WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Infected Computer / info stolen [Solved]

Started by schlackeye , Sep 16 2014 02:30 PM

Infection Unknown

This topic is locked

18 replies to this topic

#1 schlackeye

Authentic Member

Authentic Member
74 posts

Posted 16 September 2014 - 02:30 PM

I think that my computer is infected. Recently a credit card # was stolen and used for fraudulent purposes . . . I only use this card online and only on reputable sites like Amazon and iTunes so I don’t understand how this happened. I use CCleaner religiously after using the internet and also delete my history and such from the browser (I use Google Chrome as my browser).

I also found a file on my computer that I definitely did not create (it was a file named after a person I know) and different types of files (jpegs, word documents, jscripts) regarding that person that are on my computer were found in this mixed all together in this folder . . . but I store all word docs together and I store all jpegs together, not mixed together in a file named in a way that I would not write it (e.g. name_middle_last . . . . . I never use underscores for file names . . . never) This file was deleted by me after viewing it’s contents. And the computer has been acting a bit buggy- fast as it should be and then slow for no reason and all of my mp3 file associations were changed to play with WMP instead of Jet Audio (but I did recently download that U2 album from iTunes) and the security and privacy settings in WMP (Windows Media Player) were inexplicably changed . . . . . .

I did have an issue recently where I used the New Spybot Search and Destroy and it made some changes to Windows that caused the “this copy of Windows is not genuine” black screen error but was able to fix it: 1) First I did a Windows system restore and a registry restore [ERUNT/NTREGOPT ] and then I went to and used that fix which I don’t remember working . . . I think I finally just went to Computer and right-clicked Computer/Properties and reactivated it with the # requested (it took me awhile to remember it was on the computer itself and not written down somewhere.

For a computer that I have had for a long time w/o any issues it is suddenly breaking bad six ways to Sunday! But the card # was stolen before the system/registry restores and I found the weird file before we were alerted about the card.

I also (yesterday or the day before) used “Wipe Free Space” on CCleaner if that means anything.

I am disabled and hardly ever leave my home so this computer is very important . . . Please Help! Thank You for Your Time and Expertise! J

I had to attach the OTL file because I could not post all logs at the same time!

OTL Extras logfile created on: 9/16/2014 3:38:06 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wilson\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.17280)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 5.70 Gb Available Physical Memory | 72.12% Memory free

15.79 Gb Paging File | 13.28 Gb Available in Paging File | 84.11% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 909.87 Gb Total Space | 554.14 Gb Free Space | 60.90% Space Free | Partition Type: NTFS

Drive D: | 21.35 Gb Total Space | 2.27 Gb Free Space | 10.62% Space Free | Partition Type: NTFS

Computer Name: WILSON-HP | User Name: Wilson | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)

Directory [ACDSee 15.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSeeQV15.exe" "%1" (ACD Systems International Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- C:\Program Files\Hewlett-Packard\HP Application Assistant\HPAA.exe %1 (Hewlett Packard Company)

Directory [ACDSee 15.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSeeQV15.exe" "%1" (ACD Systems International Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)

"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00D01D1E-56E6-45C8-9923-F39B0EB2AF06}" = lport=10243 | protocol=6 | dir=in | app=system |

"{035F1A2E-3D3F-45E4-900E-8362D5D819B4}" = rport=138 | protocol=17 | dir=out | app=system |

"{0A8B61E5-3B30-4C41-92BF-EBD372761A61}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{1219FF54-8ADD-4B0D-A7D5-8214419106ED}" = lport=51001 | protocol=6 | dir=in | name=dragon smart phone server |

"{1C8DF11E-87A3-4DEE-9EEA-282CBD6C4352}" = rport=445 | protocol=6 | dir=out | app=system |

"{2D63EAEA-797D-48F8-8F49-C9CDEC3FE666}" = rport=137 | protocol=17 | dir=out | app=system |

"{373BC9DE-E1D2-4C69-B0E0-06948692A13D}" = rport=10243 | protocol=6 | dir=out | app=system |

"{3C25CE43-E530-472E-B4D5-8CCA8E54D773}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{3D60F3BA-5356-496C-8365-89F6B4FBF091}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{4C11B010-CFD3-46F9-B3E1-45B939D217D3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{4E015E56-4CC8-4F08-AEA8-BF97F6C56B13}" = lport=139 | protocol=6 | dir=in | app=system |

"{7B36D88F-E6DB-45B9-999A-D547942CEC67}" = lport=51001 | protocol=6 | dir=in | name=dragon smart phone server |

"{93F38660-BC51-41A3-B33C-BD57B1A00B3B}" = lport=138 | protocol=17 | dir=in | app=system |

"{9CF2584B-EFBF-4F97-A361-619537DAEAE8}" = lport=445 | protocol=6 | dir=in | app=system |

"{A10E25BF-048B-4119-AFAA-FF21C32BF447}" = rport=139 | protocol=6 | dir=out | app=system |

"{A28610EF-A635-46D9-AB0A-BB77EE2D669F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

"{ACAC2AE4-E479-4298-9841-1A0D546D7417}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

"{ACD7DF07-7947-4DC0-856A-B71616ED6857}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{B20D9264-01BB-43AC-99A2-E0377ED6856F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{B65202DA-048A-4F52-AF7F-D12D289F73B6}" = lport=137 | protocol=17 | dir=in | app=system |

"{C0649740-D94E-43CC-A443-783B8B2040CB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{C39ADEF6-FCFB-4591-9259-E949DBEAF8A9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C6E1E027-0F65-4DBB-A12A-272690179396}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{CC6D8731-4D37-4BB9-BDE7-B5A698F737A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{DA3EA944-B80F-4489-857B-4AAF1B75F1A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{EA33C78B-74D5-481B-B17F-A9DA61E29AAB}" = lport=2869 | protocol=6 | dir=in | app=system |

"{F1FCEF77-93A4-40CB-BD99-D6A9A4D18568}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |

"{FC5742EA-2EEB-40EE-A281-D66A423E047E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0532A7B7-3B13-4828-88F3-AA6C8A0D203E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{06164A8D-D51C-4596-992D-CC646ECA3D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |

"{07120790-9B5C-4308-A1C7-A4EBB1F1564F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{08FA4D1B-5BC8-4003-91AF-A0D06EB017E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{14F18BAB-C932-44D5-B82A-D80B0EEDE300}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{184966AF-B174-4C0C-B456-184380E68668}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{1C6CE894-5916-4697-9F6F-8D7DA30ADF15}" = dir=in | app=c:\users\wilson\appdata\local\facebook\video\skype\facebookvideocalling.exe |

"{1CC8CA76-FEDB-4DF3-B18F-D29C6691E97A}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |

"{1FF65723-6961-4B74-933D-427D9ACABB1C}" = dir=in | app=c:\users\wilson\appdata\local\microsoft\skydrive\skydrive.exe |

"{2999789C-FC94-41D6-AC50-BB2A6DBC59FC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

"{2C68488B-6685-401B-B6B6-F6AA9F64C462}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{30619996-2116-4374-B153-1BE5ECBA8500}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{38D6C94A-B98B-486C-8650-B77F8A7B3AA9}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{3D1774B2-0C04-40A0-9892-729067C5C927}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{40E9D8C7-969C-46B1-86F4-0D108FA35354}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{47BC7567-4146-4604-952D-2AD4A02B2706}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctmon.exe |

"{48287D78-5A8A-4A71-ADCB-6D82D0047D74}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctaiox.exe |

"{48B6F41E-F4F3-45AF-9CA4-80737AFE2A10}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |

"{4A5C206A-07A6-4D75-927B-1D243C5C5B8D}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{53454E8D-8B8B-4034-8A76-12A94339213D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{550ABE86-2EA3-4007-B928-6320D394DD0C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

"{5A03255B-9BAE-4B60-981B-146D119465BC}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxctcoms.exe |

"{5A9847FF-6102-4A86-8465-506DAC69B10E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{5AE3A972-CB38-4536-A46A-463286B1A87B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5C5421AA-1DA9-4A75-B1EF-83D0CE8EF98D}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |

"{60D32B10-6590-4A92-B52E-BAC9F9A18715}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxctcoms.exe |

"{68A10044-ACCF-4039-8405-EE08EAD7E0E6}" = protocol=17 | dir=in | app=c:\windows\system32\lxctcoms.exe |

"{6BFBCDA7-9FBD-4733-B30B-225F079A9120}" = protocol=6 | dir=in | app=c:\windows\system32\lxctcoms.exe |

"{6CF4CA27-7B9A-41E4-B15D-038E47046EC6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{6D473495-5EF8-4323-98F9-187832D355EF}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |

"{76A01954-F078-4AE5-B198-82C8821612C1}" = protocol=6 | dir=in | app=c:\windows\system32\lxctcoms.exe |

"{793ED8FB-D707-424B-B339-7B704738EF58}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7A1F2906-BA4A-4215-92AD-D23CCF703F11}" = dir=in | app=c:\program files (x86)\skypewebplugin\skypewebplugin.exe |

"{7D49ECE7-909A-49A3-9220-E38229097BFE}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxctcoms.exe |

"{7FD1B486-A2B6-41F6-BC35-CBBDD245FF12}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |

"{803504C6-3833-4275-8C57-384074EEC6C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{8D239006-C307-43C3-9811-C9FDA5697A32}" = protocol=6 | dir=out | app=system |

"{8D710BD1-1DF9-4EF2-B495-244314DBF9A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{8F2B2552-D23B-494E-AD8E-F5610F91F436}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctaiox.exe |

"{92DBF4D6-3752-4A5C-801E-CFAB22FAB694}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctmon.exe |

"{A8989AEF-8958-456A-8CB1-85DA5AA93A20}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxctcoms.exe |

"{A96EE06A-BD9D-4E80-A65F-688DAAD7AF7B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{AC2BCB0D-6244-4A7F-9471-BDB579B423A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{AD5C0609-335A-465B-8AB5-40A04EDF25B0}" = protocol=6 | dir=in | app=c:\program files (x86)\expressfiles\expressdl.exe |

"{AD825C08-461C-409F-A697-192D400DCF11}" = protocol=17 | dir=in | app=c:\program files (x86)\expressfiles\expressfiles.exe |

"{B890E83C-64EF-4DA9-B916-5693EA2E0002}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{BB532E02-C33D-40EC-A955-4ABBA00F595E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{BC3D9624-C5AA-4310-B914-C907221BB44B}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |

"{BC7382B2-3D12-4396-A825-20F5D54BF9AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{BE478EB9-C9B0-413E-ADA7-8A0A81AAC3FF}" = protocol=17 | dir=in | app=c:\windows\system32\lxctcoms.exe |

"{C5C63702-8F6A-4176-91A8-E4AF7837866C}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctmon.exe |

"{C936F36B-2845-421C-BE34-23AAEB614FC2}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |

"{CBBA3B25-859C-49F6-AA2D-59A381F2FD92}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{CBDBC24A-0CCB-4F60-9DF6-04BA0BA0A038}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{CC792E30-F5AB-453D-B22C-1B7F25DAA671}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{D283CBAB-A777-497D-8223-0D96CC234B7E}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctaiox.exe |

"{D37A3675-5B96-41AF-B50B-6E69C74C8C16}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{D771210B-2CF1-4879-A7AC-6572068BD9F1}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |

"{DBF3F8A1-B67F-4276-ACFC-8603B9447B7B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{DEC158A4-F4D2-425C-9364-A154678234BC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{E436531C-9E32-48AB-A087-FA798DDA6FB4}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |

"{EB4900DA-DB58-47F7-B30C-F7B99D313E70}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctaiox.exe |

"{EBFA2E99-8147-482C-A050-C05CC8BD7608}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{F090B02F-7B3F-4AE7-A047-A94866A56B43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{F34A5FD8-1300-46AF-BCC9-6B6AFAEA07A3}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{F5496A7E-7A00-4E82-BB06-C00A8A50837A}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |

"{FC7D689C-4617-41D1-8CE8-123F64591F5C}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |

"{FF91A63B-7F66-4463-9185-04402037C2F3}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5400 series\lxctmon.exe |

"TCP Query User{3C9484D2-F122-40D3-88C9-A0570405E75A}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |

"TCP Query User{47585D1A-4DEE-4190-8425-195B15A875E7}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

"TCP Query User{7C7DF87B-E7D7-482F-8D90-235C3680B66B}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=6 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |

"UDP Query User{0EF04CB1-D4D7-456D-9420-818FF607A041}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |

"UDP Query User{3CE585CD-4CAA-4984-BB20-149DDA29D9E8}C:\program files (x86)\netgear genie\bin\netgeargenie.exe" = protocol=17 | dir=in | app=c:\program files (x86)\netgear genie\bin\netgeargenie.exe |

"UDP Query User{612BF43B-4868-4BAA-917D-85DF5241A375}C:\program files (x86)\microsoft office\office14\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00B20CF6-BAD0-42C4-899E-A64C7571AEAE}" = Samplitude Music Studio 2013 Soundpools

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0CE7EBAF-157D-4111-9146-057CB2A4023E}" = HP Application Assistant

"{133EB8D9-5062-4A78-9113-336CFBAA016E}" = Samplitude Music Studio 2013 (Introductory videos)

"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1B279088-8B2A-4AA9-855B-122275D6CCB2}" = Samplitude Music Studio 2013 (Solo Jam-Session & Easy-Recording Content)

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{2336F421-285B-4B6D-83CB-49B3F74E56D5}" = Vita Bass Machine

"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services

"{30AEB310-7BAE-4735-96EA-5536B9CFE334}" = Samplitude Music Studio 2013

"{442935B7-87F8-4D86-9E76-41F5A0D82132}" = Blaine's Cartoonify Effects

"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard

"{5540FF8F-6989-4E17-933F-A4AA52EDA637}" = Vita 2 add-on content

"{55D26DFF-A664-461A-A66C-7BC2F13464E8}" = Samplitude Music Studio 2013 (Object synthesizers)

"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box

"{5C99FF7E-6FBD-4A39-A95E-3331010B4453}" = Vita World Percussion

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client

"{68B339B3-DB31-43A7-8A4E-B1461A35E525}" = Vita Rock Drums

"{68FC6918-8EAB-458E-8C16-04B7A79A09CF}" = Samplitude Music Studio 2013 (Demo projects)

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{705EE775-5776-48FD-B704-C3C9CF535420}" = Intel® PROSet/Wireless for Bluetooth® + High Speed

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96F42FA9-4F2C-4FF8-A2A7-9ED57B9621B1}" = Vita String Ensemble

"{9E3660DD-FEAC-4A92-AA4F-B3B73CE35403}" = Samplitude Music Studio 2013 (Independence)

"{A7395F20-2B22-4CB8-8510-B452C0F47E02}" = Movie Maker 6.0 for Windows 7 (64-bit)

"{A8A090CA-5FBE-4CA3-B596-7DA41BE11DE8}" = MAGIX Speed burnR (MSI)

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{BAA0BE9B-9E6D-4802-91CB-FB7ED5CD4BEF}" = Intel® PROSet/Wireless WiFi Software

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{C3EF45FC-A7D8-47A6-B66E-01D7FB3BE54B}" = Vita 2

"{C6E57DC0-5699-47D4-9263-CEE00A4BB1FC}" = Windows Live MIME IFilter

"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto

"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

"{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}" = Validity WBF DDK

"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64

"{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}" = AuthenTec TrueAPI 64-bit

"{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}" = HP Security Assistant

"CCleaner" = CCleaner

"Lexmark 5400 Series" = Lexmark 5400 Series

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7

"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense

"{16E46BCF-3D36-4353-9BCB-344F7812CEDE}" = Photo Gallery

"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}" = HP Software Framework

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F52F36E-895D-4E01-B4D4-E23C4FA4193B}" = simplitec simplicheck

"{1F9E8447-9B82-45D5-A6D7-2A4CB874111F}" = Windows Live Mail

"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{24758B1D-9345-4538-A69A-05660F63A296}" = Junk Mail filter update

"{2C8CC208-965C-48A1-90A8-DFB484358F1C}" = FaxRedist

"{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}" = Next Generation Visualisations

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{34C821CA-6B55-44A0-8A9B-2EF471D6019E}" = HP SimplePass

"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource

"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{4260CAAE-D108-4223-A1C5-96B67062FE86}" = Windows Live Installer

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth

"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch

"{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video

"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"{59307833-CB98-4440-B644-0CD352F61907}" = Windows Live PIMT Platform

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call

"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection

"{7204BDEE-1A48-4D95-A964-44A9250B439E}" = Facebook Messenger 2.1.4814.0

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72D9236D-C6EA-4DA6-A18C-CC24521A70D4}" = Windows Live Mail

"{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18

"{7C0791D9-F1FB-48DD-B8E4-662BDAE42357}" = Windows Live Messenger

"{80E311AD-3A9C-45C7-A403-8FF3F7609764}" = Windows Live Writer

"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software

"{8C22A294-DBBA-445F-B55C-E26817CCFE69}" = Movie Maker

"{8CE152BA-1D16-11E1-867D-984BE15F174E}" = Evernote v. 4.5.2

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110

"{8F66BFDE-B213-48E2-93EF-7151277A2916}" = Windows Live SOXE Definitions

"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter

"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{94532CD5-C66D-49E3-9131-5FB04D7647A1}" = Windows Live UX Platform

"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

"{9797D7BA-A333-4DF1-AF55-AC745D216EDB}" = Windows Live Writer

"{983FA94A-A7DD-40B1-B7F9-F45D2B4FD1DE}" = Windows Live Photo Common

"{99E82553-9654-4FB7-8DB3-900C0FDB1A70}" = Windows Live Writer Resources

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin

"{9EAAB95B-17B6-43CF-B4E9-4A90937C83FD}" = Blio

"{A2F4B74E-D722-4D9E-817B-F58F32A55A51}" = Windows Live UX Platform Language Pack

"{A59A15E8-2B9B-490D-916E-D608A9D0D295}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9FFEC6C-9C44-4597-8E23-EDD78BF5D0B2}" = Windows Live Communications Platform

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.11) MUI

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager

"{B288E426-9954-451C-B811-B0F234CF0EDD}" = HP Documentation

"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy

"{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}" = Skype Web Plugin

"{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}" = ACDSee 15

"{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}" = HP Connection Manager

"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader

"{C201BDF9-1C27-46F8-A248-F4469C9FC27C}" = Photo Common

"{C71067FC-288F-4E0B-88C6-44DFDA8311E2}" = System Requirements Lab for Intel

"{C87DF7BB-4F5C-4BBE-B041-A59FFF4A1D07}" = Windows Live SOXE

"{C95AEB53-7FAE-4257-97AF-7136E8D9F9CA}" = Movie Maker

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software

"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager

"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager

"{DF7DC45D-8A3C-490C-A70F-8C6A6189EDF9}" = Photo Gallery

"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Plus

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio

"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime

"{E5E83E00-1144-4821-B6B6-7A16C41EFC39}" = Windows Live Messenger

"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display

"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker

"{EFEDD205-43FE-4208-B682-0937E803E19E}_is1" = NexusFont 2.5 (ver 2.5.8.1582)

"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® OpenCL CPU Runtime

"{FCEDADE3-1C8A-4858-BE93-360168178BB2}" = Windows Live Essentials

"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop 7.0" = Adobe Photoshop 7.0

"Adobe Shockwave Player" = Adobe Shockwave Player 12.1

"Amazon Kindle" = Amazon Kindle

"aTube Catcher" = aTube Catcher

"Bulk Image Downloader_is1" = Bulk Image Downloader v4.49.0.0

"Caesium" = Caesium 0.1.1

"DFX" = DFX

"DivX Setup" = DivX Setup

"ERUNT_is1" = ERUNT 1.1j

"Google Chrome" = Google Chrome

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{54A4839E-87F8-4BD1-9682-A349E9943F0A}" = Amazon Unbox Video

"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"Logitech Vid" = Logitech Vid HD

"MAGIX_{133EB8D9-5062-4A78-9113-336CFBAA016E}" = Samplitude Music Studio 2013 (Introductory videos)

"MAGIX_{1B279088-8B2A-4AA9-855B-122275D6CCB2}" = Samplitude Music Studio 2013 (Solo Jam-Session & Easy-Recording Content)

"MAGIX_{30AEB310-7BAE-4735-96EA-5536B9CFE334}" = Samplitude Music Studio 2013

"MAGIX_{55D26DFF-A664-461A-A66C-7BC2F13464E8}" = Samplitude Music Studio 2013 (Object synthesizers)

"MAGIX_{68FC6918-8EAB-458E-8C16-04B7A79A09CF}" = Samplitude Music Studio 2013 (Demo projects)

"MAGIX_{9E3660DD-FEAC-4A92-AA4F-B3B73CE35403}" = Samplitude Music Studio 2013 (Independence)

"MAGIX_{A8A090CA-5FBE-4CA3-B596-7DA41BE11DE8}" = MAGIX Speed burnR (MSI)

"MAGIX_GlobalContent" = MAGIX Content and Soundpools

"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012

"Max Recorder" = Max Recorder

"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NETGEAR Genie" = NETGEAR Genie

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"WildTangent hp Master Uninstall" = HP Games

"WinLiveSuite" = Windows Live Essentials

"Winstep Xtreme_is1" = Nexus 12.2

"Wisdom-soft ScreenHunter 6.0 Free" = Wisdom-soft ScreenHunter 6.0 Free

"WTA-00ada7cc-f17f-4ebe-90b9-77c0224a4c5d" = Torchlight

"WTA-0d29098d-535d-4a16-9a74-04f9ced0ed5b" = Poker Superstars III

"WTA-108b7fe8-e299-4a9b-81c3-6408e0cd7b2c" = Mah Jong Medley

"WTA-15d0e09d-ee26-47d7-8a61-c0c7957fb6dc" = Polar Bowler

"WTA-1f95e72a-73de-497d-ac3b-01e755a5c5f9" = Dora's World Adventure

"WTA-2c0548c3-c14f-4343-b09d-96038e4b3f9b" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition

"WTA-3e508514-1eba-49d6-b06c-cf2d3cdc2c97" = Luxor HD

"WTA-3ecbf827-5b35-4469-8a0c-ad26025165c2" = Bejeweled 3

"WTA-464ce38e-b445-4df4-9e00-4cec57644732" = Final Drive Fury

"WTA-498ad2d7-ad48-48aa-acdb-84aa7c7a62c1" = Penguins!

"WTA-50f5e074-c6cb-47e0-a2f0-e499667e4cb2" = Farmscapes

"WTA-5adc7fc4-c504-4681-b15d-9a2f7f43f4ff" = Virtual Villagers 4 - The Tree of Life

"WTA-67b4e5c8-a2a5-40f4-a0ba-491211841ae1" = Zuma's Revenge

"WTA-81b9b33d-2c1f-4d0e-a0da-19830bb6ec9d" = The Treasures of Mystery Island: The Ghost Ship

"WTA-8b2c5017-ecad-463b-b635-c6163bd73b3b" = FATE

"WTA-9721e4a9-a0e2-471f-a928-cc2428d9f6c1" = Plants vs. Zombies - Game of the Year

"WTA-99c60d94-aacb-462e-95d7-6c748d26e799" = Polar Golfer

"WTA-9ada8ca7-9d40-42e1-a921-febaaff1d611" = Letters from Nowhere 2

"WTA-a156ef82-63c9-4058-a435-b40b2387dc79" = Blackhawk Striker 2

"WTA-a2b85580-a3ad-4d33-9f3a-a95cb2c09417" = John Deere Drive Green

"WTA-ad36cb5c-69f2-4ef8-9a85-5c2db7d0c042" = Hoyle Card Games

"WTA-bbcc10c4-aa38-4377-b033-9f194e0667bf" = Chuzzle Deluxe

"WTA-c6f5b468-a99b-4543-b9ed-7781613acb99" = RollerCoaster Tycoon 3: Platinum

"WTA-df96d72f-6ea7-46ec-9466-9d3fc24c794f" = Jewel Match 3

"WTA-e3eb62fb-1f5f-429f-b4fa-207acd132570" = Cradle of Rome 2

"WTA-f85b4d05-60ec-46fd-83cc-ed1a3d4def70" = Farm Frenzy

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 9/15/2014 7:05:36 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/15/2014 8:45:08 AM | Computer Name = Wilson-HP | Source = Google Update | ID = 20

Description =

Error - 9/15/2014 10:51:44 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/15/2014 7:04:39 PM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 4:52:28 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 9:43:14 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 10:59:30 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 11:47:55 AM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 12:48:07 PM | Computer Name = Wilson-HP | Source = WinMgmt | ID = 10

Description =

Error - 9/16/2014 2:45:05 PM | Computer Name = Wilson-HP | Source = Google Update | ID = 20

Description =

[ HP Connection Manager Events ]

Error - 9/13/2014 2:20:38 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/13 14:20:38.804|000015D0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/14/2014 11:49:02 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/14 23:49:02.635|00000E64|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/15/2014 1:52:33 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/15 13:52:33.182|000006D8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/15/2014 1:52:33 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/15 13:52:33.182|000006D8|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/15/2014 8:31:01 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/15 20:31:01.153|00001924|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/15/2014 8:31:01 PM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/15 20:31:01.153|00001924|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/16/2014 11:45:15 AM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/16 11:45:15.674|000019BC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/16/2014 11:45:17 AM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/16 11:45:17.682|000019BC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/16/2014 11:45:19 AM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/16 11:45:19.686|000019BC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

Error - 9/16/2014 11:45:21 AM | Computer Name = Wilson-HP | Source = hpCMSrv | ID = 5

Description = 2014/09/16 11:45:21.730|000019BC|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged

failed [hr:0x800706BA]

[ HP Software Framework Events ]

Error - 1/8/2014 6:47:13 PM | Computer Name = Wilson-HP | Source = CaslSmBios | ID = 5

Description = 2014/01/08 17:47:13.265|00000DD8|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception