A9-9F3A1B5E5086}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{2E5913B7-E5DF-47E3-AC0E-6449F559A269}" = protocol=6 | dir=out | app=%programfiles%\zune\zunenss.exe |
"{31133578-73FD-42F1-838A-1DE321A6756F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3A67FFFF-4C8E-444D-9A1E-3F9331EF2D2C}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{3A9F7C08-E2C3-4012-8E68-FC2B3C75F35B}" = protocol=17 | dir=out | app=%programfiles%\zune\zunenss.exe |
"{3ADBCDBE-7985-448F-818C-ED598D64F2E4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3BCC4DCE-02CD-4565-B2FD-E6BFB7337E56}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3DFDF293-2FFC-40A5-AD27-A9CA25F4EB5F}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{4250F91C-95F5-4D22-AD8F-CEA09A338668}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{439C4E82-1CFE-4ACF-B65D-35FE106C3D0C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{439CA4BB-7BEC-49DA-829A-02A32E5DEC9B}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{49139B99-E9B0-4A73-A6C4-B5DB106FA96D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{4A4D876F-1535-4EEB-B981-5BEB58732B4F}" = protocol=6 | dir=out | app=system |
"{4BB90001-9CD6-473E-91AB-BBC404A71FAE}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{4BFD0D90-FB65-493C-85C9-0098E6181569}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{4EE44A87-41D9-43F0-85D8-D85A9968BE24}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\machinarium demo\machinarium.exe |
"{50621512-9935-440E-B5B8-97A1508E8AD9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm |
"{621AABD1-2239-4284-916B-F2F4BD0CAB57}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{63706240-D179-457B-B084-2D96E93E1E64}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{6CF1D0AA-119D-408F-80DB-A38B00EF3B99}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6D277D54-FB95-45F7-AB34-ACB2B41D2178}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6D4312AF-CFA5-4E1C-BE0B-C8CB7EFE469A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\oddworld abes exoddus demo\exoddus.exe |
"{7023CA04-8E4D-4777-BDBA-E988A463F4E6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{702E6F9F-ABC0-4AD8-B1F6-D8F3A9E0606B}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{70FFD03C-B6FE-4B0E-BF54-52E4583BA249}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe |
"{71E32EC8-C110-4A0C-B2F2-D2C77B44FA91}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mini ninjas - demo\ninja.exe |
"{73265EEB-A2A1-4AD6-9FE3-258DFC26BFCC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{759BF12E-AEC0-4FC7-9612-82BA10C671C6}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mini ninjas - demo\ninja.exe |
"{77C93986-B79C-4878-9F58-40BBE1A02D0D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{78B56069-5A7E-48EF-B2BA-74748A787B75}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D008093-1309-4567-8213-4FA17CE7E361}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\machinarium demo\machinarium.exe |
"{7E1151B2-267D-41BB-B32E-A19E39AA1A8D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\mass effect 2 demo\masseffect2launcher.exe |
"{7F3722AD-DF97-497F-990F-7280088EAEDF}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{7FEA6CEB-9061-4D4C-B9DD-E2F09D32B80A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{81AF5583-6BB3-4D45-AC29-8B78A85CF0BF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of juarez - bound in blood sp demo\cojbibdemo_x86.exe |
"{82CAF23C-D8F1-41FA-8EAA-8FE5BC02878E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{8941282C-3196-49E4-A28B-3FA8128A6E4B}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{93AC7A78-60DF-4B94-B000-61AB858BDE91}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{9A10277A-F8E2-4321-8AED-B60CF253DC84}" = protocol=6 | dir=in | app=%programfiles%\zune\zunenss.exe |
"{9AD7EAC1-41AD-4499-B6CF-8978AF0466AA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{9B1CCDC1-2230-411D-9A76-B34254540650}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{A4A6371C-9C57-430B-8DB0-1DE02AE64BCB}" = protocol=6 | dir=in | app=%programfiles%\zune\zunenss.exe |
"{A50DDFEE-0828-4FE5-A87D-9C9FC1136B36}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A71157A7-F6AD-4B27-889F-7BC5362E6C30}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{AA615490-714D-4C8F-A058-30FD3996681F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{ADB25E8E-57EF-4285-BA9E-B6C2BF98CFB0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\conflict denied ops demo\conflictdeniedops.exe |
"{B0B9A25B-B955-407A-B8B6-ACEC7C779D3A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\thief deadly shadows\system\runme.exe |
"{B2A51DFB-910D-47CB-9BB1-3B9118BF5ADE}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BA56C3D4-3524-4724-B8D7-F45A214AF484}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{BDC97142-6709-4CC8-A493-1E27DCDCC3B8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{CAC4C33F-8384-4664-AB8D-9A40B70D088F}" = protocol=6 | dir=out | app=system |
"{CB78C56B-EE17-42C0-B2C7-5A77E7534B09}" = dir=in | app=e:\setup\hpznui01.exe |
"{CC0692ED-A15C-4BA0-A6E1-6793A68A723F}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{CC327FE6-5891-484F-91C1-0BA8578FD0AC}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd.exe |
"{D080711E-A426-467D-8789-F635198AF453}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D1A2023C-DC8B-447B-A0E6-E93D43D8F101}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D801E1C5-3513-4FD0-AC99-24827ADF95C4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{D825AB2B-B7B4-452E-9E22-70CCA4D26E2A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DAD3AF3E-5782-4F0D-823C-8F49BB88A5F3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\mass effect 2 demo\docs\ea help\electronic_arts_technical_support.htm |
"{DCA2D8AD-AEAA-4D0E-B66B-80AC0DBF0F10}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\serious sam hd the first encounter\bin\samhd_demo.exe |
"{DCEA3B3B-89F2-425B-BE97-1507F8E3D24B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of juarez - bound in blood sp demo\cojbibdemo_x86.exe |
"{DDFFCCE4-6994-4186-9A04-F60CD59B9373}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{E4DD1872-6F1E-4652-A9FD-E10392AC7980}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E6B2091E-B244-4E7C-8A6F-7DADF900B4F9}" = protocol=17 | dir=in | app=%programfiles%\zune\zunenss.exe |
"{FDF1A31A-4505-477D-BB2C-77EA3F60F20D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{FE1B0280-E72E-4ABC-B9EE-7E58D920B860}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"TCP Query User{34DC9844-08F0-4DEE-B527-9EBE47A9F660}C:\program files\steam\steamapps\reamer4cw\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\reamer4cw\counter-strike source\hl2.exe |
"TCP Query User{4764A8B1-AB62-4FB7-938F-46FC3E36F847}C:\program files\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{5068D4CC-A86F-4C78-A3FD-305F3CC8120F}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{BE6948E1-C68C-475E-A83C-9A048DBB187C}C:\program files\steam\steamapps\reamer4cw\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\reamer4cw\team fortress 2\hl2.exe |
"TCP Query User{C2014E77-C07E-4F59-9F1A-531AA1676587}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{014DA686-DDB9-48AD-995A-F1AB45E8ACA6}C:\program files\steam\steamapps\reamer4cw\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\reamer4cw\team fortress 2\hl2.exe |
"UDP Query User{3CA79AD6-A51E-46E8-B1A5-C3BD1D481F77}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{4BB5AA31-227F-4A0C-850B-A6B8A4F4C2FF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7C0F1E44-2D90-4189-9677-C1728445CC4E}C:\program files\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{A601F2F3-7F6D-4E68-9DF3-789A55C001E7}C:\program files\steam\steamapps\reamer4cw\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\reamer4cw\counter-strike source\hl2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{1CC069FA-1A86-402E-9787-3F04E652C67A}" = HP Support Information
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20140000-006D-0409-0000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 (Beta)
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{2EF0D7ED-F944-4E0D-AC78-7DA00C0B81E4}_is1" = Penumbra Overture
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6B5E816C-A761-4F5B-BF48-84B794556CAA}_is1" = Freelang Dictionary (wordlist)
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{784BEA84-FA66-4B19-BB80-7B545F248AC6}" = HP Total Care Setup
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91D3AD6F-09CD-4695-9FA3-8FB15429BE97}" = D110
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B84739A3-F943-47E4-95D8-96381EF5AC48}" = HP Customer Experience Enhancements
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C325F588-D6B1-4A7F-B6A2-914C75DDA348}" = Morrowind
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBF3C503-946E-45EA-B347-EACC41781989}" = W Photo Studio
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DB3C800B-081B-4146-B4E3-EFB5B77AA913}" = TES Construction Set
"{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.02.03.8013
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CameraUserGuide-PSSX120IS" = Canon PowerShot SX120 IS Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"EPSON Scanner" = EPSON Scan
"EPSON Stylus NX400 Series" = EPSON Stylus NX400 Series Printer Uninstall
"exent_466550" = The Treasures of Montezuma
"exent_595050" = Discovery! A Seek and Find Adventure
"exent_629350" = Virtual Villagers 2: The Lost Children
"ExpatShield" = Expat Shield 1.57
"foldit" = foldit
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"LogMeIn Hamachi" = LogMeIn Hamachi
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"Magic Workstation_is1" = Magic Workstation 0.94f
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010 (Beta)
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"OnLive" = OnLive
"OpenAL" = OpenAL
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"PriceGong" = PriceGong 2.1.0
"PROR" = Microsoft Office Professional 2007
"pywin32-py2.6" = Python 2.6 pywin32-212
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shop for HP Supplies" = Shop for HP Supplies
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"sp44626" = sp44626
"SpeedFan" = SpeedFan (remove only)
"Steam App 13260" = Unreal Development Kit
"Steam App 15720" = Oddworld: Abe's Exoddus Demo
"Steam App 15942" = The Office Demo
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 31970" = Nancy Drew: The White Wolf of Icicle Creek Demo
"Steam App 31990" = Nancy Drew: Ransom of the Seven Ships - Demo
"Steam App 33290" = Call of Juarez: Bound in Blood Demo
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 35050" = Mini Ninjas - Demo
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 40710" = Machinarium Demo
"Steam App 41020" = Serious Sam HD: The First Encounter Demo
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 550" = Left 4 Dead 2
"Steam App 57310" = Amnesia: The Dark Descent Demo
"Steam App 630" = Alien Swarm
"Steam App 6980" = Thief: Deadly Shadows
"Steam App 8090" = Conflict: Denied Ops Demo
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"VLC media player" = VLC media player 0.9.2
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/7/2011 5:14:44 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:14:44 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:14:44 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 1/7/2011 5:15:13 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:15:13 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:15:13 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 1/7/2011 5:15:39 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:15:39 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 1/7/2011 5:15:39 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 1/7/2011 5:16:06 AM | Computer Name = McAlpine-PC | Source = MsiInstaller | ID = 11606
Description =

[ Media Center Events ]
Error - 10/4/2009 1:59:16 AM | Computer Name = McAlpine-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 12/28/2009 5:02:50 AM | Computer Name = McAlpine-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/24/2010 11:53:21 PM | Computer Name = McAlpine-PC | Source = Mcx2Dvcs | ID = 401
Description =

Error - 5/25/2010 12:10:21 AM | Computer Name = McAlpine-PC | Source = McrMgr | ID = 109
Description =

[ System Events ]
Error - 4/22/2011 12:41:16 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 12:47:02 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 12:53:03 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 12:58:38 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:04:45 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:11:00 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:16:38 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:22:50 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:29:15 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 4/22/2011 1:35:27 AM | Computer Name = McAlpine-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 0023C3912DF7. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.


< End of report >


Thanks so much for your help!
anya0234
Regular Member
 
Posts: 19
Joined: April 22nd, 2011, 1:55 am
Advertisement
Register to Remove

Re: Possible Malware Toolbar/Hijacker/etc

Unread postby Wingman » April 22nd, 2011, 2:14 pm

By posting an incomplete log it is likely that your topic will be passed by and you will not receive the help you're looking for.
We need to know what's running on your computer so that we can provide the appropriate instructions.

May I draw your attention to THIS topic, which you should have read, that states what we need you to post, so we can help you.
If you still need help, please start a new thread an include your DDS logs:
  • DDS.txt.
  • Attach.txt.
  • Details of the problems you're experiencing.
If for any reason you can't run DDS, please let us know in your post.

This thread will now be closed.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14109
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 37 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware