This topic is locked
MY (AUTO PROTECT) on NORTON INTERNET SECURITY ON JULY 26TH, 2014 DETECTED A VIRUS: Trojan ADH.
But I do not think that it has done anything but quarantine it.
i was informed about it and told that I needed to REBOOT my computer.
I DID. (thinking that it was resolved)
But my computer continues to get slower and slower to even giving me a BLUE SCREEN ( and Im aware that this isn't a GOOD thing to get).
So I went into my quarantines and seen THERE WAS ANOTHER VIRUS:
Trojan Gen.2 (detected by Auto-Protect) on August 12th, 2014
status indicated that it had been "removed" after clicking to see more details THE STATUS there stated that it had only been...PARTIALLY REMOVED not "completely removed"
SO I followed the steps that NORTON told me I should (which I believe was ERASER) and it seemed to be resolved for MAYBE 3 weeks.
NOW my computer is slowing down even more than before.
AND 5 MORE VIRUSES WERE REMOVED (2 of which were only LOW risk but I had them fixed as well) and the others being:
Infostealer.Bucuper with HIGH risk~~~ Fully Removed
Trojan Semnager with HIGH risk~~~ Fully Removed
***AGAIN*** It was:
Trojan Gen.2 with HIGH risk~~~ Fully Removed
AND I received another BEAUTIFULLY BAD BLUE SCREEN last night when shutting my computer down ( only because I was so frustrated that nothing would work and everything kept crashing.....)
SO I wondered if these stupid (Trojan ADH, Trojan Gen.2 & Trojan Semnager or Infostealer Bucuper) virus' may have attached themselves to other files and processes on my computer...
I STILL have my Security History logs and Quarantine Logs.
Can you Please Help ?!
OTL logfile created on: 8/31/2014 3:01:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MiaChelee\Pictures\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 40.57% Memory free
3.99 Gb Paging File | 2.24 Gb Available in Paging File | 56.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.31 Gb Total Space | 168.03 Gb Free Space | 58.08% Space Free | Partition Type: NTFS
Drive D: | 8.78 Gb Total Space | 0.73 Gb Free Space | 8.33% Space Free | Partition Type: NTFS
Computer Name: MIACHELEE-PC | User Name: MiaChelee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/08/31 15:01:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MiaChelee\Pictures\Downloads\OTL.exe
PRC - [2014/08/26 11:26:36 | 000,947,280 | ---- | M] (PC Utilities Software Limited) -- C:\Program Files\Driver Pro\DPTray.exe
PRC - [2014/08/12 00:33:46 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/08/06 20:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/08/04 06:04:51 | 003,569,984 | ---- | M] (Iminent) -- C:\Program Files\Common Files\Umbrella\Umbrella235.exe
PRC - [2014/08/04 06:04:51 | 000,378,152 | ---- | M] (SIEN S.A.) -- C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe
PRC - [2014/07/30 12:45:34 | 004,816,384 | ---- | M] () -- C:\WINDOWS\score.exe
PRC - [2014/07/25 05:21:13 | 001,251,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2010/01/20 17:44:14 | 004,562,944 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
PRC - [2010/01/12 11:11:24 | 000,278,528 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/18 23:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/03/01 08:38:48 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/02/15 03:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2007/01/13 16:11:08 | 000,706,168 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SecurityHistory\MCUI32.exe
PRC - [2007/01/09 14:59:52 | 000,115,816 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2007/01/09 14:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2007/01/04 17:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
PRC - [2006/09/28 06:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (No Company Name) ==========
MOD - [2014/08/12 17:15:28 | 000,262,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SystemStatus\115f539d6a5b3a3eb92d16c0f227dddd\SystemStatus.ni.dll
MOD - [2014/08/12 17:07:39 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\RemotingClient\3f53dd4575a8ee00fec77e26362658d0\RemotingClient.ni.dll
MOD - [2014/08/12 17:07:32 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingServer\af721f0a57493f5bd03de8e77cdd635e\MessagingServer.ni.dll
MOD - [2014/08/12 17:07:30 | 000,054,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingMessages\5282d9fa15b86e7ed87dba6d60438282\MessagingMessages.ni.dll
MOD - [2014/08/12 17:07:30 | 000,017,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingInterface\bcd2342fa7cbc930dce942d7fecbf3f2\MessagingInterface.ni.dll
MOD - [2014/08/12 17:07:29 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingClients\cac815adb128d04f638ae120ed18f68c\MessagingClients.ni.dll
MOD - [2014/08/12 17:07:27 | 000,087,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\InterfaceServices\77511d1b4a096560cf84ef0ee1beff77\InterfaceServices.ni.dll
MOD - [2014/08/12 17:07:26 | 001,842,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor\b037f6f3f3bd5ba094364a1db4ffbc53\HPAdvisor.ni.exe
MOD - [2014/08/12 17:07:22 | 000,078,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\HPAdvisor.Common.Wi#\348bc78eed31f54cf554c3ed35411c03\HPAdvisor.Common.Windows.ni.dll
MOD - [2014/08/12 17:07:20 | 000,048,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Content\f80248bfb4a557f5cceab12b68b0bafe\Content.ni.dll
MOD - [2014/08/12 17:07:18 | 000,058,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CeeWrtier\7d7383523bd61714ef830af61ed5bea7\CeeWrtier.ni.dll
MOD - [2014/08/12 17:07:11 | 000,072,192 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\BackWeb\85bbd013f97bb4619f86fa81e6f2a5a3\BackWeb.ni.dll
MOD - [2014/08/12 15:41:45 | 000,774,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e1426c5f03bf044ee068f67153ae3343\System.Runtime.Remoting.ni.dll
MOD - [2014/08/12 15:41:42 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c37a34d24fdb1448885013600323a568\System.EnterpriseServices.ni.dll
MOD - [2014/08/12 15:41:42 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c37a34d24fdb1448885013600323a568\System.EnterpriseServices.Wrapper.dll
MOD - [2014/08/12 15:41:40 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\710180000318621db8c271fbbfdf8d78\System.Transactions.ni.dll
MOD - [2014/08/12 15:41:03 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\90e4612b7886a00abc6eb22d173102b6\System.Configuration.ni.dll
MOD - [2014/08/12 15:40:24 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0bd54004bece98d17dd1a257d17f72fa\System.Xml.ni.dll
MOD - [2014/08/12 15:39:49 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2b8ffcb743aa0e86ebb7e43479291e31\System.Windows.Forms.ni.dll
MOD - [2014/08/12 15:39:32 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\debddb4f0fa3eca24a9307561bd23072\System.Drawing.ni.dll
MOD - [2014/08/12 15:39:00 | 006,649,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\d0429f13e5ef75bf4b3c54133e1f6d67\System.Data.ni.dll
MOD - [2014/08/12 15:38:41 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\597c3cc5acbabed8f2629fbefa56b2ba\PresentationFramework.Aero.ni.dll
MOD - [2014/08/12 15:38:32 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\77ca3a4b0f722da3236d48139d160477\PresentationFramework.ni.dll
MOD - [2014/08/12 15:37:39 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d40f15d057d10ce7f34fd08f6773e7a1\PresentationCore.ni.dll
MOD - [2014/08/12 15:37:16 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\af9d85ac14a30c793b4a77c41e2664b3\WindowsBase.ni.dll
MOD - [2014/08/12 15:37:04 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\e2be7a2aad6294f583264df0e9f27bb7\System.ni.dll
MOD - [2014/08/12 15:36:43 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7767c4821b2d4d32f63d0df3ea24e6b2\mscorlib.ni.dll
MOD - [2014/08/06 20:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/06 20:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
MOD - [2014/08/06 20:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/06 20:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/07/01 12:01:56 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2014/05/07 16:42:38 | 002,958,848 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/03/28 03:49:12 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2014/02/10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2010/01/20 17:44:14 | 004,562,944 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
MOD - [2009/08/28 16:50:18 | 000,282,624 | ---- | M] () -- C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
MOD - [2009/04/10 23:28:21 | 000,368,640 | ---- | M] () -- C:\WINDOWS\System32\msjetoledb40.dll
MOD - [2007/03/12 17:44:10 | 000,053,248 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
========== Services (SafeList) ==========
SRV - [2014/08/12 16:14:22 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/04 06:04:51 | 003,569,984 | ---- | M] (Iminent) [Auto | Running] -- C:\Program Files\Common Files\Umbrella\Umbrella235.exe -- (SProtection)
SRV - [2014/08/04 06:04:51 | 000,378,152 | ---- | M] (SIEN S.A.) [Auto | Running] -- C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe -- (GlobalUpdater)
SRV - [2014/07/30 12:45:34 | 004,816,384 | ---- | M] () [Auto | Running] -- C:\WINDOWS\score.exe -- (scores)
SRV - [2014/07/25 05:21:13 | 001,251,720 | ---- | M] () [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2010/01/12 11:11:24 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe -- (WSWNA3100)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2008/01/18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate)
SRV - [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/01/13 16:11:06 | 000,080,504 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Norton Internet Security\isPwdSvc.exe -- (ISPwdSvc)
SRV - [2007/01/12 12:40:58 | 000,049,248 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/01/09 14:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/09 14:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/09 14:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/09 14:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/01/04 17:19:28 | 000,047,712 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\ssnfd.sys -- (ssnfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\Program Files\Settings Manager\smdmf\smdmfmgrc2.cfg -- (F06DEFF2-5B9C-490D-910F-35D3A9119622)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/08/11 03:42:03 | 001,636,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20140830.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/08/11 03:42:00 | 000,095,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20140830.003\NAVENG.SYS -- (NAVENG)
DRV - [2014/08/04 11:35:46 | 000,055,232 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gt.sys -- ({2b929fe1-284b-4766-afb9-19b0915b99b0}Gt)
DRV - [2014/07/25 05:49:48 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/07/14 08:41:38 | 000,377,648 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/07/14 08:41:38 | 000,109,872 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/07/14 05:11:28 | 000,287,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20140826.001\IDSvix86.sys -- (IDSvix86)
DRV - [2011/03/30 13:54:32 | 001,073,216 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2009/10/20 10:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\npf.sys -- (NPF)
DRV - [2009/08/03 19:07:12 | 000,038,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symndisv.sys -- (SYMNDISV)
DRV - [2009/08/03 19:07:10 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/08/03 19:07:10 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symfw.sys -- (SYMFW)
DRV - [2009/08/03 19:07:10 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symids.sys -- (SYMIDS)
DRV - [2009/08/03 19:07:10 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/08/03 19:07:10 | 000,012,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\symdns.sys -- (SYMDNS)
DRV - [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/22 21:49:00 | 007,465,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/11/30 23:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 23:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 23:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/26 18:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/04/14 02:49:32 | 000,418,104 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/01/19 18:20:54 | 000,021,728 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2005/12/12 10:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...266162_923AB95E
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istart123...266162_923AB95E
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}: "URL" = http://speedial.com/...=1563939880&ir=
IE - HKLM\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = http://www.istart123...q={searchTerms}
IE - HKLM\..\SearchScopes\{96FACB6C-5EF1-44A1-9480-E6D50BF53828}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}: "URL" = http://www.default-s...p={searchTerms}
IE - HKLM\..\SearchScopes\{E380BF58-5A1C-439C-9E6E-DCC17BD09237}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{F3921A20-218F-4460-A1ED-FF19AE488722}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...266162_923AB95E
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
IE - HKCU\..\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{F3921A20-218F-4460-A1ED-FF19AE488722}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "istart123"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledAddons: faststartff%40gmail.com:4.3.0
FF - prefs.js..extensions.enabledAddons: addictive_typing_lessons%40tomkennedy.net:4.0
FF - prefs.js..extensions.enabledAddons: gvoice%40elijahclark.com:5.2
FF - prefs.js..extensions.enabledAddons: vkuklin%40sbcglobal.net:4.1
FF - prefs.js..extensions.enabledAddons: %7B2b929fe1-284b-4766-afb9-19b0915b99b0%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..browser.startup.homepage: "http://start.iminent...B-2F6A4A964883"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - prefs.js..browser.search.selectedEngine: "StartWeb"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\www.exent.com/GameTreatWidget: C:\Program Files\Free Ride Games\npGameTreatWidget.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected] [2014/08/12 16:22:44 | 000,000,000 | ---D | M]
[2014/07/25 23:33:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Extensions
[2014/08/04 13:04:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\extensions
[2014/08/12 19:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions
[2014/07/26 06:07:55 | 000,000,000 | ---D | M] ("Speedial") -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52}
[2014/08/12 16:31:42 | 000,000,000 | ---D | M] ("HQPureV1.8") -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/12 16:31:28 | 000,000,000 | ---D | M] ("videos MediaPlay-Air") -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/12 16:22:44 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/12 16:31:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData
[2014/08/12 16:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData\plugins
[2014/08/12 16:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData\userCode
[2014/08/12 16:31:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData
[2014/08/12 16:31:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData\plugins
[2014/08/12 16:31:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]\extensionData\userCode
[2014/07/26 06:07:55 | 000,121,780 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/07/29 03:04:45 | 000,650,389 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/07/26 06:07:55 | 000,027,538 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/07 22:37:32 | 000,157,980 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/03 20:12:39 | 000,011,770 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\[email protected]
[2014/08/02 11:33:44 | 000,093,394 | ---- | M] () (No name found) -- C:\Users\MiaChelee\AppData\Roaming\Mozilla\Firefox\Profiles\buym0gc7.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: [ homepage, searchProvider, startupPages, tabs, unlimitedStorage ]
CHR - homepage: http://search.iminent.com/__PARAM__
CHR - homepage: https://www.google.c...ml#instructions
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.669\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Exent® AOD Gecko Plugin (Disabled) = C:\Program Files\Free Ride Games\npExentCtl.dll
CHR - plugin: (Disabled) = C:\Program Files\Free Ride Games\npGameTreatWidget.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Disabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll
CHR - plugin: Silverlight Plug-In (Disabled) = c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Disabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Floorplanner = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag\13_0\
CHR - Extension: Bejeweled = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Torrent Search = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee\1.2.0.3_0\
CHR - Extension: Cartoons Mahjong = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\alamchlmhbodaeahnppjplfjfgpimeie\2.0.0.28_0\
CHR - Extension: Genius Memory = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkoinfmlfndmileeeldconamokemeck\1.0_0\
CHR - Extension: Google Docs = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: Hidden Objects - House 1 = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdeppfcebbaecjpbgjejpdmejgndopo\13.6688.4162_0\
CHR - Extension: YouTube = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Solitaire = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.7_0\
CHR - Extension: Facebook = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Classic Games = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc\1.0_0\
CHR - Extension: Learn States and Capitals = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdblkfkcegbngjbibiefbjbeofmbgonk\1.0.1_0\
CHR - Extension: Typing Games = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdmbheiidhmnboooapmljaebpnnbpai\1.1_0\
CHR - Extension: Crazy4Jigsaws = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgliemokfgimmfodoeboneoibjklncc\1.1.1_0\
CHR - Extension: 8 Ball Pool = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmghmomnbfaiaoeljaekmchmelpmbjld\1.1_0\
CHR - Extension: Google Search = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Fun Switcher = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddeoimiimmmfddbiggnbipkjomlalanb\0.0.0.3_0\
CHR - Extension: Scrabble = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebjeghijiopdeimkgomamjjdeegllaho\2_0\
CHR - Extension: Zwinky = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei\10.82.4.30101_0\
CHR - Extension: Hangman = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekpfaaakmnhcembbiennfjiaodandmhg\1_0\
CHR - Extension: Hello Kitty Painting = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajkeggnmflighbmbcedgdnlbipdiabf\2.3.5_0\
CHR - Extension: Type Scout = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj\5_0\
CHR - Extension: Virtual Piano Black = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjagcpcbacoaogfljhglghpjhkmmfeeo\4_0\
CHR - Extension: Coloring Pages = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\foniidelkdlapcpngdpcchdemnemdbnf\1.6.1_0\
CHR - Extension: Candy Mahjong = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbeaamkeeefhgfcmbnjmffohnahademp\1.0.0.1_0\
CHR - Extension: Facebook for Chrome = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\6.4.3_0\
CHR - Extension: Pictico — Coloring for Kids = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\gndkeamlgkegbmmoheplcndpopglacgf\3.1.3_0\
CHR - Extension: Note Board = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb\6.0.4.12_0\
CHR - Extension: Yahtzee = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpohghilpcclginepbjhpkodibponfh\1.6_0\
CHR - Extension: Mahjong Words = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmefkohhpkdnaieghlijadogfapogebe\1.0.0.1_0\
CHR - Extension: Coloring Pages = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhcehgkaccjiljllpejjekibagmonki\1.0_0\
CHR - Extension: Typing Test - KeyHero = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm\1.5.0_0\
CHR - Extension: Google Voice (by Google) = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.4.4_0\
CHR - Extension: Sketchpad 3.5 = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkghjbajgkcialbbimbifdcjilhcgoim\3.5.2.23_0\
CHR - Extension: Flow Colors Bridges = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhgjgepioclaangaicgmecejjcebppik\1.2_0\
CHR - Extension: No History = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch\1.0.2_0\
CHR - Extension: Super Granny 5 = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijpaeblikfbkaedophkjceapflifadb\0.3_0\
CHR - Extension: Hangouts = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.730.433.1_0\
CHR - Extension: Norton Identity Safe = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgpiocdhdmnglomggfjkkonjjfahnom\1.0.0.7_0\
CHR - Extension: Karaoke Player = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkicphmljcbdmbkpipmlofneklkhhegh\0.1.0_0\
CHR - Extension: Google Wallet = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Type Fu (hosted) = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\okboeogmnhjpgbeaokfogelclpblaemo\2.0.2_0\
CHR - Extension: Bubble Whale = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\okkggokhcifmdemmiijnncnldioefjob\1.0.0.1_0\
CHR - Extension: Love Calculator = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\oolmcecgdmgibngcbeedeljjadklplag\1.5_0\
CHR - Extension: Instagram for Chrome = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\5.6_0\
CHR - Extension: Fox News = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pamidlfalnpbkhdhbbepaibgehibgmna\2.4.4_0\
CHR - Extension: Flow Colors = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbnmelddedlommnmllmfhoephaidddmk\1.3_0\
CHR - Extension: Outlook.com = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge\1.0.2_0\
CHR - Extension: Psykopaint = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: Gmail = C:\Users\MiaChelee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBHO.dll (Symantec Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [fst_us_203] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Driver Pro] C:\Program Files\Driver Pro\DPLauncher.exe File not found
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB9915C3-E8D6-4739-AA95-7BFFC6B7CAC4}: DhcpNameServer = 192.168.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B8DB4082-5843-4EF3-8863-98AC3141CED3}: DhcpNameServer = 192.168.3.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\MiaChelee\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\MiaChelee\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O27 - HKLM IFEO\bitguard.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\bpsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserdefender.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\browserprotect.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\dprotectsvc.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\jumpflip: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\protectedsearch.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchinstaller.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotection.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchprotector.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\searchsettings64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\snapdo.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst32.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\stinst64.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\umbrella.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\utiljumpflip.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\volaro: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\vonteera: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroids.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\websteroidsservice.exe: Debugger - C:\Windows\System32\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/18 13:34:58 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\settings manager\smdmf\x64\sysapcrt.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/08/31 11:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Driver Support
[2014/08/31 10:56:32 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\Driver Pro
[2014/08/31 10:56:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Pro
[2014/08/31 10:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Driver Pro
[2014/08/31 04:14:32 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\CrashDumps
[2014/08/30 15:55:35 | 000,000,000 | ---D | C] -- C:\Windows\en
[2014/08/30 15:53:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2014/08/30 15:48:32 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2014/08/30 15:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2014/08/30 15:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2014/08/30 13:15:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2014/08/30 12:46:40 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\Windows Live
[2014/08/30 12:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2014/08/29 08:20:06 | 000,000,000 | R--D | C] -- C:\Users\MiaChelee\Documents\Notes
[2014/08/28 18:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\REGSERVO
[2014/08/27 23:59:10 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\Roxio
[2014/08/27 13:25:16 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\Documents\OneNote Notebooks
[2014/08/27 01:53:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/08/26 23:56:08 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\STARGAZE_IMAGE_CACHE
[2014/08/26 23:56:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Alawar Stargaze
[2014/08/26 17:35:22 | 000,023,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\COH_Mon.sys
[2014/08/25 17:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Meridian93
[2014/08/24 08:46:39 | 000,000,000 | ---D | C] -- C:\NPE
[2014/08/24 08:39:17 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\NPE
[2014/08/24 05:26:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sandlot Games
[2014/08/23 00:42:15 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\PlayFirst
[2014/08/23 00:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayFirst
[2014/08/23 00:40:07 | 000,000,000 | ---D | C] -- C:\ProgramData\XLab
[2014/08/22 21:12:40 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\LegacyGames
[2014/08/22 20:44:08 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\Documents\Updater5
[2014/08/22 20:35:55 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\Adobe
[2014/08/22 13:10:29 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\14042
[2014/08/20 12:13:38 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\Desktop\saves
[2014/08/20 06:27:02 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\downloadius
[2014/08/13 06:32:09 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\FE41D40E64024BCDA47F87DA108D1BEB
[2014/08/12 19:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\2308189059
[2014/08/12 16:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2014/08/12 16:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2014/08/12 16:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IMGUpdater
[2014/08/12 16:40:45 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\ap_logs
[2014/08/12 16:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\PC Speed Up
[2014/08/12 16:33:04 | 000,000,000 | ---D | C] -- C:\Program Files\predm
[2014/08/12 16:33:00 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\com
[2014/08/12 16:27:05 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\globalUpdate
[2014/08/12 16:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\globalUpdate
[2014/08/12 16:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014/08/12 16:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsMangerProtect
[2014/08/12 16:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[2014/08/12 16:18:00 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\fabulous_08122318
[2014/08/12 16:15:52 | 000,000,000 | ---D | C] -- C:\Program Files\005
[2014/08/12 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/08/12 16:11:21 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\SearchProtect
[2014/08/12 11:29:00 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\Desktop\New Folder
[2014/08/12 08:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2014/08/12 05:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2014/08/12 04:17:15 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/08/12 02:08:08 | 000,000,000 | ---D | C] -- C:\9c77d34e2ebf28f90b77738ebb
[2014/08/12 00:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/12 00:04:27 | 000,000,000 | ---D | C] -- C:\2ed22ab70b8bb13b1f6c31a82ecef7
[2014/08/09 18:57:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2014/08/09 18:57:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2014/08/09 18:57:02 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2014/08/09 18:20:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/08/09 12:45:35 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\BrowserSafeguard
[2014/08/09 12:22:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2014/08/08 19:16:04 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\HP Guide
[2014/08/08 05:00:48 | 000,000,000 | ---D | C] -- C:\PerfLogs
[2014/08/07 22:51:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/08/07 22:50:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/08/07 22:39:48 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Roaming\UpdaterEX
[2014/08/07 19:26:14 | 000,000,000 | ---D | C] -- C:\7f1238458e641109a83581d035879d90
[2014/08/07 03:14:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014/08/06 22:52:01 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/08/05 04:11:06 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\Microsoft Help
[2014/08/04 17:26:09 | 000,055,232 | ---- | C] (StdLib) -- C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gt.sys
[2014/08/04 16:16:09 | 000,000,000 | ---D | C] -- C:\Users\MiaChelee\AppData\Local\WindowsUpdate
[2014/08/04 16:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\focusbase
[2014/08/02 15:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\MiaChelee\AppData\Local\*.tmp files -> C:\Users\MiaChelee\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/08/31 15:03:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/31 14:46:00 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\UpdaterEX.job
[2014/08/31 14:39:02 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/31 14:10:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/08/31 14:10:11 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/08/31 11:45:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/31 10:56:34 | 000,000,825 | ---- | M] () -- C:\Users\MiaChelee\Desktop\Driver Pro.lnk
[2014/08/31 10:16:35 | 000,641,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/08/31 10:16:35 | 000,119,172 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/08/31 10:12:46 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/31 10:10:14 | 000,000,602 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - MiaChelee.job
[2014/08/31 04:16:47 | 224,088,199 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/08/31 03:58:34 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2014/08/30 17:27:51 | 000,356,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/08/29 08:11:50 | 000,005,120 | ---- | M] () -- C:\Users\MiaChelee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/29 05:00:48 | 000,573,929 | ---- | M] () -- C:\Users\MiaChelee\Desktop\10401941_760329050695672_8822638613527753628_n.png
[2014/08/28 18:05:31 | 000,000,100 | ---- | M] () -- C:\Users\MiaChelee\Desktop\Troubleshooting Google Chrome crashes.url
[2014/08/27 13:24:11 | 000,117,372 | ---- | M] () -- C:\Users\MiaChelee\Documents\paystub
[2014/08/26 12:44:50 | 000,000,471 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2014/08/24 10:02:03 | 000,000,940 | ---- | M] () -- C:\Users\MiaChelee\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/08/24 08:50:51 | 000,000,680 | ---- | M] () -- C:\Users\MiaChelee\AppData\Local\d3d9caps.dat
[2014/08/21 00:32:21 | 000,068,541 | ---- | M] () -- C:\Users\MiaChelee\Documents\paystub for July 2014.pdf
[2014/08/15 16:42:00 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/08/13 16:42:00 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/08/13 07:59:28 | 000,000,926 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
[2014/08/12 17:02:38 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/08/12 16:50:27 | 000,000,945 | ---- | M] () -- C:\Users\MiaChelee\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/08/12 16:42:02 | 000,000,320 | ---- | M] () -- C:\Users\MiaChelee\AppData\Roaming\aps.uninstall.scan.results
[2014/08/12 16:11:28 | 000,000,000 | ---- | M] () -- C:\END
[2014/08/12 05:22:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2014/08/12 03:44:22 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2014/08/12 03:44:22 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2014/08/12 03:44:00 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/08/09 18:53:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2014/08/08 04:29:58 | 000,101,888 | ---- | M] (Infineon Technologies AG) -- C:\Windows\System32\ifxcardm.dll
[2014/08/08 04:29:42 | 000,082,432 | ---- | M] (Gemalto, Inc.) -- C:\Windows\System32\axaltocm.dll
[2014/08/08 04:19:19 | 000,196,608 | ---- | M] () -- C:\Windows\SPInstall.etl
[2014/08/08 00:46:04 | 000,000,045 | ---- | M] () -- C:\Users\MiaChelee\AppData\Roaming\WB.CFG
[2014/08/07 11:59:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh6_01005.Wdf
[2014/08/04 11:35:46 | 000,055,232 | ---- | M] (StdLib) -- C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gt.sys
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Users\MiaChelee\AppData\Local\*.tmp files -> C:\Users\MiaChelee\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/08/31 10:56:34 | 000,000,825 | ---- | C] () -- C:\Users\MiaChelee\Desktop\Driver Pro.lnk
[2014/08/30 15:47:33 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2014/08/30 15:43:09 | 000,001,229 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2014/08/30 15:39:17 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2014/08/30 13:17:55 | 000,002,027 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2014/08/30 12:45:09 | 000,004,984 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2014/08/29 05:00:33 | 000,573,929 | ---- | C] () -- C:\Users\MiaChelee\Desktop\10401941_760329050695672_8822638613527753628_n.png
[2014/08/28 18:05:31 | 000,000,100 | ---- | C] () -- C:\Users\MiaChelee\Desktop\Troubleshooting Google Chrome crashes.url
[2014/08/27 13:24:01 | 000,117,372 | ---- | C] () -- C:\Users\MiaChelee\Documents\paystub
[2014/08/27 01:53:50 | 224,088,199 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/08/26 17:35:22 | 000,010,537 | ---- | C] () -- C:\Windows\System32\drivers\COH_Mon.cat
[2014/08/26 17:35:22 | 000,000,706 | ---- | C] () -- C:\Windows\System32\drivers\COH_Mon.inf
[2014/08/24 10:02:03 | 000,000,940 | ---- | C] () -- C:\Users\MiaChelee\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2014/08/24 08:50:51 | 000,000,680 | ---- | C] () -- C:\Users\MiaChelee\AppData\Local\d3d9caps.dat
[2014/08/21 00:31:59 | 000,068,541 | ---- | C] () -- C:\Users\MiaChelee\Documents\paystub for July 2014.pdf
[2014/08/20 12:09:10 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2014/08/20 06:29:27 | 000,000,471 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2014/08/19 22:16:52 | 000,005,120 | ---- | C] () -- C:\Users\MiaChelee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/08/12 16:41:00 | 000,000,320 | ---- | C] () -- C:\Users\MiaChelee\AppData\Roaming\aps.uninstall.scan.results
[2014/08/12 16:40:56 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
[2014/08/12 16:40:51 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
[2014/08/12 16:40:46 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
[2014/08/12 16:21:40 | 004,816,384 | ---- | C] () -- C:\Windows\score.exe
[2014/08/12 16:11:28 | 000,000,000 | ---- | C] () -- C:\END
[2014/08/12 05:22:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2014/08/12 03:44:00 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/08/12 00:34:00 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/12 00:33:58 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/11 23:59:30 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/08/11 23:30:08 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2014/08/09 18:53:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2014/08/09 14:13:18 | 000,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/08/09 14:13:13 | 000,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2014/08/09 14:12:52 | 000,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2014/08/09 14:12:47 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2014/08/09 14:12:46 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2014/08/09 14:12:34 | 000,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2014/08/09 14:12:19 | 000,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2014/08/09 14:11:51 | 000,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2014/08/09 14:10:37 | 000,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2014/08/09 14:10:29 | 000,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2014/08/09 12:40:21 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2014/08/09 12:40:16 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2014/08/09 12:18:07 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2014/08/09 12:18:07 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2014/08/09 12:18:06 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2014/08/08 03:41:08 | 000,145,455 | ---- | C] () -- C:\Windows\System32\perfmon.msc
[2014/08/08 03:39:59 | 000,144,909 | ---- | C] () -- C:\Windows\System32\fsmgmt.msc
[2014/08/08 03:39:55 | 000,012,198 | ---- | C] () -- C:\Windows\System32\gatherWiredInfo.vbs
[2014/08/08 03:32:08 | 000,196,608 | ---- | C] () -- C:\Windows\SPInstall.etl
[2014/08/08 00:46:04 | 000,000,045 | ---- | C] () -- C:\Users\MiaChelee\AppData\Roaming\WB.CFG
[2014/08/07 22:39:48 | 000,000,306 | ---- | C] () -- C:\Windows\tasks\UpdaterEX.job
[2014/08/07 11:59:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh6_01005.Wdf
[2014/07/25 20:09:12 | 000,000,632 | RHS- | C] () -- C:\Users\MiaChelee\ntuser.pol
[2014/07/25 05:53:42 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2014/07/25 03:36:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
========== ZeroAccess Check ==========
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 06:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/08/12 16:40:45 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\ap_logs
[2014/08/31 10:59:30 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\Driver Pro
[2014/07/26 05:42:50 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\DriverCure
[2014/07/25 23:27:06 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\FirefoxToolbar
[2014/08/22 21:12:40 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\LegacyGames
[2014/07/25 07:35:05 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\MSNInstaller
[2014/07/26 05:42:49 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\ParetoLogic
[2014/08/23 00:42:15 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\PlayFirst
[2014/07/25 03:28:05 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\Snapfish
[2014/08/07 22:39:48 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\UpdaterEX
[2014/07/30 01:08:10 | 000,000,000 | ---D | M] -- C:\Users\MiaChelee\AppData\Roaming\WildTangent
========== Purity Check ==========
OTL Extras logfile created on: 8/31/2014 3:01:53 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MiaChelee\Pictures\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.87 Gb Total Physical Memory | 0.76 Gb Available Physical Memory | 40.57% Memory free
3.99 Gb Paging File | 2.24 Gb Available in Paging File | 56.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.31 Gb Total Space | 168.03 Gb Free Space | 58.08% Space Free | Partition Type: NTFS
Drive D: | 8.78 Gb Total Space | 0.73 Gb Free Space | 8.33% Space Free | Partition Type: NTFS
Computer Name: MIACHELEE-PC | User Name: MiaChelee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2FB9D1A9-9FA5-4B41-8AA7-18668AE87EEB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4E45B51C-918A-4A96-8AF5-BD2B004334A1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F4461E32-6586-4574-AF16-D3EE0A681952}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{33173E56-BDB2-4129-8ECA-C715DC5B7C89}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{340359AF-B751-4BA4-B15E-6EAE5F5E0237}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{49967708-61B9-45C4-AE18-0B350B4FC20D}" = dir=in | app=c:\users\miache~1\appdata\local\temp\jen82jsq4c31\videoperformersetup |
"{4FC5D3CC-585E-4604-937C-978A00611191}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9AEA9DDA-7D3A-4AA6-BF2D-3FAEEE9B707E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{A63EBE53-77AE-4C2D-86F1-E97E77FDE1ED}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A842893D-FA10-41F3-AF8E-05D38DDB2E5A}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{C16A9D3C-F547-4968-9B22-EDBAFB7BFC55}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E0F8D110-C3A6-426F-AED0-ADE1CC51160E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EC27AE6E-2B02-4827-8FC5-B92260D44684}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{ECBAC4D1-1A6D-4778-8CE5-56F810A60D3A}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{ED1393C4-835C-4B04-B69E-986E4DA24DCD}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{247C5DDA-FFD7-44E0-8BF7-79BC80A0BF87}" = Windows Live Family Safety
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2990BC81-3B19-4E53-A53E-30DE3F1BFFA8}" = HP Total Care Advisor
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}" = Norton Internet Security
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{48185814-A224-447A-81DA-71BD20580E1B}" = Norton Internet Security
"{4843B611-8FCB-4428-8C23-31D0A5EAE164}" = Norton Confidential Browser Component
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4EF6FDB0-3B11-4820-9860-8E08E9965195}" = Snapfish Media Detector
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AF49698-949A-4C89-9B31-041D2CCB5FBD}" = muvee autoProducer 6.0
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{830D8CBD-C668-49e2-A969-C2C2106332E0}" = Norton AntiVirus
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88D9A3AF-8E7D-42F5-BC0D-1139F3C44A8F}" = Symantec Real Time Storage Protection Component
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A129ABC-A53A-4209-A21E-D5DEDFB7CCA8}" = Norton Protection Center
"{9A77F502-DDF4-423F-82F0-1A830EC3D1D6}" = SymNet
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D353CC51-430D-4C6F-9B7E-52003DA1E05A}" = Norton Confidential Web Protection Component
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton Internet Security
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4DB525F-A986-4249-B98B-42A8066251CA}" = AV
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Driver Pro_is1" = Driver Pro version 3.2
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WindowsMangerProtect" = WindowsMangerProtect20.0.0.502
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UpdaterEX" = Extended Update
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 8/27/2014 4:39:46 PM | Computer Name = MiaChelee-PC | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 12.0.6700.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 2954 Start Time: 01cfc236f31110b0 Termination Time: 23
Error - 8/27/2014 6:26:38 PM | Computer Name = MiaChelee-PC | Source = Application Hang | ID = 1002
Description = The program GPlayer.exe version 7.3.56.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1b8 Start Time: 01cfc23887312936 Termination Time: 201
Error - 8/27/2014 8:14:45 PM | Computer Name = MiaChelee-PC | Source = Application on Demand - granny_download | ID = 0
Description =
Error - 8/28/2014 3:52:35 AM | Computer Name = MiaChelee-PC | Source = Application on Demand - castle | ID = 0
Description =
Error - 8/28/2014 6:08:55 AM | Computer Name = MiaChelee-PC | Source = Application on Demand - castle | ID = 0
Description =
Error - 8/28/2014 9:09:19 AM | Computer Name = MiaChelee-PC | Source = Application on Demand - castle | ID = 0
Description =
Error - 8/28/2014 3:54:28 PM | Computer Name = MiaChelee-PC | Source = Application Hang | ID = 1002
Description = The program GPlayer.exe version 7.3.56.0 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b94 Start Time: 01cfc2eec63ec2cf Termination Time: 86
Error - 8/29/2014 10:25:35 PM | Computer Name = MiaChelee-PC | Source = Chrome | ID = 1
Description =
Error - 8/30/2014 6:31:51 PM | Computer Name = MiaChelee-PC | Source = System Restore | ID = 8193
Description =
Error - 8/30/2014 6:32:12 PM | Computer Name = MiaChelee-PC | Source = System Restore | ID = 8193
Description =
[ System Events ]
Error - 8/30/2014 4:10:47 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 8/30/2014 4:10:47 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/30/2014 8:24:44 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7043
Description =
Error - 8/30/2014 8:28:51 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/30/2014 8:28:51 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 8/31/2014 7:16:53 AM | Computer Name = MiaChelee-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:15:04 AM on 8/31/2014 was unexpected.
Error - 8/31/2014 7:18:30 AM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/31/2014 7:18:30 AM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 8/31/2014 1:11:51 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8/31/2014 1:11:51 PM | Computer Name = MiaChelee-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
< End of report >
Edited by 916 aPPEAL, 31 August 2014 - 05:23 PM.
Sign In
Create Account
