Thanks for responding, and thanks for your help.
The following files were not present: java auto updater; weather bug gadget.
At the end of step 2, upon shutting down, I got the following message: "The instruction at 0X76778b0d referenced memory at 0X00000000. The memory could not be read. Click on ok to terminate program." I clicked off and the system restarted.
Upon rebooting, I got the following message: "The module, "C:\Users\Mark\AppData\Local\UST\idr20009.dll" failed to load. Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .DLL files The specified module could not be found." I clicked off this and the reboot continued without issue.
In step 3, there were no threats found by the TDSSKiller.exe program.
In step 4, during the scan, I got the following message: "OTL.exe. There is no disk in the drive. Please insert a disk into driver \Device\Hardisk2\DR2." I clicked off this and the program continued scanning.
I checked in IE9, using Google, and tried a search for a legitimate site to which I was redirected earlier. I was redirected. Norton prevented an attack when I clicked on the site - I wasn't able to record everything it said but was was a Web Attack: styx ...
Attached are the OTL.txt and Extras.txt files.
OTL logfile created on: 8/26/2013 5:45:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Public\Orenzow documents\Ebay matters\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.49 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 54.71% Memory free
7.16 Gb Paging File | 5.69 Gb Available in Paging File | 79.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.17 Gb Total Space | 131.75 Gb Free Space | 45.56% Space Free | Partition Type: NTFS
Drive D: | 8.92 Gb Total Space | 0.95 Gb Free Space | 10.66% Space Free | Partition Type: NTFS
Drive F: | 6.19 Gb Total Space | 6.13 Gb Free Space | 99.03% Space Free | Partition Type: NTFS
Drive L: | 291.90 Gb Total Space | 109.13 Gb Free Space | 37.38% Space Free | Partition Type: NTFS
Drive O: | 7.45 Gb Total Space | 3.99 Gb Free Space | 53.51% Space Free | Partition Type: FAT32
Computer Name: HPA6257C | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/08/26 17:44:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Orenzow Documents\Ebay matters\Downloads\OTL.exe
PRC - [2013/08/16 21:07:24 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/07/09 09:42:14 | 007,221,336 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccsvchst.exe
PRC - [2013/03/14 10:47:42 | 015,500,800 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\nexdef.exe
PRC - [2011/04/08 08:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 18:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/02/22 14:29:10 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/11/01 17:13:26 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PCM4Everio\EverioService.exe
PRC - [2007/07/17 12:03:38 | 000,868,352 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/02/15 07:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/12 15:57:08 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
PRC - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
========== Modules (No Company Name) ========== MOD - [2013/08/16 21:07:24 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/08/14 03:34:12 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/08/14 03:32:47 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/14 03:32:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/14 03:32:26 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9092960402154cf69c694786ae1049b3\System.Configuration.ni.dll
MOD - [2013/08/14 03:30:55 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/14 03:30:41 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll
MOD - [2013/08/14 03:30:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/14 03:30:13 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\766ec41669f9986cc118ec647df35cf0\System.Data.ni.dll
MOD - [2013/08/14 03:30:02 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1907eca427f3b8a0b672d7582427bace\PresentationFramework.ni.dll
MOD - [2013/08/14 03:29:46 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a42ae90abfc074ec34aac50353324f66\PresentationCore.ni.dll
MOD - [2013/08/14 03:29:32 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\e887556e2e663db3f545345d634e125b\WindowsBase.ni.dll
MOD - [2013/08/14 03:29:09 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/11 03:41:27 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\f28238b56c8b6401a428aa549b28a89a\UIAutomationTypes.ni.dll
MOD - [2013/07/11 03:37:04 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/07/11 03:36:21 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/03/14 10:47:42 | 015,500,800 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\nexdef.exe
MOD - [2013/03/14 10:47:42 | 000,159,744 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\rt\jetrt\baseline720.dll
MOD - [2013/03/14 10:47:42 | 000,126,976 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\rt\bin\zip.dll
MOD - [2013/03/14 10:47:42 | 000,069,632 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\rt\bin\java.dll
MOD - [2013/03/14 10:47:42 | 000,020,480 | ---- | M] () -- C:\Users\Mark\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll
MOD - [2012/05/30 10:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.4.0.40\wincfi39.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/08/05 11:26:14 | 000,061,440 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/08/05 11:26:12 | 000,131,072 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/08/05 11:26:06 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/08/05 11:26:06 | 000,007,680 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/08/05 11:26:04 | 000,036,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/08/05 11:26:04 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/08/05 11:26:00 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/08/05 11:25:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/04/11 02:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/11/01 17:13:08 | 000,012,288 | ---- | M] () -- C:\Program Files\CyberLink\PCM4Everio\Kernel\common\CLEverioDetector.dll
MOD - [2007/08/15 21:52:48 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2007/07/17 12:03:38 | 000,868,352 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
MOD - [2007/02/16 20:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 20:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007/02/07 17:51:20 | 000,188,416 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncRs.crl
========== Services (SafeList) ========== SRV - [2013/08/16 21:07:24 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/24 15:08:36 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/21 00:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe -- (N360)
SRV - [2010/01/23 00:39:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\570\g2aservice.exe -- (GoToAssist)
SRV - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/09/11 19:02:44 | 000,544,256 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service)
SRV - [2006/09/11 19:01:04 | 000,167,936 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL)
SRV - [2006/09/11 18:56:32 | 000,075,264 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe -- (ISSM)
SRV - [2006/09/11 18:56:20 | 000,188,416 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService)
SRV - [2006/09/03 13:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 02:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server)
SRV - [2006/05/10 12:13:52 | 000,029,696 | R--- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/08/20 21:30:29 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/08/20 14:38:49 | 000,392,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\IPSDefs\20130823.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/08/16 05:56:29 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130826.001\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/08/16 05:56:29 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\VirusDefs\20130826.001\NAVENG.SYS -- (NAVENG)
DRV - [2013/06/29 16:36:54 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys -- (SymEFA)
DRV - [2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys -- (SymDS)
DRV - [2013/05/19 07:04:42 | 000,124,504 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2013/05/16 01:02:14 | 000,603,224 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.sys -- (SRTSP)
DRV - [2013/04/24 20:43:56 | 000,352,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\symtdiv.sys -- (SYMTDIv)
DRV - [2013/04/15 22:41:14 | 000,134,744 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/03/04 21:39:19 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\ironx86.sys -- (SymIRON)
DRV - [2013/03/04 21:21:35 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1404000.028\srtspx.sys -- (SRTSPX)
DRV - [2012/08/08 23:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/01/19 02:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/13 19:05:26 | 000,015,104 | ---- | M] (Proxure, Inc.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\Pxrmcet.sys -- (Pxrmcet)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/11 05:49:22 | 000,968,064 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/09/25 20:17:42 | 000,028,336 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\PCDR5\pcd5srvc.pkms -- (PCD5SRVC{4E6EB9F3-2B32408D-05010004})
DRV - [2006/09/25 20:17:16 | 000,020,480 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PcdrNdisuio.sys -- (PcdrNdisuio)
DRV - [2006/09/24 09:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2005/12/12 13:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktopIE - HKLM\..\SearchScopes,DefaultScope = {3FA99A29-739D-4636-AADA-F346D11EE60A}
IE - HKLM\..\SearchScopes\{3FA99A29-739D-4636-AADA-F346D11EE60A}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{933AC5D9-6AB2-4AAA-8966-20D49A1EC230}: "URL" =
http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKLM\..\SearchScopes\{B52788EB-9A00-433E-9424-92F8B8F616B4}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7
IE - HKU\.DEFAULT\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ieIE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comIE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.nytimes.com/IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\..\SearchScopes,DefaultScope = {DB3FDEF3-524C-435E-9FBC-CFCF530944FB}
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searc}
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=US&ver=5
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\..\SearchScopes\{DB3FDEF3-524C-435E-9FBC-CFCF530944FB}: "URL" =
http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-397070735-3145188438-542509979-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledAddons: tpoerzyqrs%40tpoerzyqrs.org:2.9.2.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Mark\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\coFFPlgn\ [2013/08/26 17:35:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.1.22\IPSFFPlgn\ [2013/02/04 19:28:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/07/03 17:26:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/26 17:15:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/26 17:15:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Mark\AppData\Roaming\Move Networks [2010/01/25 18:33:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/07/03 17:26:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/08/26 17:15:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/26 17:15:17 | 000,000,000 | ---D | M]
[2010/01/23 00:33:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Extensions
[2013/08/21 11:29:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\nllv4fhh.default\extensions
[2008/01/19 01:49:12 | 000,005,278 | ---- | M] () (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\nllv4fhh.default\extensions\tpoerzyqrs@tpoerzyqrs.org.xpi
[2012/11/25 18:48:43 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\nllv4fhh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/08/26 17:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/08/16 21:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/16 21:07:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.57\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Mark\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Docs = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\
CHR - Extension: Google Wallet Service = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0\
CHR - Extension: Gmail = C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-397070735-3145188438-542509979-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CCUTRAYICON] FactoryMode File not found
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EverioService] C:\Program Files\CyberLink\PCM4Everio\EverioService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [VirtualStore] C:\Users\Mark\AppData\Local\Microsoft\VirtualStore\eppjhdpnij.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [VST Update] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-397070735-3145188438-542509979-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk = C:\Users\Mark\AppData\Local\Autobahn\nexdef.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40}
http://h20264.www2.hp.com/ediags/dd/ins ... sVista.cab (HPDDClientExec Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebook.com/controls/200 ... ader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592}
http://cdn2.zone.msn.com/binFramework/v ... b56649.cab (MSN Games - Installer)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809}
http://images3.pnimedia.com/ProductAsse ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EFD1E13D-1CB3-4545-B754-CA410FE7734F}
http://www.cvsphoto.com/upload/activex/ ... ontrol.cab (Photo Upload Plugin Class)
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3}
http://zone.msn.com/bingame/zpagames/ZP ... b64162.cab (MSN Games – Backgammon)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E1A1D904-87D9-425C-839A-BDAA9A76EDCB}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\570\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\570\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Mark\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mark\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/15 22:05:40 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/08/01 05:17:56 | 000,000,000 | ---D | M] - O:\Automobile Records -- [ FAT32 ]
O33 - MountPoints2\{13c2b859-3447-11de-94bb-001d60acac56}\Shell\AutoRun\command - "" = M:\JDSecure\Windows\JDSecure31.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Info.exe protect.ed 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/08/25 12:19:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Orenzow Documents\Ian
[2013/08/21 11:29:29 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\VST
[2013/08/16 21:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/14 03:02:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/08/14 03:02:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/08/14 03:02:53 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/08/14 03:02:53 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/08/14 03:02:52 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/08/14 03:02:51 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/08/14 03:02:51 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/08/14 03:02:50 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/08/13 18:15:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/08/13 18:08:12 | 003,603,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/08/13 18:08:12 | 003,551,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/08/08 09:29:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Orenzow Documents\Guatamala trip
[2013/08/02 19:00:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Orenzow Documents\750 Old Lancaster Road Berwyn
[2008/02/16 10:20:07 | 000,630,784 | ---- | C] (Citrix Online) -- C:\Users\Mark\GoToAssist_chat2way__317_en.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/08/26 17:44:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/26 17:35:42 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/26 17:34:52 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/26 17:34:51 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/26 17:34:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/26 17:34:44 | 3746,037,760 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/26 17:01:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/22 04:11:48 | 000,001,967 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/08/14 03:05:36 | 000,643,540 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/14 03:05:36 | 000,119,732 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/13 17:43:40 | 000,001,356 | ---- | M] () -- C:\Users\Mark\AppData\Local\d3d9caps.dat
[2013/08/12 14:58:19 | 365,453,843 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/08/08 09:43:05 | 000,252,377 | ---- | M] () -- C:\Users\Public\Orenzow Documents\insurance program summary.pdf
[2013/07/28 14:39:37 | 001,647,608 | ---- | M] () -- C:\Users\Mark\Desktop\Anniversary 32.jpg
[2013/07/28 14:39:37 | 001,640,080 | ---- | M] () -- C:\Users\Mark\Desktop\P7261374.JPG
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/08/08 09:43:05 | 000,252,377 | ---- | C] () -- C:\Users\Public\Orenzow Documents\insurance program summary.pdf
[2013/07/28 14:40:20 | 001,647,608 | ---- | C] () -- C:\Users\Mark\Desktop\Anniversary 32.jpg
[2013/07/28 14:39:37 | 001,640,080 | ---- | C] () -- C:\Users\Mark\Desktop\P7261374.JPG
[2013/07/28 14:28:31 | 002,263,484 | ---- | C] () -- C:\Users\Mark\Desktop\P7261375.JPG
[2013/07/03 17:13:03 | 000,196,197 | ---- | C] () -- C:\Windows\hpwins20.dat.temp
[2013/07/03 17:13:03 | 000,001,678 | ---- | C] () -- C:\Windows\hpwmdl20.dat.temp
[2011/05/18 18:40:00 | 000,001,940 | ---- | C] () -- C:\Users\Mark\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2008/03/09 13:30:31 | 000,103,784 | ---- | C] () -- C:\Users\Mark\GoToAssistDownloadHelper.exe
[2008/03/01 00:24:27 | 000,710,144 | -HS- | C] () -- C:\Users\Mark\ehthumbs_vista.db
[2008/02/02 14:41:22 | 000,001,356 | ---- | C] () -- C:\Users\Mark\AppData\Local\d3d9caps.dat
[2007/12/15 12:12:59 | 000,210,432 | ---- | C] () -- C:\Users\Mark\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/24 20:28:22 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
========== ZeroAccess Check ========== [2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 13:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 02:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2013/08/22 19:59:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\EPSON
[2008/03/29 14:32:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\HotSync
[2008/03/29 14:32:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Snapfish
[2008/03/29 14:34:39 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TaxCut
[2008/03/01 19:25:50 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\HotSync
[2008/03/01 19:24:40 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Snapfish
[2007/12/28 17:00:54 | 000,000,000 | ---D | M] -- C:\Users\Lauren\AppData\Roaming\Snapfish
[2007/12/24 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\acccore
[2008/02/24 13:12:20 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\CompanionLink
[2009/04/30 21:56:40 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\EndNote
[2008/09/28 18:45:55 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\EPSON
[2013/07/16 08:55:44 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Family Lawyer
[2008/02/24 12:42:36 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\HotSync
[2009/12/27 13:43:57 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\iPodifier
[2008/10/05 19:32:13 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\IrfanView
[2008/02/24 13:05:34 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Leadertech
[2008/10/04 12:56:43 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\muvee Technologies
[2008/03/16 17:29:43 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\OverDrive
[2010/04/02 13:51:04 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\pdf995
[2012/05/19 13:18:54 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Sling Media
[2008/08/24 21:27:51 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\SlySoft
[2007/11/24 18:02:03 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Snapfish
[2013/04/09 17:37:38 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\TaxCut
[2010/06/04 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\Tific
[2008/02/23 13:41:29 | 000,000,000 | ---D | M] -- C:\Users\Mark\AppData\Roaming\WinBatch
[2008/05/16 10:33:39 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\HotSync
[2007/11/25 12:54:36 | 000,000,000 | ---D | M] -- C:\Users\Penny\AppData\Roaming\Snapfish
========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\Windows:246B0427A7A439F4
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:7838B9E0
< End of report >
OTL Extras logfile created on: 8/26/2013 5:45:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Public\Orenzow documents\Ebay matters\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.49 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 54.71% Memory free
7.16 Gb Paging File | 5.69 Gb Available in Paging File | 79.45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.17 Gb Total Space | 131.75 Gb Free Space | 45.56% Space Free | Partition Type: NTFS
Drive D: | 8.92 Gb Total Space | 0.95 Gb Free Space | 10.66% Space Free | Partition Type: NTFS
Drive F: | 6.19 Gb Total Space | 6.13 Gb Free Space | 99.03% Space Free | Partition Type: NTFS
Drive L: | 291.90 Gb Total Space | 109.13 Gb Free Space | 37.38% Space Free | Partition Type: NTFS
Drive O: | 7.45 Gb Total Space | 3.99 Gb Free Space | 53.51% Space Free | Partition Type: FAT32
Computer Name: HPA6257C | User Name: Mark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C91C5C1-B139-4F0E-A387-BAA612880523}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{204B2255-16FB-44BA-96F2-635DF192E4CD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{355995B8-E3DD-4637-9335-E4231B57A2A8}" = rport=10244 | protocol=6 | dir=out | app=system |
"{3B483391-D4AD-4E5D-AACD-556F6810E104}" = lport=10244 | protocol=6 | dir=in | app=system |
"{42CD05CE-6C8F-4DED-80F1-E2860A840334}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49F71576-B4F6-44C0-B7FC-6991B4AB8E48}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4DC441D0-F2F2-4670-B99A-555E56AC4974}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50F477DD-68F8-4EAC-84B2-12609A74B123}" = lport=10244 | protocol=6 | dir=in | app=system |
"{52BE9454-4586-44FC-A9C1-AD0B9D316280}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{597D703B-002A-467D-B487-8F19B6789568}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F8A8B66-42F6-4751-BACF-AF19B8171EC7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68674BFD-42D6-4DAE-BA08-285D6B6457D3}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{71B4219D-40A5-4B12-8044-DD500448FCA4}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{7B8D23A4-062C-4763-8B81-ECB9F969B27F}" = lport=3390 | protocol=6 | dir=in | app=system |
"{7FB011C9-A586-4579-A044-0C762EC858E4}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{848B9ADE-3A0D-40EE-AA29-67EBF4FCFBCA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B1AA53B-BB7C-4C2A-94D8-DEB0C2EC937B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B50994E-160E-40D7-ACDB-AABFEB14976E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ACDDE130-C616-497A-BA84-A9545EA1FD7A}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{B10A4E8A-614E-4D30-86FB-B4F00680E21B}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E10E849A-BE39-4812-A4DC-7055BE03E09A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB755978-B545-4874-96C1-C5723D64EBE6}" = rport=10244 | protocol=6 | dir=out | app=system |
"{EBC4E7F5-9B5D-469B-A16D-49E871A7BA0D}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{F766BBB7-21CC-4AB9-9F43-AF55293BA36C}" = lport=3390 | protocol=6 | dir=in | app=system |
"{FFF43B4F-D112-4ED1-B481-51B3BECDAE3D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{084E9A89-61D5-43AC-8049-245206F2C553}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{0F03F033-9EA1-423F-B684-EB40D92B4C6D}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{155861BE-FF8A-4891-AD19-9E549B608669}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{1954D322-AA2E-433A-9816-111093F697ED}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{1B36525C-CD2F-4231-BB04-0F2208819A96}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B68B626-BC21-4336-806D-34D7B887EA88}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{21A0639A-8CC8-43B2-9E92-A3AEE2AC660E}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{23D1C933-BF99-4C29-8512-8C92E2B1AB75}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{26532EBB-6670-4158-844C-D6BA0569724F}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{28C52759-7FED-493E-831B-1853BF604A69}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{2F4783CD-8C43-4148-8A59-07756850C280}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{2F480EAA-F8E1-445E-B506-22F0751959CD}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{32FC34DD-3798-4AD3-8147-CEC6A0DA1CA4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{340916AC-EE4F-4159-BA8F-E8BDE0AC200B}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{4AE05C99-B15C-483B-B9AE-57146B95AC59}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{514E2E82-FDE6-4A84-A47B-A6FE30A0624E}" = dir=in | app=c:\users\mark\appdata\local\temp\7zs7bd2\ojj4600_basic_14\setup\hpznui01.exe |
"{531714B2-9521-4F9E-A277-E0101E3014D7}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{5986FB53-A4F9-4DA2-BD90-BACDF359A5C6}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{69BF411C-3199-469E-B4F4-7810B9C40014}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6BD41F77-6F34-4561-9D31-D4B364A4D1BC}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6DF702AB-8E78-4D5C-B343-AA51B49ED0B3}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{6FAF04D3-94DB-4CC6-B08A-241776CB3818}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{741BA515-5F70-40E0-BE19-3E06CF23662A}" = dir=in | app=c:\program files\cyberlink\powerdirector express\pdx.exe |
"{75B9B781-6C94-4AA8-9D4D-4C3137A5BDF9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7F1B4BEC-EB27-4CF8-AB80-A611E4A17860}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{7FD4BBC9-4469-4E0F-B5B4-74945859BFCA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{8CA7F508-574E-4796-8283-E42CDC0E609C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{9CF6F2E4-AEFF-42B6-961C-B5E1C084D2E9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{AB14AE81-83BF-4FDF-A687-F267732EC3C4}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{AFA49080-7551-4419-9205-C1D241009D7A}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{B4E1CC23-9D40-4B6D-AD46-FFDC731E630E}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B75BB12D-4056-4CB6-8249-01D2C2AF5574}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{BA6AE808-27BF-4DE9-AB84-BEAEDFD54951}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C5152773-BE58-43DA-B9E0-D602E2BFE9CD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{C7A8111B-69CC-47C1-90C5-6ED9766C4C8E}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{C8B83948-E664-4E55-BB39-8382B8B04692}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{C9664F86-3D49-4F97-938E-917B1C21A8B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{D61D35D6-2650-43E6-8AD1-A053985A8AAE}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{DA5E0388-398D-441D-B081-2613EB09C3CB}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{DABAAC30-0EEB-46E1-87F3-E42C38DE1490}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{F35794B6-9CCB-4EBA-8A9F-923CBE6833BE}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{F937BF6E-A6FF-4331-BAE9-0C6C5FE3D648}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FCA6D705-4F23-4026-A358-8F1718A31CAA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0A5FB059-9FF1-4A78-9753-4D7656560DAF}" = H&R Block New York 2012
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E243038-5F19-457F-A5A1-287477354D75}" = H&R Block New Jersey 2010
"{0FE55E01-5D5A-4823-A71E-F4F5E8BB473D}" = TaxCut New Jersey 2007
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{16D9439B-DF3D-43D1-A727-4B335300D07A}" = OverDrive Media Console
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{25653817-9502-41A5-A24D-FED750611E98}" = EPSON Perfection V500 Photo Scanner Driver Update
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = EPSON Event Manager
"{4945F319-A24D-454C-A411-F3689987315D}" = HP OfficeJet J4600 All-In-One Series
"{4BAC29B6-145B-49D0-A2FC-A79AE4F606E5}" = TaxCut New York 2008
"{5122DF4B-3740-4F0B-B423-48C46BA5834C}" = H&R Block New Jersey 2009
"{529A52D1-5521-436B-83AB-1322780DCDAD}" = H&R Block Premium + Efile + State 2010
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56F59702-1BB9-4C1B-BB8A-FB5F84A90378}" = H&R Block New York 2009
"{58381EE3-A57D-448F-BC8E-FFC66987615E}" = TaxCut New York 2007
"{5A80C75C-EB3A-4275-A6C4-2E20349DBF4C}" = H&R Block New York 2010
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{61100673-2546-42E1-BF92-467B5CB2AC6D}" = DeductionPro 2008
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{663E217E-FC26-4249-9E8E-F190CD63E737}" = TaxCut Premium + State 2007
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C434B52-8D0F-4080-9649-7497445DDCD4}" = H&R Block New York 2011
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E5A0256-C1BB-4A4E-99CE-B87CC4383744}" = HP Photosmart Plus B210 series Basic Device Software
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{70469C1D-DDF0-44A0-B873-9F28B354256C}" = H&R Block Basic + Efile + State 2011
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{89BA1176-0C98-483D-9CAF-EBBC4EEE5DB3}" = VitalSource Bookshelf
"{89D20029-0578-4D8D-979A-695C8D868868}" = H&R Block Premium + Efile + State 2012
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A5EBB62-ADE7-41E2-8884-1517DE3505D1}" = DeductionPro 2007
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90AACECD-1E42-4D22-ABAD-7FB9B67B262D}" = H&R Block Premium + Efile + State 2009
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{97F4D62E-5AEB-4649-BABF-4712C6EF6845}" = DeductionPro 2009
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B629CD93-A629-4A9F-8B6E-218E741A316E}" = BPDSoftware_Ini
"{B6ADA0E4-9451-43EB-B86E-878AD9E68D4F}" = LightScribe 1.6.45.1
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C6141748-CA45-4F24-A519-2401F2CCA01D}" = TaxCut New Jersey 2008
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD966EEF-2914-4205-A269-E86F8AA7C0E9}" = H&R Block New Jersey 2011
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D4163F73-AAE4-4E4F-9E9E-70828C2ADB58}" = iPodifier
"{D523F5FE-5E53-429A-B5F9-8AC375B201FD}" = H&R Block New Jersey 2012
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D91CBC0D-D45B-4FE7-AF44-E2BDD302CD9F}" = WebSlingPlayer ActiveX
"{DCE9C52A-95DD-4075-9FC6-3313FB8748A5}" = BPDSoftware
"{DE12AC99-F988-4EE5-BDE9-62623EE42E3B}" = MyAttorney Home And Business
"{DE46FEE3-4D5F-446F-ACEC-89E3ED081293}" = MCE Tunes Pro
"{E8DD8C86-E233-4AE4-BB8A-C52D36D7756D}" = H&R Block Pennsylvania 2012
"{EC7FE03D-239A-4E36-9907-0E327922D2A2}" = bpd_scan
"{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}" = HP Driver Diagnostics
"{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_7" = AIM 7
"AnyDVD" = AnyDVD
"CCH Small Firm Services (xulRunner)" = CCH Small Firm Services (xulRunner)
"Click'N Design 3D (V5)" = Click'N Design 3D (V5)
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"CloneDVDmobile" = CloneDVDmobile
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Digital Editions" = Adobe Digital Editions
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist Corporate
"H&R Block Business 2009" = H&R Block Business 2009 (Remove Only)
"H&R Block Business 2010" = H&R Block Business 2010 (Remove Only)
"H&R Block Business 2012" = H&R Block Business 2012 (Remove Only)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{DE12AC99-F988-4EE5-BDE9-62623EE42E3B}" = MyAttorney Home And Business
"Intel(R) Configuration Center" = Intel® Viiv™ Software
"ISI ResearchSoft - Export Helper" = ISI ResearchSoft - Export Helper
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Pdf995" = Pdf995yName
"PdfEdit995" = PdfEdit995
"Picasa 3" = Picasa 3
"Rhapsody" = Rhapsody
"Shop for HP Supplies" = Shop for HP Supplies
"Silent Package Run-Time Sample" = EPSON Perfection V500P User's Guide
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedFan" = SpeedFan (remove only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"Yahoo! Search Defender" = Yahoo! Search Protection
"ZENcast Organizer" = ZENcast Organizer
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-397070735-3145188438-542509979-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 6/8/2009 8:24:52 PM | Computer Name = HPa6257c | Source = Customer Experience Improvement Program | ID = 1010
Description =
Error - 6/9/2009 9:32:47 PM | Computer Name = HPa6257c | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 7.0.6001.18226 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1564 Start Time: 01c9e96233a457c8 Termination Time: 59
Error - 6/11/2009 3:08:39 AM | Computer Name = HPa6257c | Source = Windows Search Service | ID = 3013
Description =
Error - 6/11/2009 3:10:42 AM | Computer Name = HPa6257c | Source = Windows Search Service | ID = 3013
Description =
Error - 6/11/2009 3:10:42 AM | Computer Name = HPa6257c | Source = Windows Search Service | ID = 3013
Description =
Error - 6/12/2009 6:40:20 PM | Computer Name = HPa6257c | Source = System Restore | ID = 8209
Description =
Error - 6/12/2009 9:08:57 PM | Computer Name = HPa6257c | Source = System Restore | ID = 8209
Description =
Error - 6/12/2009 9:32:12 PM | Computer Name = HPa6257c | Source = Customer Experience Improvement Program | ID = 1010
Description =
Error - 6/14/2009 9:11:03 PM | Computer Name = HPa6257c | Source = Customer Experience Improvement Program | ID = 1010
Description =
Error - 6/14/2009 10:13:49 PM | Computer Name = HPa6257c | Source = Customer Experience Improvement Program | ID = 1010
Description =
[ IntelDH Events ]
Error - 9/17/2008 9:01:04 AM | Computer Name = HPa6257c | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 9/17/2008 9:02:33 AM | Computer Name = HPa6257c | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 4/2/2010 5:39:40 PM | Computer Name = HPa6257c | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
Error - 9/18/2010 5:24:51 PM | Computer Name = HPa6257c | Source = CCU_Engine | ID = 15
Description = A CCU internal function detected an error: CCUEngine failed to create
the DataManager
Error - 9/18/2010 5:24:51 PM | Computer Name = HPa6257c | Source = UIMgr | ID = 17
Description = A CCU interface function returned an error: CCUUIManager could not
create an instance of the CCU Engine
[ Media Center Events ]
Error - 5/24/2012 2:30:32 AM | Computer Name = HPa6257c | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/24/2012 8:41:45 AM | Computer Name = HPa6257c | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/24/2012 8:01:31 PM | Computer Name = HPa6257c | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/22/2012 12:00:42 AM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 13
Description = Event Info: Failure attempting to download new Guide data. Please
check your Internet connection settings. If you are connecting through a firewall
or proxy, please verify that it has been properly configured. Process: DefaultDomain
Object
Name: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 6/22/2012 12:00:55 AM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 13
Description = Event Info: Failure attempting to download new Guide data. Please
check your Internet connection settings. If you are connecting through a firewall
or proxy, please verify that it has been properly configured. Process: DefaultDomain
Object
Name: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 12/8/2012 8:10:47 PM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 12/8/2012 8:10:48 PM | Computer Name = HPa6257c | Source = McrMgr | ID = 109
Description =
Error - 6/6/2013 12:10:21 AM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 13
Description = Event Info: Failure attempting to download new Guide data. Please
check your Internet connection settings. If you are connecting through a firewall
or proxy, please verify that it has been properly configured. Process: DefaultDomain
Object
Name: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 6/6/2013 12:10:55 AM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 13
Description = Event Info: Failure attempting to download new Guide data. Please
check your Internet connection settings. If you are connecting through a firewall
or proxy, please verify that it has been properly configured. Process: DefaultDomain
Object
Name: Microsoft.Ehome.Epg.EhepgdatSingleton
Error - 7/12/2013 12:34:08 PM | Computer Name = HPa6257c | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ System Events ]
Error - 8/21/2013 3:03:32 AM | Computer Name = HPa6257c | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 8/22/2013 3:53:28 PM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7000
Description =
Error - 8/23/2013 10:59:47 AM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7011
Description =
Error - 8/23/2013 11:02:08 AM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7011
Description =
Error - 8/23/2013 4:20:38 PM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7011
Description =
Error - 8/26/2013 3:12:16 AM | Computer Name = HPa6257c | Source = DCOM | ID = 10010
Description =
Error - 8/26/2013 5:03:44 PM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7011
Description =
Error - 8/26/2013 5:12:59 PM | Computer Name = HPa6257c | Source = DCOM | ID = 10010
Description =
Error - 8/26/2013 5:20:33 PM | Computer Name = HPa6257c | Source = DCOM | ID = 10010
Description =
Error - 8/26/2013 5:36:15 PM | Computer Name = HPa6257c | Source = Service Control Manager | ID = 7000
Description =
< End of report >