Here they are: OTL.txt, Extras.txt and checkup.txt
OTL
OTL logfile created on: 6/29/2014 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.34% Memory free
7.60 Gb Paging File | 5.26 Gb Available in Paging File | 69.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.45 Gb Total Space | 402.64 Gb Free Space | 89.78% Space Free | Partition Type: NTFS
Drive D: | 17.01 Gb Total Space | 2.46 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
Computer Name: MATT-HP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/06/29 22:30:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Downloads\OTL.exe
PRC - [2014/06/06 00:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/11 22:18:06 | 000,129,216 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe
PRC - [2013/11/11 22:18:04 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
PRC - [2013/09/25 15:42:10 | 000,818,888 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/07/02 14:51:16 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/07/02 14:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/13 13:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 13:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2014/06/28 18:35:24 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2014/06/27 00:48:56 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/06/27 00:48:54 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8fff17f06bbc5391cc3557542fd45f38\IAStorUtil.ni.dll
MOD - [2014/06/26 00:55:40 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014/06/26 00:55:30 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/06/26 00:55:20 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/06/26 00:55:18 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dbc236ca6655e4e3839ee4f802eb3f99\System.Data.ni.dll
MOD - [2014/06/26 00:55:05 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014/06/26 00:54:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/06/26 00:54:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/06/26 00:54:36 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014/06/26 00:54:26 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/06/26 00:54:21 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/06/26 00:54:17 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/06/26 00:54:16 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/06/26 00:53:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/06/06 00:38:46 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
MOD - [2010/11/04 17:58:06 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/02/09 21:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 21:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 21:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 21:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 21:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 21:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 21:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 21:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/06/26 00:08:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/20 22:01:02 | 000,179,296 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2012/02/20 22:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2010/06/18 19:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/17 19:54:20 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/06/06 00:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:18:04 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
SRV - [2013/09/25 15:42:10 | 000,818,888 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/07/02 14:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/13 13:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/06/27 13:20:29 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2014/06/27 13:20:28 | 000,628,288 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014/06/27 13:20:28 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2013/11/11 22:18:00 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/11/11 22:18:00 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/11/11 22:18:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013/11/11 22:18:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/06/02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2011/06/02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/02 00:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/07/28 21:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/31 15:46:50 | 000,333,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/13 13:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/09/22 21:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE:64bit: - HKLM\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE - HKLM\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014/06/24 11:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Extensions
[2014/06/24 19:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\tiju9lj4.default\extensions
[2014/06/27 20:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/24 11:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/24 11:15:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/27 13:21:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:03 | 000,000,000 | ---D | M] (Gevaarlijke websiteblokkering) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:05 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:07 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:07 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1543418219-192751042-1498791824-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-800 Series" File not found
O4 - HKU\S-1-5-21-1543418219-192751042-1498791824-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_60)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_60)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C32801F-1730-4E1F-937F-23FF3D68E318}: DhcpNameServer = 207.69.188.186 207.69.188.187
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/06/28 18:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/06/28 18:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2014/06/27 21:48:30 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Adobe
[2014/06/27 20:02:15 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Oracle
[2014/06/27 20:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/27 20:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/27 20:00:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/27 20:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/27 20:00:53 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/27 19:39:56 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Macromedia
[2014/06/27 19:38:11 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/27 19:38:11 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/27 19:38:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/06/27 19:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2014/06/27 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2014/06/27 19:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2014/06/27 19:27:45 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2014/06/27 12:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2014/06/27 12:59:15 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2014/06/27 12:58:58 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2014/06/27 12:58:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2014/06/27 12:58:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/06/27 12:58:42 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014/06/27 12:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2014/06/27 12:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/06/27 12:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2014/06/27 12:58:29 | 000,628,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/06/27 12:58:29 | 000,092,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/06/27 01:11:31 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/06/27 01:11:31 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/06/27 00:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/06/27 00:21:20 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/06/26 14:34:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/06/26 13:43:34 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/06/26 13:43:34 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/06/26 13:43:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/06/26 13:43:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/06/26 01:13:08 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft Games
[2014/06/26 01:08:28 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\EmieUserList
[2014/06/26 01:08:28 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\EmieSiteList
[2014/06/26 01:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/06/25 14:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/06/25 14:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014/06/25 14:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/06/25 14:19:30 | 000,120,320 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMJAE.DLL
[2014/06/25 14:19:30 | 000,083,968 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBJAE.DLL
[2014/06/25 14:19:30 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2014/06/24 22:38:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/06/24 22:08:53 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2014/06/24 22:08:47 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/06/24 22:08:33 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/06/24 22:07:26 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/06/24 22:07:26 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2014/06/24 22:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/06/24 14:47:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/06/24 11:15:47 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Mozilla
[2014/06/24 11:15:47 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Mozilla
[2014/06/24 11:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/06/24 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/24 11:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/24 11:12:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Macromedia
[2014/06/24 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Adobe
[2014/06/24 11:05:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\hpqLog
[2014/06/24 11:05:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Intel Corporation
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\Searches
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/24 11:04:56 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/06/24 11:04:49 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Identities
[2014/06/24 11:04:47 | 000,000,000 | R--D | C] -- C:\Users\Matt\Contacts
[2014/06/24 11:04:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\VirtualStore
[2014/06/24 11:04:26 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Hewlett-Packard
[2014/06/24 10:58:32 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Hewlett-Packard
[2014/06/24 10:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders
[2014/06/24 10:56:59 | 000,000,000 | --SD | C] -- C:\Users\Matt\AppData\Roaming\Microsoft
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Videos
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Saved Games
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Pictures
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Music
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Links
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Favorites
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Downloads
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Documents
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Desktop
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Temporary Internet Files
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Templates
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Start Menu
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\SendTo
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Recent
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\PrintHood
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\NetHood
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Videos
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Pictures
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Music
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\My Documents
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Local Settings
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\History
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Cookies
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Application Data
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Application Data
[2014/06/24 10:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Matt\AppData
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Temp
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Media Center Programs
[2014/06/24 04:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
========== Files - Modified Within 30 Days ==========
[2014/06/29 22:30:56 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 22:30:56 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 22:28:59 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/29 22:28:59 | 000,661,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/29 22:28:59 | 000,121,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/29 22:21:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/29 22:21:35 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/28 21:22:05 | 000,774,004 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/28 21:11:34 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2014/06/28 21:11:24 | 000,416,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/28 18:35:42 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/06/28 18:28:36 | 000,269,346 | ---- | M] () -- C:\Users\Matt\Documents\Page 4 of PC Decrapifier.PNG
[2014/06/28 18:27:29 | 000,235,117 | ---- | M] () -- C:\Users\Matt\Documents\Page 3 of PC Decrapifier.PNG
[2014/06/28 18:26:23 | 000,293,736 | ---- | M] () -- C:\Users\Matt\Documents\Page 2 of PC Decrapifier.PNG
[2014/06/28 18:25:23 | 000,230,187 | ---- | M] () -- C:\Users\Matt\Documents\Page 1 of PC Decrapifier.PNG
[2014/06/27 20:00:44 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/27 20:00:42 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/27 20:00:42 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/06/27 20:00:42 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/06/27 19:38:11 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/27 19:38:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/27 19:29:24 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/06/27 19:28:51 | 000,002,655 | ---- | M] () -- C:\Users\Matt\Desktop\Microsoft Word.lnk
[2014/06/27 19:28:51 | 000,002,137 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2014/06/27 13:20:29 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klim6.sys
[2014/06/27 13:20:28 | 000,628,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/06/27 13:20:28 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/06/27 13:20:28 | 000,092,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/06/27 13:00:15 | 000,002,216 | ---- | M] () -- C:\Users\Matt\Desktop\Safe Money.lnk
[2014/06/27 12:59:15 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/06/27 00:12:34 | 001,049,314 | ---- | M] () -- C:\Windows\SysNative\oem15.inf
[2014/06/26 01:14:50 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\Mahjong Titans - Shortcut.lnk
[2014/06/26 01:13:58 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\FreeCell - Shortcut.lnk
[2014/06/26 01:11:44 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\Solitaire - Shortcut.lnk
[2014/06/26 00:08:40 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/26 00:08:40 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/25 14:53:44 | 000,099,884 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page3 as of 245 pm.PNG
[2014/06/25 14:52:40 | 000,102,499 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page2 as of 245 pm.PNG
[2014/06/25 14:50:32 | 000,117,884 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page1 as of 245 pm.PNG
[2014/06/25 12:48:01 | 000,099,495 | ---- | M] () -- C:\Users\Matt\Documents\List of Window Updates 1.PNG
[2014/06/24 14:50:43 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/06/24 14:50:43 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/06/24 11:15:41 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/24 11:12:37 | 000,001,437 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
========== Files Created - No Company Name ==========
[2014/06/28 18:40:25 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2014/06/28 18:35:42 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/06/28 18:28:35 | 000,269,346 | ---- | C] () -- C:\Users\Matt\Documents\Page 4 of PC Decrapifier.PNG
[2014/06/28 18:27:29 | 000,235,117 | ---- | C] () -- C:\Users\Matt\Documents\Page 3 of PC Decrapifier.PNG
[2014/06/28 18:26:23 | 000,293,736 | ---- | C] () -- C:\Users\Matt\Documents\Page 2 of PC Decrapifier.PNG
[2014/06/28 18:25:23 | 000,230,187 | ---- | C] () -- C:\Users\Matt\Documents\Page 1 of PC Decrapifier.PNG
[2014/06/27 19:29:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/06/27 19:28:51 | 000,002,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2014/06/27 19:28:51 | 000,002,657 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2014/06/27 19:28:51 | 000,002,655 | ---- | C] () -- C:\Users\Matt\Desktop\Microsoft Word.lnk
[2014/06/27 19:28:51 | 000,002,591 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Publisher.lnk
[2014/06/27 19:28:51 | 000,002,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2014/06/27 13:00:15 | 000,002,216 | ---- | C] () -- C:\Users\Matt\Desktop\Safe Money.lnk
[2014/06/27 12:59:27 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/06/27 00:22:33 | 000,774,004 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/27 00:12:39 | 001,049,314 | ---- | C] () -- C:\Windows\SysNative\oem15.inf
[2014/06/27 00:10:57 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/06/26 13:58:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/06/26 01:14:50 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\Mahjong Titans - Shortcut.lnk
[2014/06/26 01:13:58 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\FreeCell - Shortcut.lnk
[2014/06/26 01:11:44 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\Solitaire - Shortcut.lnk
[2014/06/26 00:08:40 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/26 00:08:40 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/25 14:53:44 | 000,099,884 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page3 as of 245 pm.PNG
[2014/06/25 14:52:40 | 000,102,499 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page2 as of 245 pm.PNG
[2014/06/25 14:50:32 | 000,117,884 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page1 as of 245 pm.PNG
[2014/06/25 12:48:01 | 000,099,495 | ---- | C] () -- C:\Users\Matt\Documents\List of Window Updates 1.PNG
[2014/06/24 22:08:51 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/06/24 22:08:29 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/06/24 22:07:37 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/06/24 22:07:36 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/06/24 22:07:36 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/06/24 14:48:24 | 000,000,287 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoJack Pro for HP ProtectTools.url
[2014/06/24 14:47:41 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/24 11:15:41 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/24 11:15:40 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/24 11:12:37 | 000,001,437 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/24 11:04:57 | 000,001,413 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/24 10:58:03 | 000,002,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk
[2014/06/24 10:58:03 | 000,002,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2014/06/24 10:58:03 | 000,002,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
[2014/06/24 10:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/24 10:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Extras
OTL Extras logfile created on: 6/29/2014 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Matt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.34% Memory free
7.60 Gb Paging File | 5.26 Gb Available in Paging File | 69.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.45 Gb Total Space | 402.64 Gb Free Space | 89.78% Space Free | Partition Type: NTFS
Drive D: | 17.01 Gb Total Space | 2.46 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
Computer Name: MATT-HP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{156B1879-59B3-40FE-A688-61223AE242E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{171BAC62-5AA0-4862-9289-943F074E9AAA}" = lport=138 | protocol=17 | dir=in | app=system |
"{1763D503-145D-4476-B548-A7AEC031C768}" = lport=139 | protocol=6 | dir=in | app=system |
"{300004D9-799B-43D7-AF4D-C7764FA04470}" = lport=137 | protocol=17 | dir=in | app=system |
"{3A93DD58-42B1-4765-A8EE-DA24CB0AE293}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3FAF0DDF-7943-4106-B2CE-3D8D894F69F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{4A65CD11-00EF-4B48-AB4A-AE28F345D218}" = rport=445 | protocol=6 | dir=out | app=system |
"{4F210C44-2D1B-418F-9274-29CE128115F1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5424A7D1-D17E-4FD7-858E-683C3C8A1DAD}" = rport=139 | protocol=6 | dir=out | app=system |
"{59EAB6AA-5010-44E9-ACD0-B6902967E15A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BE2F569-4165-4B24-809E-2A379FB4B31F}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C2C5212-2F82-4933-8CF3-EBAE679F298E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69DFAE3D-AC37-4CDE-9090-A523D4092575}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7349242D-8AF8-4F2F-A3E6-512CA9C7006D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8637B547-3FB1-4091-8638-93832CBB9506}" = lport=2869 | protocol=6 | dir=in | app=system |
"{94034794-6651-4544-BCB7-66C055ECF250}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{986CD0B7-47F1-44B1-8DA6-7AB153CD49A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B58C94C-CE0C-4003-B842-7A6E5526B752}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5EFC869-2FA5-4BB5-A8C3-634FE0ED0913}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D93CA894-87ED-4858-9498-395671F41B7C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DB35C5EC-8664-4C97-BCF0-188E7E075E39}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1A20AB6-F0CF-41EA-8CEC-4D4A5184DCFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E5E8760D-B702-43D7-9027-62B7F15A1418}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBA618FC-73E7-49A3-93AD-F97CF78C754F}" = lport=445 | protocol=6 | dir=in | app=system |
"{F8B927EE-C2DD-456C-BAF1-6E3C9E5603EF}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06CCC6E8-19C4-4208-95DF-1F99ED67C2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{0D39D18F-235C-4185-BE4D-60F20B5C1890}" = protocol=58 | dir=in | [email protected],-28545 |
"{1544F60F-37DC-4377-8518-3C9BB733E08A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15E6EECB-A486-4FB1-8C3F-92B98AD243EF}" = protocol=1 | dir=out | [email protected],-28544 |
"{17A66A65-949F-4C66-B53C-42ECC97340DF}" = protocol=17 | dir=in | app=c:\users\matt\appdata\local\temp\7zseb09.tmp\symnrt.exe |
"{20478FAD-2754-49AF-93DB-26FFC93B8C6B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{373FF768-82D1-4CD8-9E92-3DA8E0CC10CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F8C8074-A764-4273-90AA-421FF9D299CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{650DCD98-612F-4480-9FBE-F30AF27EB7ED}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6847E7CB-F286-4F05-A52F-A3F274176F3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7837C061-3E41-41DF-A99A-E1C11B5B741F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{786AFBBC-6AA9-4FBD-817C-21821FC9CF07}" = protocol=6 | dir=out | app=system |
"{8091681B-BFE7-4DDA-A96B-AF803343CBA6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{812C1F9C-AAAA-4CC3-9442-E3F04076C6AA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{8B247DD9-F73D-4F45-BE74-D27EBDC5C7A8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D2A6972-ECC4-4C69-9AB9-1804A4E475CB}" = protocol=6 | dir=in | app=c:\users\matt\appdata\local\temp\7zseb09.tmp\symnrt.exe |
"{8EFC17FA-88AC-4EBF-BC71-1E829AA14B12}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8F43BEA9-D1C6-4E1E-AEA3-F27DB894A2E4}" = protocol=1 | dir=in | [email protected],-28543 |
"{91B9962C-8E4D-4723-B9E9-E85479F3E23C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A31702F8-E56E-43DD-A0B2-58D0445F07D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9CAA06C-543D-4115-9D69-F44FC67AF587}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B28E134A-5180-4F79-8F41-45F8A2E6262B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BAD65572-4D11-496D-9668-E610345E41FF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{DF3FCC78-D152-4707-A6A6-1DC8AA4648F9}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{E42AA9A6-03B9-441B-9D8D-A6FB9400A6E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EA609901-980A-4326-917D-18FA6B4F9B55}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF2AF5FC-C912-46C7-9683-59FDE9CB6AEA}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{F0E7955D-15BF-4E42-B1E9-A7BBCE247CFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3BE834E-3562-4A9A-A377-9328AAE3EFAB}" = protocol=58 | dir=out | [email protected],-28546 |
"{FE892826-FD9F-434F-A516-617E4FB20D08}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"EPSON XP-800 Series" = EPSON XP-800 Series Printer Uninstall
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4F74D585-BCDB-4316-80FC-264E5B8E883E}" = HP Software Framework
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{69ABD67D-5C2E-4724-B519-695DEF3EC23B}" = HP Documentation
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 6/24/2014 10:41:15 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: CinemanowSvc.exe, version: 1.9.2.0, time
stamp: 0x4bf64371 Faulting module name: gdiplus.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4a5bd976 Exception code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting
process id: 0x55c Faulting application start time: 0x01cf90027f4df9b1 Faulting application
path: C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
Faulting
module path: gdiplus.dll Report Id: 2d207830-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 10:41:17 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: HPWMISVC.exe, version: 2.0.14.0, time stamp:
0x4c175e63 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting process id: 0x5b8 Faulting application
start time: 0x01cf9002813d17ea Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
Quick Launch\HPWMISVC.exe Faulting module path: unknown Report Id: 2e13448c-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 10:41:18 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: LMS.exe, version: 6.0.40.1213, time stamp:
0x4b8ee3ba Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting process id: 0x5ec Faulting application
start time: 0x01cf900281978c34 Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\LMS\LMS.exe Faulting module path: unknown Report Id:
2ec82d21-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 10:41:18 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: hpqwmiex.exe, version: 3.5.11.1, time stamp:
0x4b2aa34e Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting process id: 0xe88 Faulting application
start time: 0x01cf9002a61f3fa0 Faulting application path: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
Faulting
module path: unknown Report Id: 2ef0a485-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 10:41:19 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: IAStorDataMgrSvc.exe, version: 9.6.2.1001,
time stamp: 0x4bc4a166 Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting process id:
0x9ac Faulting application start time: 0x01cf9002d78d92b6 Faulting application path:
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting
module path: unknown Report Id: 2f88fc97-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 10:41:22 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: UNS.exe, version: 6.0.40.1213, time stamp:
0x4b8ee429 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x74c16cc4 Faulting process id: 0x860 Faulting application
start time: 0x01cf9002d8878333 Faulting application path: C:\Program Files (x86)\Intel\Intel®
Management Engine Components\UNS\UNS.exe Faulting module path: unknown Report Id:
30ee0b00-fc12-11e3-ba35-aa778840f58a
Error - 6/24/2014 11:25:58 PM | Computer Name = Matt-HP | Source = ESENT | ID = 215
Description = WinMail (3324) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 6/24/2014 11:26:03 PM | Computer Name = Matt-HP | Source = ESENT | ID = 215
Description = WinMail (3572) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 6/25/2014 1:07:38 PM | Computer Name = Matt-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.
Error - 6/25/2014 1:08:17 PM | Computer Name = Matt-HP | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
[ HP Wireless Assistant Events ]
Error - 6/24/2014 1:06:58 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:07:09 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:07:19 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:07:29 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:07:40 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:07:50 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:08:00 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:08:11 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:08:21 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 6/24/2014 1:08:31 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObject.Initialize(Boolean
getObject) at System.Management.ManagementBaseObject.get_Properties() at System.Management.ManagementBaseObject.GetPropertyValue(String
propertyName) at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
[ System Events ]
Error - 6/24/2014 10:56:44 PM | Computer Name = Matt-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88
Description = The system was hibernated due to a critical thermal event. Hibernate
Time = 2014-06-25T02:56:44.313982400Z ACPI Thermal Zone = ACPI\ThermalZone\TSZ0
_HOT = 360K
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The CinemaNow Service service terminated unexpectedly. It has done
this 1 time(s).
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly. It has done this 1
time(s).
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7031
Description = The Intel® Management and Security Application Local Management
Service service terminated unexpectedly. It has done this 1 time(s). The following
corrective action will be taken in 10000 milliseconds: Restart the service.
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The hpqwmiex service terminated unexpectedly. It has done this 1
time(s).
Error - 6/26/2014 12:13:00 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The Intel® Management & Security Application User Notification Service
service terminated unexpectedly. It has done this 1 time(s).
Error - 6/26/2014 12:13:05 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Intel®
Management and Security Application Local Management Service service to connect.
Error - 6/26/2014 12:13:05 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7000
Description = The Intel® Management and Security Application Local Management
Service service failed to start due to the following error: %%1053
Error - 6/26/2014 12:46:37 AM | Computer Name = Matt-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88
Description = The system was hibernated due to a critical thermal event. Hibernate
Time = 2014-06-26T04:46:37.890651800Z ACPI Thermal Zone = ACPI\ThermalZone\TSZ0
_HOT = 360K
Error - 6/26/2014 2:11:32 PM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%16405
< End of report >
checkup
Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Kaspersky PURE 3.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 14.0.0.125
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````
Kaspersky Lab Kaspersky PURE 3.0 avp.exe
Kaspersky Lab Kaspersky PURE 3.0 klwtblfs.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
Kathy