Good Morning!
We have been having issues with the computer crashing as soon as we connect to the internet. It started with when viewing any video and continued to get worse. I tried running Windows Updates and HP Updates to see if that would fix the problem but neither helped. I am hopeful that one of the experts here can help. The OTL is attached. OTL.Txt 76.55KB 145 downloads
Thanks ~ Onnaday
OTL logfile created on: 11/1/2014 9:18:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mom\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.87 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 82.36% Memory free
9.89 Gb Paging File | 9.17 Gb Available in Paging File | 92.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.83 Gb Total Space | 287.88 Gb Free Space | 63.57% Space Free | Partition Type: NTFS
Drive D: | 12.93 Gb Total Space | 1.78 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
Computer Name: MOM-PC | User Name: Mom | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/01 09:17:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mom\Downloads\OTL.exe
PRC - [2014/09/24 00:08:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
========== Modules (No Company Name) ==========
MOD - [2014/09/24 00:09:18 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
========== Services (SafeList) ==========
SRV:64bit: - [2011/04/08 16:06:50 | 000,295,424 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2010/05/07 18:45:16 | 000,197,976 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2010/02/17 19:25:42 | 000,181,760 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe -- (Belkin Local Backup Service)
SRV:64bit: - [2010/02/09 16:55:52 | 000,055,296 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe -- (Belkin Network USB Helper)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/10/26 10:53:17 | 000,254,016 | ---- | M] (WildTangent) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe -- (GamesAppIntegrationService)
SRV - [2014/10/06 10:38:49 | 000,203,344 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2014/09/24 00:09:08 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/09/15 13:19:02 | 000,089,352 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2014/05/07 18:42:15 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/03/11 23:36:06 | 000,247,968 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE -- (BBUpdate)
SRV - [2014/03/11 23:36:06 | 000,193,696 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE -- (BBSvc)
SRV - [2013/12/21 01:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/12/09 10:26:07 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/04/29 19:30:10 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2009/03/30 07:41:56 | 000,151,552 | ---- | M] (Livescribe) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe -- (PenCommService)
SRV - [2007/04/13 11:20:22 | 000,097,432 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/10/12 20:38:00 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/04/15 13:35:26 | 000,240,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/11/25 02:48:36 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\DRIVERS\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/23 02:05:08 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/07/20 01:51:00 | 000,311,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/07/20 01:50:56 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/07/20 01:50:50 | 000,206,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/07/01 01:45:28 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/02/29 08:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010/11/09 21:45:54 | 004,162,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2010/11/09 21:44:24 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010/05/07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/16 10:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 10:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/07/22 14:42:20 | 000,024,576 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PulseUsb.sys -- (PulseUsb)
DRV:64bit: - [2009/06/22 17:50:00 | 000,291,352 | ---- | M] (silex technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sxuptp.sys -- (sxuptp)
DRV - [2009/08/14 08:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 08:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{42702B0B-C9A6-45FF-A76A-3B84C4ACFC37}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{470627EC-50FE-4C12-9E97-781485EB3CF3}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKLM\..\SearchScopes\{42702B0B-C9A6-45FF-A76A-3B84C4ACFC37}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{470627EC-50FE-4C12-9E97-781485EB3CF3}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {36377DD7-B3EB-42f5-986F-680BAF59BA9D}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKCU\..\SearchScopes\{36377DD7-B3EB-42f5-986F-680BAF59BA9D}: "URL" = http://start.casualg...q={searchTerms}
IE - HKCU\..\SearchScopes\{42702B0B-C9A6-45FF-A76A-3B84C4ACFC37}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{470627EC-50FE-4C12-9E97-781485EB3CF3}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GPEA_en
IE - HKCU\..\SearchScopes\{6C9D2F79-E1FB-428C-8FBC-68FC01C533DD}: "URL" = http://search.freeca...p={searchTerms}
IE - HKCU\..\SearchScopes\{C7576B9D-B442-46bc-AF74-080A9E723E01}: "URL" = http://websearch.sea...47-E8E1535BB589
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Search-Results"
FF - prefs.js..browser.search.order.1: "Search-Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.aol.com/"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D%7D:1.9.20.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.0.21
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..keyword.URL: "http://websearch.sea...=YYYYYYS1US&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Mom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/09/23 21:15:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/23 21:15:08 | 000,000,000 | ---D | M]
[2010/01/21 14:32:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mom\AppData\Roaming\Mozilla\Extensions
[2014/09/13 20:38:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions
[2011/03/25 19:48:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2014/09/13 20:38:05 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2012/07/09 19:30:42 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions\[email protected]
[2010/12/26 13:43:00 | 000,000,000 | ---D | M] (SlingHealth) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions\[email protected]
[2013/11/21 14:49:12 | 000,619,291 | ---- | M] () (No name found) -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\extensions\[email protected]
[2010/12/11 21:17:10 | 000,003,360 | ---- | M] () -- C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\1rakunje.default\searchplugins\search-results.xml
[2014/09/23 21:15:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/26 21:37:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: http://start.casualgames.com/?o=shp
CHR - Extension: SiteAdvisor = C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: avast! WebRep = C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1203_0\
O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Qualys BrowserCheck IE Helper) - {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} - C:\Windows\Downloaded Program Files\qbc_bho.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files (x86)\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4:64bit: - HKLM..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor for Windows\RunProfiler.exe (PC-Doctor, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} https://browsercheck....com/qbc_ax.cab (Qualys BrowserCheck)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.67.2)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Mystery%20P.I.%20-%20The%20Vegas%20Heist/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9EA08207-2343-4ADE-B6CB-D8E7D27A2EDD}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mom\Pictures\2009-08-11 summer 09\summer 09 034.JPG
O24 - Desktop BackupWallPaper: C:\Users\Mom\Pictures\2009-08-11 summer 09\summer 09 034.JPG
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{79f51818-c539-11dd-9c1a-002354132958}\Shell - "" = AutoRun
O33 - MountPoints2\{79f51818-c539-11dd-9c1a-002354132958}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2014/10/26 10:53:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games for HP
[2014/10/18 20:03:48 | 000,000,000 | ---D | C] -- C:\dcc39b12c2316342209602a298
[2014/10/15 09:52:09 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/10/08 08:18:30 | 000,000,000 | ---D | C] -- C:\Users\Mom\Desktop\2014_10_08
[2014/10/06 10:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Mom\Documents\*.tmp files -> C:\Users\Mom\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/11/01 09:06:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/31 16:33:00 | 000,001,460 | ---- | M] () -- C:\Users\Mom\AppData\Local\d3d9caps64.dat
[2014/10/31 15:55:37 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/10/31 15:55:37 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/10/26 13:04:01 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3385600622-3777350188-503640899-1000UA.job
[2014/10/26 12:17:14 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/26 12:17:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/26 10:54:00 | 000,002,184 | ---- | M] () -- C:\Users\Mom\Application Data\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - hp.lnk
[2014/10/26 10:54:00 | 000,002,152 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2014/10/20 13:59:12 | 000,316,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/17 19:26:25 | 522,984,016 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/10/14 23:58:38 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3385600622-3777350188-503640899-1000Core.job
[2014/10/12 20:38:00 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/10/12 17:18:47 | 000,000,162 | -H-- | M] () -- C:\Users\Mom\Documents\~$orage Cover Letter.wps
[2014/10/09 20:42:13 | 000,000,482 | ---- | M] () -- C:\Users\Mom\Documents\cc_20141009_204159.reg
[2014/10/07 20:32:49 | 000,000,896 | ---- | M] () -- C:\Users\Mom\Documents\cc_20141007_203239.reg
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\Mom\Documents\*.tmp files -> C:\Users\Mom\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/10/12 17:18:47 | 000,000,162 | -H-- | C] () -- C:\Users\Mom\Documents\~$orage Cover Letter.wps
[2014/10/09 20:42:02 | 000,000,482 | ---- | C] () -- C:\Users\Mom\Documents\cc_20141009_204159.reg
[2014/10/08 17:57:00 | 522,984,016 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/10/07 20:32:41 | 000,000,896 | ---- | C] () -- C:\Users\Mom\Documents\cc_20141007_203239.reg
[2014/03/02 13:09:29 | 000,100,352 | ---- | C] () -- C:\Users\Mom\10380455.dot
[2012/01/30 23:03:48 | 000,001,460 | ---- | C] () -- C:\Users\Mom\AppData\Local\d3d9caps64.dat
[2010/06/27 10:10:48 | 000,001,356 | ---- | C] () -- C:\Users\Mom\AppData\Local\d3d9caps.dat
[2009/04/04 22:05:43 | 000,061,224 | ---- | C] () -- C:\Users\Mom\GoToAssistDownloadHelper.exe
[2009/03/10 20:38:55 | 000,049,664 | ---- | C] () -- C:\Users\Mom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/19 21:40:53 | 000,029,820 | ---- | C] () -- C:\Users\Mom\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2006/11/02 10:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/25 11:30:37 | 012,900,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/25 08:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 02:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 21:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2009/04/18 21:08:13 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\acccore
[2012/06/17 21:26:11 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Anarchy
[2011/12/15 16:00:42 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Atari
[2013/03/29 22:13:44 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\AVG2013
[2008/11/20 23:08:17 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Canon
[2010/08/08 00:09:10 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\FrostWire
[2011/03/19 09:59:11 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Gamelab
[2008/12/21 00:32:29 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Gold Casual Games
[2012/06/19 20:03:19 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\HdO Adventure
[2010/03/02 09:56:08 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Inspiration Software
[2009/06/13 21:53:06 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\iWin
[2011/12/15 15:58:26 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Leadertech
[2009/03/10 18:09:54 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Meridian93
[2009/08/09 13:17:15 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\MusicNet
[2009/01/04 20:04:58 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\NewSoft
[2012/07/08 20:22:22 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Oberon Media
[2012/06/21 19:49:24 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Oberonv1001
[2012/06/19 19:01:02 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Oberonv1002
[2013/09/13 22:37:05 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Oracle
[2009/07/23 10:41:51 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\QQ Games Plugin
[2014/09/13 20:38:06 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\qualys
[2008/11/20 09:26:10 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\ScanSoft
[2009/01/07 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\SecretIslandEng
[2010/12/26 13:43:05 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Sling Media
[2010/03/02 09:55:45 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Softland
[2009/05/27 15:30:44 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\SpinTop
[2012/07/08 20:32:52 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\SpinTop Games
[2011/03/19 20:52:30 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\SPORE Creature Creator
[2014/09/04 22:02:09 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Spotify
[2008/11/19 21:40:55 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\Template
[2010/08/02 16:54:38 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\TimeCalcPro
[2013/03/29 22:12:05 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\TuneUp Software
[2012/06/15 20:22:03 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\WildTangent
[2009/01/14 22:52:10 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\WildTangentv1001
[2009/02/14 16:33:06 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\WildTangentv1005
[2008/11/27 22:27:57 | 000,000,000 | ---D | M] -- C:\Users\Mom\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:30C74695
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:E0648389
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:402E8B54
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:822DC04E
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:3C7F3296
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:C15430E0
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:178D4338
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4AC9B4B7
< End of report >OTL Extras logfile created on: 11/1/2014 9:18:21 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mom\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.87 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 82.36% Memory free
9.89 Gb Paging File | 9.17 Gb Available in Paging File | 92.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.83 Gb Total Space | 287.88 Gb Free Space | 63.57% Space Free | Partition Type: NTFS
Drive D: | 12.93 Gb Total Space | 1.78 Gb Free Space | 13.74% Space Free | Partition Type: NTFS
Computer Name: MOM-PC | User Name: Mom | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 73 84 4B AA 07 6D CA 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BED8589-E5A4-4CBD-B7A7-D827CF3927B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0E1D9B6B-20AA-4FFF-9CF2-92303BF3599A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2D716D58-25F5-41B0-8BE7-B59C214C3051}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3EABE1FD-FCAC-4700-8941-4B44B436041A}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
"{C9170C4E-8D14-47E6-8336-61EC0653AB99}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00655F11-83B7-4CAB-921F-7C7BFCB0C7C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{007983DE-AB06-4037-94AF-67BF8EB5F3A7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0255C1F5-60A7-4CB2-9623-A68C7B53FC0D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{09B09FCF-D147-47CD-B54A-9B0F08D87FCF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{09E6A2E6-B855-48B4-910C-658449722DE6}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{0F767ECD-7E7B-4294-9FE2-34778970AA43}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1F101F61-6DE8-4E5E-86F2-E8FC1CC3C0A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{220F8DEC-E82C-4AE0-A9B6-D62D08A67CF6}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{2BFA2DC9-E455-4DE7-9DED-77386D35C837}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2FB3A894-3C39-4864-96FD-CABD6FE1A0BB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{381EA46D-C68C-495A-917A-347ED4FBA4D8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{47613990-ACBE-4A32-91A3-1B9A9AA910C4}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{4AF67053-6B56-4659-AA27-97F5D34FB4C0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4BC07BEE-7FA0-48B6-8DC3-E7BC988BC4BC}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{583F54C5-6F8A-49A6-AE93-E2CC0FF56D3D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{617D21CD-2109-41AF-9B8E-6D86A9A93A16}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{64B3C386-AB4F-488D-923F-600DD5C0F694}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{6E924960-B80D-4101-B287-248953AE199E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{7106915D-54A4-496A-ADF8-7F45AF5C1E55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{8454357A-627D-4EB8-949B-29FD170EB6E4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{8B52FC55-6AED-4C4B-B1D9-A2E0E577BB1E}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{90129FBD-B50D-42BA-9085-E6B1AC13BE72}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
"{A8710028-EB29-4F52-B90E-079B4FF6FF2F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{B3933F82-C9A1-44DA-A5BC-4AD3CD525FF3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B47B14D5-6482-4A41-8208-6A34BB1AD6A6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BD07EEC2-5430-49AB-A4E0-EFB50830C984}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\world of goo\worldofgoo.exe |
"{BDF49356-6D98-4384-87E1-97FC3654900D}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{BF3E40DA-CF1E-42E2-A1C8-90D5E0AD9BCA}" = dir=in | app=c:\users\mom\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C00E2430-32BF-4922-8AFF-4D8D8F367409}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CC4DBCA8-BC3C-4D12-ABC3-125491F095C4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{D3648357-6DDB-44F3-988A-FA1A8C8FFAC0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{D4370E52-7FF1-41AF-B6B9-0C5832897BB8}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D593CE1B-B503-457F-A206-62BFFC5D2DBE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DAB3966C-2F23-40C1-BB18-BC7AA91CEFDC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{DE1AE676-FF33-4839-A26D-02956C4724E8}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{DFED6007-2FC6-4AB4-8A22-B1D5D8422A01}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC9AF0DF-FDA6-47F1-B49F-6FCE4E0288B3}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
"{ED80D71A-2E4A-4E5E-8BEC-940563B5DC3D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EE11DDD8-74CA-4DEC-BD62-9CF2C4815199}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{F62A060D-E540-4323-BD7A-D382AA411C0D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"TCP Query User{F298138E-056B-4B85-9487-8ED4899F5029}C:\users\mom\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mom\appdata\roaming\spotify\spotify.exe |
"TCP Query User{FA780B92-6336-48E6-B2A0-F27CE2D6C361}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{806F6903-C7CA-4FC3-9CC7-763A2ED8AB92}C:\program files (x86)\logitech\vid hd\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"UDP Query User{D0D25A4B-6765-4C03-B7B1-74C067F4E9D8}C:\users\mom\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mom\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4274C1D4-6234-42EC-88B4-98817F662028}" = AVG 2013
"{4F619492-25AA-438F-A403-CFCEA3EC647B}" = AVG 2013
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFFF260C-F510-45BB-8F8E-1D4AC1232786}" = Adobe Photoshop Lightroom 3.3 64-bit
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"1ECD657E4445D4F72EB15751A07E4215BA450674" = Windows Driver Package - Livescribe (PulseUsb) DigitalPen (07/22/2009 2.1.6.0)
"AVG" = AVG 2013
"Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"Inspiration 9 PDF Driver_is1" = Inspiration 9 PDF Driver (novaPDF 7.0 printer)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Puran Defrag_is1" = Puran Defrag 7.3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{3E5DA526-F420-45A6-9F27-D2B5246D6823}" = Free Natural Text to Speech Reader 2008
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}" = HP Support Solutions Framework
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App for HP
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Search-Results Toolbar
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{ABB977BD-2CBF-4C4D-BB4C-AB415AA42DAA}" = Livescribe™ Desktop
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.07)
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}" = Hoyle Card Games 2005
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F31E534B-4199-4552-8154-5C130710D68E}" = HP Total Care Advisor
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"117485130" = Mystery P.I. - Lost in Los Angeles
"118744537" = Mystery PI The London Caper
"119285220" = Mystery P.I. - Stolen in San Francisco
"510005524" = Around the World in Eighty Days - Extended Edition
"510005536" = Mystery P.I. The Curious Case of Counterfeit Cove
"510005691" = Vacation Quest - Australia
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Aim Plugin for QQ Games" = Aim Plugin for QQ Games
"AIM_7" = AIM 7
"AIMTunes" = AIMTunes
"ATT-PRT22" = ATT-PRT22
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Canon MX310 series User Registration" = Canon MX310 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"GamesBar" = GamesBar 2.0.1.109
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"Inspiration 9" = Inspiration 9
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.1.0 (Standard)
"Logitech Vid" = Logitech Vid HD
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 32.0.3 (x86 en-US)" = Mozilla Firefox 32.0.3 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Mystery P.I. - The Vegas Heist" = Mystery P.I. - The Vegas Heist
"PokerStars" = PokerStars
"PokerStars.net" = PokerStars.net
"Product_Name" = Ouba
"QQ Games" = QQ Games
"RC_Vista.exe" = RC_Vista.exe
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 22000" = World of Goo
"Steam App 22010" = World of Goo Demo
"TabIt for Windows_is1" = TabIt version 2.03
"TimeCalcPro" = TimeCalcPro
"Video Mover_is1" = Video Mover
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-611499fc-c89b-41cd-ba93-3a7abc48036d" = Island Wars 2 Christmas Edition
"WTA-a9fd9b42-80d1-4d8f-b200-653c3cf9dcd1" = Ghost Encounters: Deadwood
"WTA-c9c0cf9c-042d-49af-b503-ff1c852c8b72" = Crazy Chicken Kart 2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = AT&T Yahoo! Internet Mail
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10/25/2014 9:41:25 PM | Computer Name = Mom-PC | Source = EventSystem | ID = 4609
Description =
Error - 10/25/2014 9:41:36 PM | Computer Name = Mom-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/26/2014 10:18:30 AM | Computer Name = Mom-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/26/2014 10:32:27 AM | Computer Name = Mom-PC | Source = EventSystem | ID = 4609
Description =
Error - 10/26/2014 1:06:50 PM | Computer Name = Mom-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/26/2014 1:08:50 PM | Computer Name = Mom-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 10/31/2014 4:59:37 PM | Computer Name = Mom-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/31/2014 5:32:01 PM | Computer Name = Mom-PC | Source = EventSystem | ID = 4609
Description =
Error - 11/1/2014 10:08:11 AM | Computer Name = Mom-PC | Source = WinMgmt | ID = 10
Description =
Error - 11/1/2014 10:11:56 AM | Computer Name = Mom-PC | Source = EventSystem | ID = 4609
Description =
[ System Events ]
Error - 10/31/2014 5:32:01 PM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 10/31/2014 5:32:09 PM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 10/31/2014 5:32:09 PM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 11/1/2014 10:08:11 AM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11/1/2014 10:08:11 AM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 11/1/2014 10:08:11 AM | Computer Name = Mom-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 11/1/2014 10:11:46 AM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 11/1/2014 10:11:56 AM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 11/1/2014 10:12:04 AM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
Error - 11/1/2014 10:12:04 AM | Computer Name = Mom-PC | Source = DCOM | ID = 10005
Description =
< End of report >
Edited by onnaday, 01 November 2014 - 09:41 AM.