First of all, I'd like to thank all the volunteers on this forum who offer technical assistance. Many of us would be completely lost without your guidance!
===============================================
MY STORY:===============================================
I'm a web developer and my laptop started experiencing strange symptoms, originally in November 2012 (3 months ago). The first sign of problems was when a coworker at work complained that my yahoo account had sent him some spam. Upon logging in to my YMail, I discovered that several contacts had been messaged from my account. I immediately ran MalWareBytes and a scan with MS Security Essentials (after successfully updating, of course). To my recollection, between MBAM and SE they found 2-3 malicious softwares (sorry, don't remember what it was). I selected to removed the offenders in both programs, rebooted, re-scanned -- nothing found. I concluded at the that point that all the malware was gone and then proceeded to change my YMail password. Everything seemed fine.
For the record, I wasn't ever able to identify what freeware/website/email was the actual trojan that opened the door for the baddies. I'm aware of security issues as a developer and rarely get infected because I have SE and MalwareBytes. But, ever since some profit-seeking corporation bought MBAM and converted to a pay-model, it seems like the converted once free functionality (like real-time protection) to a premium option. OTOH, the fact that I'm frustrated and upset from chasing this for over a week now on my only computer may be clouding my memory. Perhaps real-time malware protection WAS ALWAYS A PREMIUM OPTION?
Moving on then, we forward to about 2 weeks ago when out of the blue the mass spamming from my email account starts up again. At this point, I've already changed my email password, so the only way I can think they would have gotten access to my account are these:
1) Facebook Games -- nope - I don't allow or install or participate in facebook games or apps.
2) Clicking on a suspicious email -- maybe, but I consistently delete without reading, and never click on links, suspicious emails including ones with no header, adult content, foreign characters (it'd be nice if Yahoo could figure out how to filter emails with kanji in the title and send it to spam for me! -- I did some cursory research into matching kanji/hirigana to ASCII characters, but didn't find any clear answers), and "Spanish Prisoner" please. I'm not sure what else I might be doing wrong? Perhaps what I used to do in the past that worked is not sufficient for the new ITW viruses and malware methods??
3) Freeware -- I'm a strong believer in open source, so I do download a lot of free softwares. I do a significant amount of due diligence reading reviews of the product, then researching the credibility of the site that published the review, then searching for what users are saying about similar softwares, etc. Needless to say I am VERY THOROUGH in my research. I'm aware that sometime freeware is supported by adware piggybacked on and I ALWAYS PAY ATTENTION to any toolbars or "partner" software it wants to install. I ALWAYS uncheck any toolbars or partner softwares and also any "product improvement" participation options.
Within the last 2 weeks I can identify several freewares that I have downloaded:
* I've used Shareaza for P2P for years, but due to recent sluggish performance I investigated other clients. I installed and tested FrostWire and subsequently removed it, because it was seriously lacking for my purposes.
* For some reason, MagicISO wouln't decompress a .bin file so I researched and installed IZArc. I noticed it had a significant amount of adwares it tried to download, but I've always looked at that as an idiot-tax (if you don't read the instructions/fine print and just click next then you deserve what you get) so I always avoid the idiot tax by paying careful attention and as I said previously, uncheck all the spywares and partner options. Which I did in this case. I'd like to note however, that process on this was more convoluted than on most -- like they weren't just trying to get the ones who just clicked next, but rather like they were actually trying to be deceptive with their wording and such ... "QUIT" instead of "SKIP" for optional components (adware), etc. However, my issues with the email spamming occured weeks before and the program performed perfectly, decompressing my .bin file.
* Rar/Zip password crackers -- Though I usually keep track of my passwords, I unfortunately have some important archives that I can't access anymore. So I researched "password cracker"/"Password recovery" and tested a few of the softwares. I removed them all because they either relied on a dictionary or did a brute force attack and either way, over a day later password still not found, so I gave up on that whole concept.
* Last week a bought a USB Blu-Ray burner and was unable to burn several files due to Windows XP long file names. I subsequently researched and installed several freewares to shorten long file names. Unfortunately, none of them worked, and one was a pay tool, "*SPAM*" which was advertised as free and fully-functionioning, but it wasn't fully-functioning -- they had hobbled it so that you only get to edit the files found by paying for a key. Psssh. Most of these were .exe files and I scanned them all with MSSE before actually launching.
* Downloaded and installed **Torch** web browser, which I discovered while researching how to speed up torrents. That may have been a mistake. It seemed to work fine for about a week, but now the only indication that it could contain malware is that I was unable to remove it from ADD REMOVE PROGRAMS, nor from CCLEANER's uninstall feature. When trying from cCleaner got "Error: 193-" message.
* BTW: What's this I hear about 'Everything.exe' being malware? There are no ads, no popus, scans fine with security software, and is one of the most useful free tools I have. I'd hate to have to dump it if is a false positive. The log analyzer told me it was malware here:
My HijackThis report4) Cracked Wares with evil payloads -- I don't believe I have any illegal software on my system. My OS is OEM I would guess because it is an HP-Employees-Only branded image.
===============================================
SYSTEM INFO:===============================================
os: WIN XP SP3
Main Browsers: Firefox & Chrome (rarely use IE)
Security Software Used Before Coming To Computer Hope:
- MalwareBytes Anti-Malware (free)
- MS Security Essentials
- HijackThis
- PeerBlock
- I had windows firewall on, but it seems to have gotten shut off somehow
===============================================
LOGS:===============================================
*****************************************
AdwCleaner*****************************************
# AdwCleaner v2.112 - Logfile created 02/13/2013 at 14:10:43
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : nunya - NC6120
# Boot Mode : Normal
# Running from : C:\Documents and Settings\nunya\Desktop\PIRIFORM FORUM AV-AS Tools\adwcleaner0.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
File Found : C:\END
Folder Found : C:\Documents and Settings\All Users\Application Data\APN
Folder Found : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\35d77rst.fffb\extensions\staged
Folder Found : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\4o9bu7p8.Rahul\extensions\staged
Folder Found : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\8tbqrp6l.ericTest\extensions\staged
Folder Found : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\sn1z9clt.myTest\extensions\staged
Folder Found : C:\Documents and Settings\nunya\Local Settings\Application Data\APN
Folder Found : C:\Program Files\WebEnhancements
***** [Registry] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Ask&Record
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\Software\eRightSoft\OpenCandy
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\TENCENT
Value Found : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v18.0.2 (en-US)
File : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\35d77rst.fffb\prefs.js
[OK] File is clean.
File : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\4o9bu7p8.Rahul\prefs.js
[OK] File is clean.
File : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\8r59xdmj.default\prefs.js
Found : user_pref("browser.search.defaultenginename", "Funmoods");
Found : user_pref("
[email protected]", true);
Found : user_pref("extensions.funmoods.aflt", "download");
Found : user_pref("extensions.funmoods.autoRvrt", false);
Found : user_pref("extensions.funmoods.dfltLng", "");
Found : user_pref("extensions.funmoods.dfltSrch", true);
Found : user_pref("extensions.funmoods.dnsErr", true);
Found : user_pref("extensions.funmoods.envrmnt", "production");
Found : user_pref("extensions.funmoods.excTlbr", true);
Found : user_pref("extensions.funmoods.hmpg", false);
Found : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd[...]
Found : user_pref("extensions.funmoods.id", "001F3B94FEBBD1E1");
Found : user_pref("extensions.funmoods.instlDay", "15631");
Found : user_pref("extensions.funmoods.instlRef", "download");
Found : user_pref("extensions.funmoods.isdcmntcmplt", true);
Found : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.228:27:49");
Found : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Found : user_pref("extensions.funmoods.newTab", false);
Found : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&[...]
Found : user_pref("extensions.funmoods.prdct", "funmoods");
Found : user_pref("extensions.funmoods.prtnrId", "funmoods");
Found : user_pref("extensions.funmoods.smplGrp", "none");
Found : user_pref("extensions.funmoods.srchPrvdr", "Search");
Found : user_pref("extensions.funmoods.tlbrId", "base");
Found : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=download&chnl=downloa[...]
Found : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Found : user_pref("extensions.funmoods.vrsnTs", "1.5.23.228:27:49");
Found : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Found : user_pref("extensions.funmoods_i.newTab", false);
Found : user_pref("extensions.funmoods_i.smplGrp", "none");
Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.228:27:49");
File : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\8tbqrp6l.ericTest\prefs.js
[OK] File is clean.
File : C:\Documents and Settings\nunya\Application Data\Mozilla\Firefox\Profiles\sn1z9clt.myTest\prefs.js
[OK] File is clean.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\nunya\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v11.61.1250.0
File : C:\Documents and Settings\nunya\Application Data\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [5493 octets] - [13/02/2013 14:10:43]
########## EOF - C:\AdwCleaner[R1].txt - [5553 octets] ##########
*****************************************
MBAM *****************************************
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.orgDatabase version: v2013.02.13.09
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
nunya :: NC6120 [administrator]
2/13/2013 2:18:55 PM
mbam-log-2013-02-13 (14-18-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 255037
Time elapsed: 4 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
*****************************************
DDS - dds.txt
*****************************************
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by nunya at 14:31:01 on 2013-02-13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.753 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\FolderSize\FolderSizeSvc.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Remote tools\msraLinkMonitor.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radexecd.exe
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\radsched.exe
C:\Program Files\Hewlett-Packard\PC COE 3\OV CMS\Radstgms.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\RunDll32.exe
c:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PeerBlock\peerblock.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Hewlett-Packard\PC COE\COEMsgDisplay.exe
C:\Program Files\Audacity\audacity.exe
C:\Program Files\Everything\Everything.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files\HP\HP Officejet Pro 8600\bin\HPNetworkCommunicator.exe
C:\Program Files\HP\HP Officejet Pro 8600\bin\HPNetworkCommunicator.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k HPService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uWindow Title = Microsoft Internet Explorer provided by Hewlett-Packard
uSearch Bar = hxxp://search.portal.hp.com/search/
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Google Update] "c:\documents and settings\nunya\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [OV2_Monitor] "c:\program files\olympus\olympus viewer 2\OV2Monitor.exe" -NoStart
uRun: [HP Officejet Pro 8600 (NET)] "c:\program files\hp\hp officejet pro 8600\bin\ScanToPCActivationApp.exe" -deviceID "CN298BWHSY05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Power2GoExpress] NA
mRun: [WatchDog] c:\program files\intervideo\dvd check\DVDCheck.exe
mRun: [UpdateManager] "c:\program files\common files\sonic\update manager\sgtray.exe" /r
mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [IDA] c:\program files\hewlett-packard\pc coe\IDA.EXE
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [hpqSRMon] <no file>
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\nunya\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\nunya\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\nunya\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dvdche~1.lnk - c:\program files\intervideo\dvd check\DVDCheck.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoMSAppLogo5ChannelNotify = dword:1
mPolicies-System: legalnoticecaption = Hewlett-Packard Internal Use Only
mPolicies-System: legalnoticetext = This is a private system operated for Hewlett-Packard company business. Authorization from HP management is required to use this system. The HP Standards of Business Conduct and all HP Information Security policies and standards must be strictly followed. Use by unauthorized persons is prohibited and may result in civil and/or criminal liability and prosecution.
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {21196042-830F-419f-A594-F9D456A6C29A} - c:\program files\timeleft3\TLIntergIE.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - c:\program files\amazon\add to wish list ie extension\run.htm
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/Windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1287624190687
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5989A3F4-5CEB-4375-9AA8-88F391614391} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: NavLogon - <no file>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.pcc.edu/admissions/dual/|http://www.hawkeyecollege.edu/academics/programs/information-technology/web-design-and-development/default.aspx|http://www.google.com/#q=just+checking&hl=en&safe=off&biw=1440&bih=727&fp=1&bav=on.2,or.r_gc.r_pw.r_qf.,cf.osb&cad=b|http://hotspot.ovatn.net/airlock/login/?gw_address=10.7.52.1&gw_port=2060&gw_id=752&gw_mac=00-12-17-CA-0A-FB&mac=00:1F:3B:94:FE:BB&url=http%3A//www.speakeasy.net/&__c9auth=1&__c9dis=1|http://www.hawkeyecollege.edu/academics/default.aspx|http://learnpythonthehardway.org/|http://www.python.org/download/|http://www.google.com/search?q=how+to+buy+a+car+on+craigslist&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a|http://www.google.com/search?q=why+is+mcdonalds+closed%3F&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a|http://news.yahoo.com/huge-ancient-civilization-collapse-explained-123449804.html|http://www.newser.com/story/146834/cops-shoot-naked-guy-eating-mans-face-on-highway.html
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\nunya\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\olympus\ib utilities\firefox plugin\npIbInst.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2012-12-30 20:50; {bee6eb20-01e0-ebd1-da83-080329fb9a3a}; c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
FF - ExtSQL: 2013-01-07 21:57;
[email protected]; c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\extensions\
[email protected]FF - ExtSQL: 2013-01-09 09:41;
[email protected]; c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\extensions\
[email protected]FF - ExtSQL: 2013-01-14 15:51;
[email protected]; c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\extensions\
[email protected]FF - ExtSQL: 2013-01-24 21:18; {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}; c:\documents and settings\nunya\application data\mozilla\firefox\profiles\8r59xdmj.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0BzyyE0F0E0B0B0DtC0EtCtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=85030786
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0BzyyE0F0E0B0B0DtC0EtCtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=85030786
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0BzyyE0F0E0B0B0DtC0EtCtN0D0Tzu0CtBzytCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=85030786&q=
FF - user.js: extensions.funmoods.id - 001F3B94FEBBD1E1
FF - user.js: extensions.funmoods.instlDay - 15631
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.228:27:49
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - download
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - download
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - true
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [2013-2-6 752128]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsla4bec46e;MpKsla4bec46e;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b3266e5f-4fa1-41a6-8dc9-9a79cdb300ed}\MpKsla4bec46e.sys [2013-2-13 29904]
R1 WMDrive;WMDrive;c:\windows\system32\drivers\WMDrive.sys [2011-9-13 65856]
R2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2013-2-6 3246040]
R2 msralinkmonitor;MSRA Link Monitor;c:\program files\remote tools\msraLinkMonitor.exe [2007-8-28 147456]
R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2012-7-13 769432]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088]
R2 radexecd;Radia Notify Daemon;c:\program files\hewlett-packard\pc coe 3\ov cms\radexecd.exe [2005-5-4 217268]
R2 radsched;Radia Scheduler Daemon;c:\program files\hewlett-packard\pc coe 3\ov cms\radsched.exe [2004-8-25 245940]
R2 Radstgms;Radia MSI Redirector;c:\program files\hewlett-packard\pc coe 3\ov cms\Radstgms.exe [2004-10-22 327860]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2013-2-6 167968]
R3 akbus;ActivCard Virtual Reader Enumerator;c:\windows\system32\drivers\akbus.sys [2007-4-6 13619]
R3 akpcsc;ActivCard Virtual PC/SC Device Driver;c:\windows\system32\drivers\akpcsc.sys [2007-6-27 9493]
R3 aksbus;ActivIdentity Virtual Reader Enumerator;c:\windows\system32\drivers\aksbus.sys [2007-4-6 13647]
R3 akspcsc;ActivIdentity Virtual PC/SC Device Driver;c:\windows\system32\drivers\akspcsc.sys [2007-6-27 10193]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2012-7-13 32896]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-5-14 36608]
R3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2011-5-25 19056]
R3 RadiaMsi;RadiaMsi;c:\windows\system32\drivers\radiamsi.sys [2004-9-10 21504]
R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [2007-5-14 47616]
S2 CLKMSVC10_B91CB6D3;CyberLink Product - 2013/02/10 16:29:55;c:\program files\cyberlink\powerdvd10\navfilter\kmsvc.exe [2012-5-9 242664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 actccid;ActivCard USB Reader V2;c:\windows\system32\drivers\actccid.sys --> c:\windows\system32\drivers\actccid.sys [?]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-3-1 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-3-1 3072]
S3 magaService;Lan Discover Agent;c:\program files\sygate\ssa\maga\maga.exe --> c:\program files\sygate\ssa\maga\maga.exe [?]
S3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\drivers\OlyCamComm.sys [2011-11-26 21648]
S3 PLTurbh;Prolific turbo filter driver for hdd;c:\windows\system32\drivers\plturbh.sys --> c:\windows\system32\drivers\plturbh.sys [?]
S3 PLTurbo;Prolific turbo filter driver for odd;c:\windows\system32\drivers\plturbo.sys --> c:\windows\system32\drivers\plturbo.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [1979-12-31 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-29 239336]
S4 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-11-22 3290304]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2010-9-17 370008]
.
=============== Created Last 30 ================
.
2013-02-13 18:04:43 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b3266e5f-4fa1-41a6-8dc9-9a79cdb300ed}\MpKsla4bec46e.sys
2013-02-13 18:01:42 -------- d-----w- C:\registryBkp_2013
2013-02-13 17:32:29 -------- d-----w- C:\EEEPCFR
2013-02-13 17:00:50 6991832 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b3266e5f-4fa1-41a6-8dc9-9a79cdb300ed}\mpengine.dll
2013-02-11 21:59:19 -------- d-----w- c:\program files\IZArc
2013-02-11 03:25:56 -------- d-----w- c:\program files\Unlocker
2013-02-11 02:39:08 -------- d-----w- c:\documents and settings\all users\application data\LightScribe
2013-02-11 02:31:07 -------- d-----w- c:\program files\Nero
2013-02-11 02:30:57 -------- d-----w- c:\documents and settings\all users\application data\Nero
2013-02-08 19:29:53 -------- d-----w- c:\documents and settings\nunya\local settings\application data\Power2Go
2013-02-08 19:08:03 115016 ----a-w- c:\windows\system32\MSINET.OCX
2013-02-08 19:08:03 102912 ----a-w- c:\windows\system32\Vb6stkit.dll
2013-02-08 19:08:03 102160 ----a-w- c:\windows\system32\VB6KO.DLL
2013-02-08 19:08:02 59904 ----a-w- c:\windows\system32\wbemdisp.tlb
2013-02-08 18:51:16 29480 ----a-w- c:\windows\system32\msxml3a.dll
2013-02-08 18:45:23 -------- d-----w- c:\documents and settings\nunya\local settings\application data\CyberLink
2013-02-08 18:43:39 -------- d-----w- c:\documents and settings\all users\application data\install_clap
2013-02-08 18:42:19 -------- d-----w- c:\documents and settings\all users\application data\CLSK
2013-02-07 01:27:30 167968 ----a-w- c:\windows\system32\drivers\afcdp.sys
2013-02-07 01:27:19 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2013-02-07 01:01:05 -------- d-----w- C:\A11
2013-02-06 19:54:59 854016 ----a-w- c:\program files\mozilla firefox\plugins\webex\500\nmac.dll
2013-02-06 17:26:02 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-02-03 22:21:29 -------- d-----w- C:\UTORRENT DOWNLOADS
2013-02-03 17:13:01 -------- d-----w- C:\UTORRENT TORRENTS
2013-01-26 04:39:10 51712 ----a-w- c:\windows\wc98pp.dll
2013-01-17 21:59:52 -------- d-----w- c:\program files\Lame For Audacity
2013-01-17 21:55:39 -------- d-----w- c:\program files\Audacity
2013-01-17 03:30:47 -------- d-----w- c:\documents and settings\all users\application data\APN
2013-01-17 03:23:11 -------- d-----w- c:\documents and settings\nunya\local settings\application data\Torch
2013-01-16 19:41:58 -------- d-----w- c:\program files\Git
2013-01-15 16:30:16 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2013-01-15 16:30:16 -------- d-----w- c:\program files\Belarc
.
==================== Find3M ====================
.
2013-02-12 18:07:41 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-12 18:07:41 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-11 00:27:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-02-11 00:27:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-02-07 01:27:16 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2013-02-07 01:27:04 170528 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-31 05:47:29 50938 ----a-w- C:\registryBkp_2012.12.30_01.reg
2012-12-28 08:07:02 185066414 ----a-w- C:\registryBkp_2012.12.27_01.reg
2012-12-15 00:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-05-03 17:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 18:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 20:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-07 05:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
============= FINISH: 14:37:16.14 ===============
*****************************************
DDS - Attach.txt*****************************************
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/20/2010 1:59:26 AM
System Uptime: 2/13/2013 10:03:17 AM (4 hours ago)
.
Motherboard: Hewlett-Packard | | 30C1
Processor: Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00GHz | U10 | 1995/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 60.48 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) Wireless WiFi Link 4965AG
Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_10008086&REV_61\4&EB37384&0&00E1
Manufacturer: Intel Corporation
Name: Intel(R) Wireless WiFi Link 4965AG
PNP Device ID: PCI\VEN_8086&DEV_4229&SUBSYS_10008086&REV_61\4&EB37384&0&00E1
Service: NETw5x32
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Bluetooth LAN Access Server Driver
Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000
Manufacturer: Broadcom
Name: Bluetooth LAN Access Server Driver
PNP Device ID: {95C7A0A0-3094-11D7-A202-00508B9D7D5A}\BTWDNDIS\1&30EE4AD&0&1000000020000
Service: BTWDNDIS
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8500 A910
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet Pro 8500 A910
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Deskjet 3050 J610 series
Device ID: ROOT\MULTIFUNCTION\0001
Manufacturer: HP
Name: Deskjet 3050 J610 series
PNP Device ID: ROOT\MULTIFUNCTION\0001
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart Plus B210 series
Device ID: ROOT\MULTIFUNCTION\0002
Manufacturer: HP
Name: Photosmart Plus B210 series
PNP Device ID: ROOT\MULTIFUNCTION\0002
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Photosmart 7510 series
Device ID: ROOT\MULTIFUNCTION\0003
Manufacturer: HP
Name: Photosmart 7510 series
PNP Device ID: ROOT\MULTIFUNCTION\0003
Service:
.
Class GUID: {4D36E971-E325-11CE-BFC1-08002BE10318}
Description: Officejet Pro 8600
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer: HP
Name: Officejet Pro 8600
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
32 Bit HP CIO Components Installer
6400_Help
A+ 2006 Demo
Acronis True Image Home 2011
ActivCard Initialization Utility
ActivePerl 5.12.3 Build 1204
ActiveState Komodo IDE 6.0.1
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader Chinese Simplified Fonts
Adobe Reader Chinese Traditional Fonts
Adobe Reader Japanese Fonts
Adobe Reader Korean Fonts
Adobe Reader X (10.1.5)
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Agent Ransack 2010
Amazon Add to Wish List IE Extension 1.1
AmoK Playlist Copy 2.04
AMP Font Viewer
Any Video Converter 2.6.7
Any Video Converter Ultimate 4.4.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Verifier
ATI Display Driver
Audacity 2.0.2
Auto Gordian Knot 2.55
AviSynth 2.5
Belarc Advisor 8.3
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
Bulk Rename Utility 2.7.1.1
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
Color Cop 5.4.3
Compatibility Pack for the 2007 Office system
CyberLink BD_3D Advisor 2.0
CyberLink LabelPrint 2.5
CyberLink Media Suite 10
CyberLink MediaEspresso 6.5
CyberLink MediaShow 6
CyberLink Power2Go 7
CyberLink PowerDVD 10
CyberLink PowerProducer 5.5
Debugging Tools for Windows (x86)
diskMETA-Lite 1.0.1 (remove only)
DivineCoders Free PC Bible Code Software
DivX Setup
DocFetcher
doPDF 7.1 printer
Dropbox
dtSearch
DzSoft Perl Editor 5.8.3
EASEUS Data Recovery Wizard Professional 5.5.1
EASEUS Partition Master 3.0.2 Professional
EditPlus 3
Everything 1.2.1.371
Extreme Picture Finder 3.16
Ezvid
Fast Duplicate File Finder 1.1.0.0
Fax
FileZilla Client 3.5.3
Fix Player
Folder Size for Windows
FretPro V.2.00
GIF Movie Gear 4.2.3
Git version 1.8.0-preview20121022
Google Chrome
Google Talk (remove only)
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
GoToMeeting 4.5.0.457
Graboid Video 3.05
Guitar Pro 5.2
HGTV Home & Landscape Platinum Suite
High Definition Audio Driver Package - KB888111
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB959765)
Hotfix for Windows XP (KB961118)
HP Client Management Interface 1.00 D8
HP Integrated Module with Bluetooth wireless technology
HP Officejet J6400 Series
HP Officejet Pro 8500 A910 Basic Device Software
HP Officejet Pro 8500 A910 Help
HP Officejet Pro 8600 Basic Device Software
HP Photosmart Essential 2.5
HP Photosmart Essential 3.5
HP Update
HP Wireless Assistant
HPDiagnosticAlert
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookWebPack1
I.R.I.S. OCR
InfoTag Magic 1.0
Inspyder Web2Disk Trial
Intel(R) PRO Network Connections Drivers
InterVideo DVD Check
InterVideo Register Manager
InterVideo WinDVD
IrfanView (remove only)
iTunes
IZArc 4.1.7
J6400
Java Auto Updater
Java(TM) 6 Update 37
JimsList
Junk Mail filter update
Lagarith lossless video codec (Remove Only)
LAME v3.99.3 (for Windows)
LightScribe 1.4.136.1
LMMS 0.4.13
Logitech Vid HD
Logitech Webcam Software
Logitech® Camera Driver
Magic ISO Maker v5.5 (build 0276)
Malwarebytes Anti-Malware version 1.70.0.1100
MDI Viewer for Microsoft Office 2.0
Microangelo Toolset 6
Microsoft .NET Framework (English)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Access database engine 2010 (English)
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft English TTS Engine
Microsoft Help Viewer 1.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office File Validation Add-In
Microsoft Office FrontPage 2003
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Streets & Trips 2011
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Runtime
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Web Developer 2010 Express - ENU
Microsoft Windows Performance Toolkit
Microsoft Windows SDK .NET Framework Tools (30514)
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools
Microsoft Windows SDK for Windows 7 (7.1)
Microsoft Windows SDK for Windows 7 Common Utilities (30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
Microsoft Windows SDK for Windows 7 Samples (30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
Microsoft Windows SDK Intellisense and Reference Assemblies (30514)
Microsoft Windows SDK MSHelp (30514)
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514)
MobileMe Control Panel
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6.0 Parser (KB933579)
Nero Burning ROM
Nero Burning ROM Help (CHM)
Nero BurningROM 12
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero SharedVideoCodecs
Nero Update
Network
Network Recording Player
Notepad++
novaPDF Professional Desktop 7.7 printer
O&O Defrag Professional
OLYMPUS Digital Camera Updater
Olympus ib
OLYMPUS Viewer 2
Opera 11.61
PAL
PC COE
PC COE Required Settings
PDF Settings
PeerBlock 1.1 (r518)
Perl Express 2.5
PFPortChecker 1.0.39
Pixel Ruler
Prerequisite installer
PrimoPDF -- brought to you by Nitro PDF Software
ProductContext
PSSWCORE
Python 2.7.3
QuickTime
Quintessential Media Player
Radia Client
RAR Password Recovery 1.7
Real Alternative 2.0.2
Remote Access to HP Network (MSRA-Installer suite)
Remote Access to HP Network (MSRA 4.1 DigitalBadge Client)
Safari
SAPI Wrapper
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Visual Web Developer 2010 Express - ENU (KB2251489)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360131)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2482017)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Segoe UI
Service Pack 2 for SQL Server 2008 (KB2285068)
SFVManager
Shareaza 2.4.0.0
Skype Click to Call
Skype™ 6.1
Snagit 11
SnatchIt! Video Screen Capture
Soft Data Fax Modem with SmartCP
Sonic RecordNow!
Sonic Update Manager
Sql Server Customer Experience Improvement Program
SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49
Synaptics Pointing Device Driver
The Weather Channel App
Thunder Screenreader
TimeLeft
Toolbox
Torch
TreeSize Free V2.7
TTS Wrapper
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
User Profile Hive Cleanup S
