Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 will not load, all option safe mode... end up at a black scr


  • Please log in to reply

#61
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Here they are:  OTL.txt, Extras.txt and checkup.txt

 

OTL

 

OTL logfile created on: 6/29/2014 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Matt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.34% Memory free
7.60 Gb Paging File | 5.26 Gb Available in Paging File | 69.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.45 Gb Total Space | 402.64 Gb Free Space | 89.78% Space Free | Partition Type: NTFS
Drive D: | 17.01 Gb Total Space | 2.46 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
 
Computer Name: MATT-HP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/29 22:30:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Matt\Downloads\OTL.exe
PRC - [2014/06/06 00:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/11 22:18:06 | 000,129,216 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe
PRC - [2013/11/11 22:18:04 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
PRC - [2013/09/25 15:42:10 | 000,818,888 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010/07/02 14:51:16 | 000,027,192 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010/07/02 14:48:24 | 000,602,680 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/04/13 13:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 13:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/06/28 18:35:24 | 000,037,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2014/06/27 00:48:56 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/06/27 00:48:54 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8fff17f06bbc5391cc3557542fd45f38\IAStorUtil.ni.dll
MOD - [2014/06/26 00:55:40 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll
MOD - [2014/06/26 00:55:30 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/06/26 00:55:20 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/06/26 00:55:18 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dbc236ca6655e4e3839ee4f802eb3f99\System.Data.ni.dll
MOD - [2014/06/26 00:55:05 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll
MOD - [2014/06/26 00:54:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/06/26 00:54:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/06/26 00:54:36 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll
MOD - [2014/06/26 00:54:26 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/06/26 00:54:21 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/06/26 00:54:17 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/06/26 00:54:16 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/06/26 00:53:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/06/06 00:38:46 | 003,852,912 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
MOD - [2010/11/04 17:58:06 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/02/09 21:58:30 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/02/09 21:58:28 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/02/09 21:58:24 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2010/02/09 21:58:24 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2010/02/09 21:58:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2010/02/09 21:58:22 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2010/02/09 21:58:18 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2010/02/09 21:58:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/26 00:08:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/02/20 22:01:02 | 000,179,296 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2012/02/20 22:01:02 | 000,151,648 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2010/06/18 19:26:18 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/06/17 19:54:20 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)
SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/06/06 00:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/11 22:18:04 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
SRV - [2013/09/25 15:42:10 | 000,818,888 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2010/07/02 14:51:16 | 000,027,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010/05/21 05:28:36 | 000,140,272 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/04/13 13:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 15:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/18 15:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/27 13:20:29 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2014/06/27 13:20:28 | 000,628,288 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014/06/27 13:20:28 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2013/11/11 22:18:00 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2013/11/11 22:18:00 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/11/11 22:18:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2013/11/11 22:18:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/06/02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2011/06/02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/02 00:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/07/28 21:10:42 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/05/31 15:46:50 | 000,333,928 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/04/13 13:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/09/17 16:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/09/22 21:39:56 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE:64bit: - HKLM\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE - HKLM\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes,DefaultScope = {F55BFE62-DE3E-4FAF-93AE-B339C30DA847}
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{0A5B4F4D-7D2C-40B9-8980-A8B41AAE9AB2}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{85E072BA-9915-46FE-A0CE-F504F784C413}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{BBD6AE0F-DF1F-4F45-9261-7C96606286E0}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\..\SearchScopes\{F55BFE62-DE3E-4FAF-93AE-B339C30DA847}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1543418219-192751042-1498791824-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: url_advisor%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: virtual_keyboard%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: content_blocker%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: online_banking%40kaspersky.com:13.0.2.691
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected] [2014/06/27 13:21:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2014/06/24 11:16:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Extensions
[2014/06/24 19:27:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\tiju9lj4.default\extensions
[2014/06/27 20:02:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/06/24 11:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/24 11:15:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/06/27 13:21:03 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:03 | 000,000,000 | ---D | M] (Gevaarlijke websiteblokkering) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:05 | 000,000,000 | ---D | M] (Safe Money) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:07 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
[2014/06/27 13:21:07 | 000,000,000 | ---D | M] (Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY PURE 3.0\FFEXT\[email protected]
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1543418219-192751042-1498791824-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJAE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-800 Series" File not found
O4 - HKU\S-1-5-21-1543418219-192751042-1498791824-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {CAFEEFAC-0017-0000-0060-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_60)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_60)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C32801F-1730-4E1F-937F-23FF3D68E318}: DhcpNameServer = 207.69.188.186 207.69.188.187
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/28 18:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2014/06/28 18:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2014/06/27 21:48:30 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Adobe
[2014/06/27 20:02:15 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Oracle
[2014/06/27 20:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/06/27 20:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/06/27 20:00:59 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/27 20:00:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/06/27 20:00:53 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/27 19:39:56 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Macromedia
[2014/06/27 19:38:11 | 000,699,056 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/27 19:38:11 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/27 19:38:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/06/27 19:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2014/06/27 19:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ActiveSync
[2014/06/27 19:28:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2014/06/27 19:27:45 | 000,000,000 | ---D | C] -- C:\Windows\ShellNew
[2014/06/27 12:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
[2014/06/27 12:59:15 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2014/06/27 12:58:58 | 000,066,616 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys
[2014/06/27 12:58:56 | 000,084,536 | ---- | C] (Infowatch) -- C:\Windows\SysNative\drivers\CSCrySec.sys
[2014/06/27 12:58:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014/06/27 12:58:42 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2014/06/27 12:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InfoWatch
[2014/06/27 12:58:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014/06/27 12:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2014/06/27 12:58:29 | 000,628,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/06/27 12:58:29 | 000,092,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/06/27 01:11:31 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/06/27 01:11:31 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/06/27 00:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/06/27 00:21:20 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/06/26 14:34:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/06/26 13:43:34 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/06/26 13:43:34 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/06/26 13:43:34 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/06/26 13:43:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/06/26 01:13:08 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft Games
[2014/06/26 01:08:28 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\EmieUserList
[2014/06/26 01:08:28 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\EmieSiteList
[2014/06/26 01:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2014/06/25 14:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/06/25 14:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014/06/25 14:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/06/25 14:19:30 | 000,120,320 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMJAE.DLL
[2014/06/25 14:19:30 | 000,083,968 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBJAE.DLL
[2014/06/25 14:19:30 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2014/06/24 22:38:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2014/06/24 22:08:53 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys
[2014/06/24 22:08:47 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/06/24 22:08:33 | 000,116,224 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2014/06/24 22:07:26 | 000,093,696 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2014/06/24 22:07:26 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2014/06/24 22:03:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2014/06/24 14:47:49 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/06/24 11:15:47 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Mozilla
[2014/06/24 11:15:47 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Mozilla
[2014/06/24 11:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/06/24 11:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/06/24 11:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/06/24 11:12:50 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Macromedia
[2014/06/24 11:12:43 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Adobe
[2014/06/24 11:05:12 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\hpqLog
[2014/06/24 11:05:11 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Intel Corporation
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\Searches
[2014/06/24 11:04:56 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/06/24 11:04:56 | 000,000,000 | -H-D | C] -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/06/24 11:04:49 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Identities
[2014/06/24 11:04:47 | 000,000,000 | R--D | C] -- C:\Users\Matt\Contacts
[2014/06/24 11:04:45 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\VirtualStore
[2014/06/24 11:04:26 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Hewlett-Packard
[2014/06/24 10:58:32 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Hewlett-Packard
[2014/06/24 10:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders
[2014/06/24 10:56:59 | 000,000,000 | --SD | C] -- C:\Users\Matt\AppData\Roaming\Microsoft
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Videos
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Saved Games
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Pictures
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Music
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Links
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Favorites
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Downloads
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Documents
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\Desktop
[2014/06/24 10:56:59 | 000,000,000 | R--D | C] -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Temporary Internet Files
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Templates
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Start Menu
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\SendTo
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Recent
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\PrintHood
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\NetHood
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Videos
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Pictures
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Documents\My Music
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\My Documents
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Local Settings
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\History
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Cookies
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\Application Data
[2014/06/24 10:56:59 | 000,000,000 | -HSD | C] -- C:\Users\Matt\AppData\Local\Application Data
[2014/06/24 10:56:59 | 000,000,000 | -H-D | C] -- C:\Users\Matt\AppData
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Temp
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Local\Microsoft
[2014/06/24 10:56:59 | 000,000,000 | ---D | C] -- C:\Users\Matt\AppData\Roaming\Media Center Programs
[2014/06/24 04:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/29 22:30:56 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 22:30:56 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/29 22:28:59 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/29 22:28:59 | 000,661,894 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/29 22:28:59 | 000,121,730 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/29 22:21:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/29 22:21:35 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/28 21:22:05 | 000,774,004 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/28 21:11:34 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2014/06/28 21:11:24 | 000,416,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/06/28 18:35:42 | 000,002,145 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/06/28 18:28:36 | 000,269,346 | ---- | M] () -- C:\Users\Matt\Documents\Page 4 of PC Decrapifier.PNG
[2014/06/28 18:27:29 | 000,235,117 | ---- | M] () -- C:\Users\Matt\Documents\Page 3 of PC Decrapifier.PNG
[2014/06/28 18:26:23 | 000,293,736 | ---- | M] () -- C:\Users\Matt\Documents\Page 2 of PC Decrapifier.PNG
[2014/06/28 18:25:23 | 000,230,187 | ---- | M] () -- C:\Users\Matt\Documents\Page 1 of PC Decrapifier.PNG
[2014/06/27 20:00:44 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/06/27 20:00:42 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/06/27 20:00:42 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/06/27 20:00:42 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/06/27 19:38:11 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/06/27 19:38:11 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/06/27 19:29:24 | 000,000,376 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/06/27 19:28:51 | 000,002,655 | ---- | M] () -- C:\Users\Matt\Desktop\Microsoft Word.lnk
[2014/06/27 19:28:51 | 000,002,137 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2014/06/27 13:20:29 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klim6.sys
[2014/06/27 13:20:28 | 000,628,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/06/27 13:20:28 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/06/27 13:20:28 | 000,092,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/06/27 13:00:15 | 000,002,216 | ---- | M] () -- C:\Users\Matt\Desktop\Safe Money.lnk
[2014/06/27 12:59:15 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/06/27 00:12:34 | 001,049,314 | ---- | M] () -- C:\Windows\SysNative\oem15.inf
[2014/06/26 01:14:50 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\Mahjong Titans - Shortcut.lnk
[2014/06/26 01:13:58 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\FreeCell - Shortcut.lnk
[2014/06/26 01:11:44 | 000,000,136 | ---- | M] () -- C:\Users\Matt\Desktop\Solitaire - Shortcut.lnk
[2014/06/26 00:08:40 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/26 00:08:40 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/25 14:53:44 | 000,099,884 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page3 as of 245 pm.PNG
[2014/06/25 14:52:40 | 000,102,499 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page2 as of 245 pm.PNG
[2014/06/25 14:50:32 | 000,117,884 | ---- | M] () -- C:\Users\Matt\Documents\list of window updates page1 as of 245 pm.PNG
[2014/06/25 12:48:01 | 000,099,495 | ---- | M] () -- C:\Users\Matt\Documents\List of Window Updates 1.PNG
[2014/06/24 14:50:43 | 000,039,219 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/06/24 14:50:43 | 000,039,219 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/06/24 11:15:41 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/24 11:12:37 | 000,001,437 | ---- | M] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 
========== Files Created - No Company Name ==========
 
[2014/06/28 18:40:25 | 000,000,328 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMatt.job
[2014/06/28 18:35:42 | 000,002,145 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2014/06/28 18:28:35 | 000,269,346 | ---- | C] () -- C:\Users\Matt\Documents\Page 4 of PC Decrapifier.PNG
[2014/06/28 18:27:29 | 000,235,117 | ---- | C] () -- C:\Users\Matt\Documents\Page 3 of PC Decrapifier.PNG
[2014/06/28 18:26:23 | 000,293,736 | ---- | C] () -- C:\Users\Matt\Documents\Page 2 of PC Decrapifier.PNG
[2014/06/28 18:25:23 | 000,230,187 | ---- | C] () -- C:\Users\Matt\Documents\Page 1 of PC Decrapifier.PNG
[2014/06/27 19:29:24 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/06/27 19:28:51 | 000,002,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Outlook.lnk
[2014/06/27 19:28:51 | 000,002,657 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
[2014/06/27 19:28:51 | 000,002,655 | ---- | C] () -- C:\Users\Matt\Desktop\Microsoft Word.lnk
[2014/06/27 19:28:51 | 000,002,591 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Publisher.lnk
[2014/06/27 19:28:51 | 000,002,137 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2014/06/27 13:00:15 | 000,002,216 | ---- | C] () -- C:\Users\Matt\Desktop\Safe Money.lnk
[2014/06/27 12:59:27 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
[2014/06/27 00:22:33 | 000,774,004 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/06/27 00:12:39 | 001,049,314 | ---- | C] () -- C:\Windows\SysNative\oem15.inf
[2014/06/27 00:10:57 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/06/26 13:58:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/06/26 01:14:50 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\Mahjong Titans - Shortcut.lnk
[2014/06/26 01:13:58 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\FreeCell - Shortcut.lnk
[2014/06/26 01:11:44 | 000,000,136 | ---- | C] () -- C:\Users\Matt\Desktop\Solitaire - Shortcut.lnk
[2014/06/26 00:08:40 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/06/26 00:08:40 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/06/25 14:53:44 | 000,099,884 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page3 as of 245 pm.PNG
[2014/06/25 14:52:40 | 000,102,499 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page2 as of 245 pm.PNG
[2014/06/25 14:50:32 | 000,117,884 | ---- | C] () -- C:\Users\Matt\Documents\list of window updates page1 as of 245 pm.PNG
[2014/06/25 12:48:01 | 000,099,495 | ---- | C] () -- C:\Users\Matt\Documents\List of Window Updates 1.PNG
[2014/06/24 22:08:51 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2014/06/24 22:08:29 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2014/06/24 22:07:37 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2014/06/24 22:07:36 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2014/06/24 22:07:36 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2014/06/24 14:48:24 | 000,000,287 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoJack Pro for HP ProtectTools.url
[2014/06/24 14:47:41 | 3062,255,616 | -HS- | C] () -- C:\hiberfil.sys
[2014/06/24 11:15:41 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/06/24 11:15:40 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/06/24 11:12:37 | 000,001,437 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/06/24 11:04:57 | 000,001,413 | ---- | C] () -- C:\Users\Matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/06/24 10:58:03 | 000,002,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk
[2014/06/24 10:58:03 | 000,002,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2014/06/24 10:58:03 | 000,002,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish.lnk
[2014/06/24 10:56:59 | 000,000,290 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/06/24 10:56:59 | 000,000,272 | ---- | C] () -- C:\Users\Matt\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

 

Extras

 

OTL Extras logfile created on: 6/29/2014 10:32:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Matt\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 53.34% Memory free
7.60 Gb Paging File | 5.26 Gb Available in Paging File | 69.20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.45 Gb Total Space | 402.64 Gb Free Space | 89.78% Space Free | Partition Type: NTFS
Drive D: | 17.01 Gb Total Space | 2.46 Gb Free Space | 14.45% Space Free | Partition Type: NTFS
 
Computer Name: MATT-HP | User Name: Matt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1543418219-192751042-1498791824-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{156B1879-59B3-40FE-A688-61223AE242E0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{171BAC62-5AA0-4862-9289-943F074E9AAA}" = lport=138 | protocol=17 | dir=in | app=system |
"{1763D503-145D-4476-B548-A7AEC031C768}" = lport=139 | protocol=6 | dir=in | app=system |
"{300004D9-799B-43D7-AF4D-C7764FA04470}" = lport=137 | protocol=17 | dir=in | app=system |
"{3A93DD58-42B1-4765-A8EE-DA24CB0AE293}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3FAF0DDF-7943-4106-B2CE-3D8D894F69F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{4A65CD11-00EF-4B48-AB4A-AE28F345D218}" = rport=445 | protocol=6 | dir=out | app=system |
"{4F210C44-2D1B-418F-9274-29CE128115F1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5424A7D1-D17E-4FD7-858E-683C3C8A1DAD}" = rport=139 | protocol=6 | dir=out | app=system |
"{59EAB6AA-5010-44E9-ACD0-B6902967E15A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5BE2F569-4165-4B24-809E-2A379FB4B31F}" = rport=137 | protocol=17 | dir=out | app=system |
"{5C2C5212-2F82-4933-8CF3-EBAE679F298E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69DFAE3D-AC37-4CDE-9090-A523D4092575}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7349242D-8AF8-4F2F-A3E6-512CA9C7006D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8637B547-3FB1-4091-8638-93832CBB9506}" = lport=2869 | protocol=6 | dir=in | app=system |
"{94034794-6651-4544-BCB7-66C055ECF250}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{986CD0B7-47F1-44B1-8DA6-7AB153CD49A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B58C94C-CE0C-4003-B842-7A6E5526B752}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5EFC869-2FA5-4BB5-A8C3-634FE0ED0913}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D93CA894-87ED-4858-9498-395671F41B7C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DB35C5EC-8664-4C97-BCF0-188E7E075E39}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E1A20AB6-F0CF-41EA-8CEC-4D4A5184DCFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E5E8760D-B702-43D7-9027-62B7F15A1418}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBA618FC-73E7-49A3-93AD-F97CF78C754F}" = lport=445 | protocol=6 | dir=in | app=system |
"{F8B927EE-C2DD-456C-BAF1-6E3C9E5603EF}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06CCC6E8-19C4-4208-95DF-1F99ED67C2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{0D39D18F-235C-4185-BE4D-60F20B5C1890}" = protocol=58 | dir=in | [email protected],-28545 |
"{1544F60F-37DC-4377-8518-3C9BB733E08A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15E6EECB-A486-4FB1-8C3F-92B98AD243EF}" = protocol=1 | dir=out | [email protected],-28544 |
"{17A66A65-949F-4C66-B53C-42ECC97340DF}" = protocol=17 | dir=in | app=c:\users\matt\appdata\local\temp\7zseb09.tmp\symnrt.exe |
"{20478FAD-2754-49AF-93DB-26FFC93B8C6B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{373FF768-82D1-4CD8-9E92-3DA8E0CC10CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F8C8074-A764-4273-90AA-421FF9D299CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{650DCD98-612F-4480-9FBE-F30AF27EB7ED}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{6847E7CB-F286-4F05-A52F-A3F274176F3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7837C061-3E41-41DF-A99A-E1C11B5B741F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{786AFBBC-6AA9-4FBD-817C-21821FC9CF07}" = protocol=6 | dir=out | app=system |
"{8091681B-BFE7-4DDA-A96B-AF803343CBA6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{812C1F9C-AAAA-4CC3-9442-E3F04076C6AA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{8B247DD9-F73D-4F45-BE74-D27EBDC5C7A8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D2A6972-ECC4-4C69-9AB9-1804A4E475CB}" = protocol=6 | dir=in | app=c:\users\matt\appdata\local\temp\7zseb09.tmp\symnrt.exe |
"{8EFC17FA-88AC-4EBF-BC71-1E829AA14B12}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8F43BEA9-D1C6-4E1E-AEA3-F27DB894A2E4}" = protocol=1 | dir=in | [email protected],-28543 |
"{91B9962C-8E4D-4723-B9E9-E85479F3E23C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A31702F8-E56E-43DD-A0B2-58D0445F07D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A9CAA06C-543D-4115-9D69-F44FC67AF587}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B28E134A-5180-4F79-8F41-45F8A2E6262B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BAD65572-4D11-496D-9668-E610345E41FF}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{DF3FCC78-D152-4707-A6A6-1DC8AA4648F9}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{E42AA9A6-03B9-441B-9D8D-A6FB9400A6E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EA609901-980A-4326-917D-18FA6B4F9B55}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF2AF5FC-C912-46C7-9683-59FDE9CB6AEA}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{F0E7955D-15BF-4E42-B1E9-A7BBCE247CFB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F3BE834E-3562-4A9A-A377-9328AAE3EFAB}" = protocol=58 | dir=out | [email protected],-28546 |
"{FE892826-FD9F-434F-A516-617E4FB20D08}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}" = HP Wireless Assistant
"{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}" = RtVOsd
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"EPSON XP-800 Series" = EPSON XP-800 Series Printer Uninstall
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F03217060FF}" = Java 7 Update 60
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}" = HP Power Manager
"{4F74D585-BCDB-4316-80FC-264E5B8E883E}" = HP Software Framework
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{69ABD67D-5C2E-4724-B519-695DEF3EC23B}" = HP Documentation
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ECF7817-DB11-4FBA-9DF1-296A578D513A}" = Adobe Shockwave Player 11.5
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.3 MUI
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}" = HP Quick Launch
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"HP Photo Creations" = HP Photo Creations
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/24/2014 10:41:15 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: CinemanowSvc.exe, version: 1.9.2.0, time
 stamp: 0x4bf64371  Faulting module name: gdiplus.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4a5bd976  Exception code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting
 process id: 0x55c  Faulting application start time: 0x01cf90027f4df9b1  Faulting application
 path: C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
Faulting
 module path: gdiplus.dll  Report Id: 2d207830-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 10:41:17 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: HPWMISVC.exe, version: 2.0.14.0, time stamp:
 0x4c175e63  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting process id: 0x5b8  Faulting application
 start time: 0x01cf9002813d17ea  Faulting application path: C:\Program Files (x86)\Hewlett-Packard\HP
 Quick Launch\HPWMISVC.exe  Faulting module path: unknown  Report Id: 2e13448c-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 10:41:18 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: LMS.exe, version: 6.0.40.1213, time stamp:
 0x4b8ee3ba  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting process id: 0x5ec  Faulting application
 start time: 0x01cf900281978c34  Faulting application path: C:\Program Files (x86)\Intel\Intel®
 Management Engine Components\LMS\LMS.exe  Faulting module path: unknown  Report Id:
 2ec82d21-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 10:41:18 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: hpqwmiex.exe, version: 3.5.11.1, time stamp:
 0x4b2aa34e  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting process id: 0xe88  Faulting application
 start time: 0x01cf9002a61f3fa0  Faulting application path: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
Faulting
 module path: unknown  Report Id: 2ef0a485-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 10:41:19 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: IAStorDataMgrSvc.exe, version: 9.6.2.1001,
 time stamp: 0x4bc4a166  Faulting module name: unknown, version: 0.0.0.0, time stamp:
 0x00000000  Exception code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting process id:
 0x9ac  Faulting application start time: 0x01cf9002d78d92b6  Faulting application path:
 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting
 module path: unknown  Report Id: 2f88fc97-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 10:41:22 PM | Computer Name = Matt-HP | Source = Application Error | ID = 1000
Description = Faulting application name: UNS.exe, version: 6.0.40.1213, time stamp:
 0x4b8ee429  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x74c16cc4  Faulting process id: 0x860  Faulting application
 start time: 0x01cf9002d8878333  Faulting application path: C:\Program Files (x86)\Intel\Intel®
 Management Engine Components\UNS\UNS.exe  Faulting module path: unknown  Report Id:
 30ee0b00-fc12-11e3-ba35-aa778840f58a
 
Error - 6/24/2014 11:25:58 PM | Computer Name = Matt-HP | Source = ESENT | ID = 215
Description = WinMail (3324) WindowsMail0: The backup has been stopped because it
 was halted by the client or the connection with the client failed.
 
Error - 6/24/2014 11:26:03 PM | Computer Name = Matt-HP | Source = ESENT | ID = 215
Description = WinMail (3572) WindowsMail0: The backup has been stopped because it
 was halted by the client or the connection with the client failed.
 
Error - 6/25/2014 1:07:38 PM | Computer Name = Matt-HP | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
 Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value
 "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
 "version" in element "assemblyIdentity" is invalid.
 
Error - 6/25/2014 1:08:17 PM | Computer Name = Matt-HP | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "c:\program files (x86)\windows
 live\photo gallery\MovieMaker.Exe".Error in manifest or policy file "c:\program
 files (x86)\windows live\photo gallery\WLMFDS.DLL" on line 8.  Component identity
 found in manifest does not match the identity of the component requested.  Reference
 is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".  Definition
 is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Please use
 sxstrace.exe for detailed diagnosis.
 
[ HP Wireless Assistant Events ]
Error - 6/24/2014 1:06:58 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:07:09 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:07:19 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:07:29 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:07:40 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:07:50 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:08:00 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:08:11 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:08:21 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 6/24/2014 1:08:31 PM | Computer Name = Matt-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
 (Exception from HRESULT: 0x800706BA)    at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     at System.Management.ManagementScope.InitializeGuts(Object
 o)     at System.Management.ManagementScope.Initialize()     at System.Management.ManagementObject.Initialize(Boolean
 getObject)     at System.Management.ManagementBaseObject.get_Properties()     at System.Management.ManagementBaseObject.GetPropertyValue(String
 propertyName)     at HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
[ System Events ]
Error - 6/24/2014 10:56:44 PM | Computer Name = Matt-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88
Description = The system was hibernated due to a critical thermal event.  Hibernate
 Time = 2014-06-25T02:56:44.313982400Z                ACPI Thermal Zone = ACPI\ThermalZone\TSZ0

              _HOT = 360K
 
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The CinemaNow Service service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The HPWMISVC service terminated unexpectedly.  It has done this 1
time(s).
 
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7031
Description = The Intel® Management and Security Application Local Management
Service service terminated unexpectedly.  It has done this 1 time(s).  The following
 corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error - 6/26/2014 12:12:55 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The hpqwmiex service terminated unexpectedly.  It has done this 1
time(s).
 
Error - 6/26/2014 12:13:00 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7034
Description = The Intel® Management & Security Application User Notification Service
 service terminated unexpectedly.  It has done this 1 time(s).
 
Error - 6/26/2014 12:13:05 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Intel®
 Management and Security Application Local Management Service service to connect.
 
Error - 6/26/2014 12:13:05 AM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7000
Description = The Intel® Management and Security Application Local Management
Service service failed to start due to the following error:   %%1053
 
Error - 6/26/2014 12:46:37 AM | Computer Name = Matt-HP | Source = Microsoft-Windows-Kernel-Power | ID = 88
Description = The system was hibernated due to a critical thermal event.  Hibernate
 Time = 2014-06-26T04:46:37.890651800Z                ACPI Thermal Zone = ACPI\ThermalZone\TSZ0

              _HOT = 360K
 
Error - 6/26/2014 2:11:32 PM | Computer Name = Matt-HP | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
 error:   %%16405
 
 
< End of report >
 

 

 

checkup

 

 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
Kaspersky PURE 3.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 60  
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 14.0.0.125  
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (30.0)
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky PURE 3.0 avp.exe  
 Kaspersky Lab Kaspersky PURE 3.0 klwtblfs.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 5%
````````````````````End of Log``````````````````````
 

 

Kathy


  • 0

Advertisements


#62
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Did it make a difference if I ran it from the desktop or from the 'download' folder?  I ask because of all the errors at the bottom of the EXTRAS.txt


  • 0

#63
iammykyl

iammykyl

    Tech Staff

  • Technician
  • 7,047 posts

As far as I know, makes no difference, the errors would still be reported.

When the Log has been interpreted, you will get fix instructions. 


  • 0

#64
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,494 posts
Thank you iammykyl. There are a few errors that I would like to take a closer look at, which as you know would still have been documented no matter where OTL was downloaded to.

@ Kathy,

Do you happen to have a can of compressed air in your possession? Not sure if that will resolve the critical thermal event error or not, though it wouldn't be a bad idea to give the laptop a thorough cleaning to remove the dust bunnies out that have gathered over the years and eliminate the possibility of that being the cause of the overheating error. Also point the compressed air at the keyboard and give it a good cleaning, too.

You do have a couple programs outdated. Here's a program that you can install that will audit the software on the computer and provide proper links for updates when outdated:

Download and install FileHippo Update Checker.

An icon will appear in your task bar near the clock that looks like this >> taskbaricon.jpg

When you hover your cursor over the icon it will display how many updates are needed and when clicked upon will open a web page and provide download links to those updates that are needed.

More instructions to come after we have a closer look at the logs.
  • 0

#65
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

I have compressed air and will do it again.  If you want I can also take the keyboard and laptop apart.  When I feel it overheating I've be using a big fan to blow on the input area.  I will download the file checker and let you know.

Kathy


  • 0

#66
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Kaspersky would not allow me to download new versions - saying Trojan:

 

Kaspersky PURE 3.0
Access denied
The requested URL cannot be provided

The requested object at the URL:

http://secure.oinstaller6.com/o/
freedownloadmanager_fdm/setup.exe?
filedescription=freedownloadmanager_fdm&
subid=google_freedownloadmanager-display
-filehippo-us-300x250-downloadnex-495719
37878&user_id=b5c50961-b27c-4583-bd86-ba
76bf8806bd&thankyouurl=http://downloadac
tivation.com/thanks%3fsource%3dgoogle_fr
eedownloadmanager-display-filehippo-us-3
00x250-downloadnex-49571937878%26offer%3
dfreedownloadmanager%26subid2%3dfilehipp
o.com%26userid%3db5c50961-b27c-4583-bd86
-ba76bf8806bd%26adprovider%3dgoogle_down
loadnex.com%26reason%3dcomplete%26earlyp
op&cancelurl=http://downloadactivation.
com/thanks%3fsource%3dgoogle_freedownloa
dmanager-display-filehippo-us-300x250-do
wnloadnex-49571937878%26offer%3dfreedown
loadmanager%26subid2%3dfilehippo.
com%26userid%3db5c50961-b27c-4583-bd86-b
a76bf8806bd%26adprovider%3dgoogle_downlo
adnex.com&tmpvar=123456&adprovider=
google_downloadnex.com&subid2=&subid3=
filehippo.com&et=

Detected threat:

object is infected by HEUR:Trojan.Win32.Generic

Message generated: 7:26:22 PM


  • 0

#67
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,494 posts

If you want I can also take the keyboard and laptop apart. When I feel it overheating I've be using a big fan to blow on the input area.

If you feel confidant to take the laptop apart and clean from the inside out, that would be best to prevent from pushing the dust and dirt further into the laptop.
 

Kaspersky would not allow me to download new versions - saying Trojan:


Has to be false positives. Are you given the opportunity to add the sites to exceptions? If not, please provide a list of the software that is outdated and I can provide legit sites for you to download the updates from...

"I have removed shortcuts to EBAY and HP Games and the PC Decrapifier also had it listed."


You just right clicked and deleted the desktop shortcut icons and did not remove the programs themselves. Correct? Did you remove anything with PCDecrapifier yet?
  • 0

#68
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

For decraper I am reviewing each one with the Help option.  There a quite a few I do not know if I need.   No sense in uninstalling Kaspersky or Microsoft Office that I just added to the system.  This tool appears similar to the Control Panals Add Remove Programs.  Would you like to see the list?  I have screenprinted the pages into a word document and then converted to a pdf (not everyone has Word).  If yes - is there a way I can attach the pdf to the post?

 

Kathy


  • 0

#69
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,494 posts
Concerning the shortcuts to EBAY and HP Games that you said that you removed, did you just right click and delete the desktop shortcut icons and leave the programs installed in Programs and Features? Have you removed anything with PCDecrapifier yet?

The help option will describe the program in detail and you can then decide if you will ever use the program or not. Manufacturers install these programs to advertise for the publisher of the software and if I am not mistaken the manufacturers are paid for doing so.

The tool audits the Programs and Features and provides a list of all programs that can be safely removed that will not affect the functioning of Windows.

I don't have Word either. Can't afford to buy it for what little I would use it for. The following instructions should provide an idea how to attach a file.


How to attach a file:
  • Below Fast Reply box click on Use Full Editor button.
  • Scroll down and click on Browse button.
  • Click on Desktop (or where ever the file is located that you want to attach) found in left pane.
  • Scroll to find the image saved to Desktop (or where ever it may be located) and click on the image/file.
  • Click the Open button.
  • Click the Attach This File button.
  • Click Add Reply button once you have completed your post and are ready to submit.
Not sure if the follow detailed tutorial would apply since the forum software has been updated. Let me know if the instructions are wrong:

How to add an attachment:
  • 0

#70
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Attached File  Results of Decraper.pdf   1003.42KB   292 downloads

 

ebay icon was only right click/delete.  The HP games I removed another way - add/remove programs or looked for the file folder and deleted that - don't remember.

 

Lets see if the attachment works.


  • 0

Advertisements


#71
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Ran FileHippo and updated anything that was not in Beta Test.  Ran Decrapper and reviewed them all with the Help option.  I decided to delete

CinemaNow Media Manager,

All CyberLink items,

Energy Star Digital Logo,

all items from Hewlett-Packard (I hope that one doesn't get me later),

Microsoft Silverlight,

SQL Server,  

Visual C++ Compact Edition, 2005 Redistributable, 2008 Redistributable x64 with lower build date and 2008 Redistributable x86 with lower build date. and finally

Windows Live (essentials, ID sign-in, Sync, Upload Tool).

 

Whats Next?


  • 0

#72
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,494 posts
My apologies for the delay. I had quite an eventful 4th of July! I hope you had a blast as well!!

How is the computer functioning at this time?? Any issues or questions?
  • 0

#73
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Everything seems fine!  It might be a second or two slower but that may be my paranoia for all the things I deleted with de-crapper. What's next?  I had a great weekend also!


  • 0

#74
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,494 posts
Hi Kathy,

Do surf about a bit for a couple days and see how it goes. At this time I am discussing with my associates other possible methods for backups. The recovery discs may certainly come in handy, though there is a much more efficient way to accomplish restoring the laptop to "as is" condition other than using the recovery discs and having to get the system up to date and personalized to your liking. I would save those as a last resort.

Many of my fellow associates recommend Macrium Reflect. I have experimented with the free version in the past though my knowledge is vague. You are more than welcome to start a thread in the Applications Forums. We have quite a few members here at Geeks to Go! who are very well educated with the use of imaging and cloning software.

Donna :)
  • 0

#75
khphoto1

khphoto1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

I have your latest post.  I'll surf  around making sure the PC keeps working.  I'll also look at Macrium Reflect and The Applications Forum.  I'll check back after the weekend. Kathy


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP