Extras.txt
OTL Extras logfile created on: 8/10/2013 10:34:07 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moar\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
2.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 52.51% Memory free
5.97 Gb Paging File | 4.08 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 350.43 Gb Free Space | 78.14% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.48 Gb Free Space | 74.39% Space Free | Partition Type: FAT32
Computer Name: MOAR-LAPTOP | User Name: Moar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [UWS_CLR1] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr2x86.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Directory [UWS_CLR2] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr2AnyCPU.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Directory [UWS_CLR4] -- "C:\Program Files\UltiDev\Web Server\\UWS.InteractiveServer.Clr4AnyCPU.exe" "/path:%1" /port:0 /vdir:/ /dirbrowsing:yes (UltiDev LLC)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D205CDD-5406-4E9C-A4AE-AC44E7819DFC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FBA35A9-A590-4918-BC4F-45831B6554B5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1C0050BF-293F-4CC4-A641-0FF03A520165}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27A095B7-87B5-42D1-92A4-69BF5545C7E9}" = lport=5677 | protocol=6 | dir=in | name=ultidev web server pro |
"{39A830E5-DA1B-4AAF-AE11-314BBAEECE65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B393DCD-F095-461C-B1E5-E191D57A370F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{439658B9-4FEF-49E6-90EF-0BEB4ECA4186}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CA6CEE2-63BB-4790-8CCC-6A057F369AC0}" = rport=445 | protocol=6 | dir=out | app=system |
"{6F6F01F0-55D1-4882-8D73-B13731EA75C3}" = rport=138 | protocol=17 | dir=out | app=system |
"{80C0EF5B-BCD4-4FE1-B0AA-6608F2CFEC75}" = lport=2909 | protocol=6 | dir=in | name=ultidev web server pro |
"{867C7F51-B7CD-4371-B2A4-24FA20B74A41}" = lport=56777 | protocol=6 | dir=in | name=ultidev web server pro |
"{928618D0-BB2B-4259-BBA4-D26D2833A7F9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A88432B1-3723-4B1E-AF85-BF732A733034}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BC0F0F71-25A6-4EB0-BD09-79F834AE0DEE}" = lport=139 | protocol=6 | dir=in | app=system |
"{BD428994-9B52-4534-86A8-BF76CE3E3895}" = rport=139 | protocol=6 | dir=out | app=system |
"{C6B86A87-A398-45B5-A42D-A18CC3111995}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CA095258-7580-4D71-8B54-52B8C74EE524}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D5909143-6025-4B7A-BE91-E7DCEA429491}" = lport=138 | protocol=17 | dir=in | app=system |
"{D774ACFC-5BD8-4A69-9DC8-4E6E2781897E}" = lport=8080 | protocol=6 | dir=in | name=ultidev web server pro |
"{DAFA8A80-91F0-48E7-97CA-9018754939B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{DB3E1AD6-6A9A-4C84-AED6-6AE1CB3603F0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DD6768D1-E214-43CF-B236-672C621D2A44}" = lport=7756 | protocol=6 | dir=in | name=ultidev web server pro |
"{DD82ABAA-1CCB-4C6C-9FCB-DD39AC8E6775}" = lport=445 | protocol=6 | dir=in | app=system |
"{DFD6893E-E219-4287-BA4A-67E893810A97}" = rport=137 | protocol=17 | dir=out | app=system |
"{E191B205-E76E-43C3-A811-EDF2BE0B9817}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E23F7837-FACD-40A8-B654-4731CFDD7821}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EDCF53A3-04C4-481B-BABF-5F59E0828EBE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F2723B74-113B-4645-BF8A-AF46EB22FA8E}" = lport=137 | protocol=17 | dir=in | app=system |
"{F4899494-2643-462B-A68B-6FA623A21853}" = lport=80 | protocol=6 | dir=in | name=ultidev web server pro |
"{F920A14C-067B-40F1-A3E4-1954E67BFA28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD4592F6-93D5-4C52-928D-AF6660040BF6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01952522-06E3-47E6-85C9-98AEB0B4380B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13488955-132A-47D8-A6B6-3D10E6D0A2A5}" = protocol=58 | dir=in |
[email protected],-28545 |
"{28B8FD19-9858-4A77-AEB7-45E4105259B8}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{2B583B1E-591B-4458-961E-FEC4D84FDB0B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2CCEE22F-F0F5-4099-94F3-19210410749E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{3D85FAB4-F6C5-4D89-BE8F-E02FCF64C06C}" = dir=in | app=c:\program files\agdata\phoenix 6.5\phoenix6.exe |
"{3E1B6CE1-FDB6-436E-BA2C-8E750B7DF2C1}" = protocol=1 | dir=in |
[email protected],-28543 |
"{428E9388-A975-4974-A082-5A2FB85E932B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{575F1859-D029-4B37-B2FE-4C19E7DDF5FA}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{581987B4-1A88-41AB-B0E8-BF1901665D98}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5C13D632-DB5C-4392-8823-91AC607BBF5D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6030F979-9E88-44D7-BED6-446C46B9CDBC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{635390B8-C925-4A37-9BE0-AC4B815A672F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{662B0B23-78F0-46E1-AB16-79E3D23C984E}" = protocol=6 | dir=out | app=system |
"{6845A4F4-5F27-4961-BCC1-D98AA283C269}" = protocol=58 | dir=out |
[email protected],-28546 |
"{696B3897-3049-42EF-B194-B91F3C75DA44}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6D914A37-B2D6-480D-BD82-3D595C57E4C0}" = protocol=1 | dir=out |
[email protected],-28544 |
"{74AE84B0-C0B8-434A-9E3A-E80C32140002}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{75927B4A-4A7C-47FB-9AC3-B26E7F61E3F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7B06A2AA-89BB-4CFF-8E76-5982FF6B6760}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{97002BFD-2E23-41C6-979E-038EE2190BF3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CDD9F943-6DF6-4B14-AF62-7C1C758F80C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D0EBD520-3CB6-4B06-B949-88B85C15B4A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D0F02E86-62CC-4B09-B58F-426342413115}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DFCA4991-A1D4-4783-B6A7-1ECE6383FC2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E404BA24-9081-4FE6-8559-8A5FFFFDF54F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F0523A25-6B10-471A-97B7-5DA90E56F757}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F6C38650-EEE6-440E-B8CD-931F04637060}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{18BA61B2-D827-4F2D-A74B-8C7E71B4E3C2}C:\program files\sony\media go\mediago.exe" = protocol=6 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"TCP Query User{E928A0D0-0AA7-4188-BEB0-31AB53C38C4A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{066B1444-2E62-428D-A6B8-C76C5966F066}C:\program files\sony\media go\mediago.exe" = protocol=17 | dir=in | app=c:\program files\sony\media go\mediago.exe |
"UDP Query User{FE1D6E24-D4D6-43F7-90BA-21AD5B7FF0AC}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{016E43D3-6E3A-507C-5180-08A592A09D93}" = CCC Help Russian
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{049F82E6-AA8C-D885-07A0-FF69690DD9C5}" = CCC Help Chinese Standard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AFBCD38-7E68-B685-7A1A-DC3F11C0DF7F}" = ATI Catalyst Install Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0EAB8F33-5A3E-BE80-3D11-7BBD79FB002A}" = CCC Help Thai
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21385719-E020-4ED8-A3D4-6B46D0E5DAB1}" = ArcSoft TotalMedia
"{223B174E-DAB0-4892-AFE7-7E03AFD61426}" = Overseer (Ulti)
"{2606650A-9367-D0AE-EF8D-CF627C9082E4}" = Catalyst Control Center Graphics Previews Vista
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{26D96CA0-8751-4CCF-955E-AFE7D38F0ECD}" = HerdMASTER Suite
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}" = HP Power Assistant
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{345E500B-471A-593B-BCEA-EE73E391CFBD}" = CCC Help Korean
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{350F790E-5C32-4B3A-8AAB-B0478BB76D11}" = Privacy Manager for HP ProtectTools
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{3556F018-53B9-2715-5F8A-4C40E529DA76}" = CCC Help Hungarian
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{3AFE7AB6-76A5-4616-B0A7-A852B6E9E032}" = Art and Stitch
"{3B347E5E-B717-B7F1-CFD0-E120CB85CDD8}" = ccc-utility
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DADB23F-94E6-4E4D-AFE8-15DE4395E8F3}" = Microsoft Security Client
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{4112625F-2D38-49EF-924F-48511BC5CD34}" = SQL Server 2008 R2 Database Engine Services
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{466AA29C-0BE5-902A-BD90-D87C846CD947}" = CCC Help Turkish
"{46A5EF84-99CF-2BA6-EF3E-5438190CBA5F}" = Catalyst Control Center Localization All
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{480E1460-BEEA-828B-9802-82C440EA5E5B}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{586414D6-B3E1-F163-223D-D298E80727E1}" = CCC Help Czech
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5DCBD841-3768-4D3A-8517-65BFB87E05D3}" = Validity Fingerprint Driver
"{5DFE5A09-5030-6B21-6E8E-987FAD247BD2}" = CCC Help Polish
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6283B16A-66AE-48F9-BCA5-9EABDAE1790B}" = MYOB Accounting Plus v18 ED
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67C090D6-109A-47D7-8DED-4160C4D96F32}" = HP 3D DriveGuard
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7861911B-4270-498A-8F7A-FCF0570F487D}" = HP QuickWeb
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{7D90F99D-0D3A-9B0F-1AB6-4C142098A23C}" = CCC Help Portuguese
"{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}" = Media Go Video Playback Engine 1.88.110.12050
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8111D017-F77E-4387-B07E-4C4ACF4866FA}" = CCC Help Norwegian
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}" = Drive Encryption for HP ProtectTools
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0590BF-9036-47D5-BBE7-50590649760C}" = HP ProtectTools Security Manager
"{8C3059B3-B804-42BB-909B-25864C7D33E3}" = HP Documentation
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F9AD9CF-0FF9-4723-A946-B4C9F76E7DFA}" = UltiDev Web Server Pro
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.AccessR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.AccessR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.AccessR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.AccessR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2010
"{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9742CB30-C01E-436F-826F-0BF862A7D763}" = Phoenix 6.5
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEAB1B-72AC-4C99-B5CB-C9B37C86F11F}" = Catalyst Control Center - Branding
"{9FA32684-39EF-10A1-4896-95A28BD2A51C}" = CCC Help English
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A60F1207-CB8B-DFE4-B0B2-28781A9918F5}" = CCC Help Greek
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B31E60DA-0FB3-8C8F-7F00-8FC5A2E716A6}" = CCC Help Danish
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8E9F8A1-9F4D-43D5-ABD6-1DF067FAA469}" = SQL Server 2008 R2 Database Engine Services
"{BB922B1F-5CFB-C323-F35C-517FA74BF17E}" = CCC Help French
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7FD3148-0065-253C-E0A9-62C1B2307421}" = CCC Help Italian
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}" = WinZip 15.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"{D3E71122-71F0-C06F-A482-8997D22301F4}" = CCC Help Japanese
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D89F6F7C-1966-9408-40A7-4877F5A85005}" = ccc-core-static
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}" = Media Go
"{DC1F523C-FB0A-885F-CC3F-FA7E749213B6}" = CCC Help Dutch
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}" = HP Software Framework
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}" = Face Recognition for HP ProtectTools
"{E9729C11-2758-5F56-B661-3D99498454CA}" = CCC Help Spanish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2177395-FD90-44B0-AFB8-2E0566855E5C}" = HP Power Data
"{F626688A-B307-2D16-DDCE-F24633F848F2}" = Catalyst Control Center InstallProxy
"{F75A2405-6EF2-8651-3C36-FEA98F6681ED}" = CCC Help German
"{F7E55D3B-D675-4511-6B36-2766DC819432}" = CCC Help Chinese Traditional
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F9DB9D94-7ABF-4FF0-AE71-4FC9DAB7D4A1}" = HP QuickLook
"{FC023480-A05B-ED84-877F-547EA3CD3DCB}" = CCC Help Finnish
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"2DC0AA065FA83047D7ECD51C7000C1620D79A4C5" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"51A4D522DD31538335EF5736F0E7F588C70BCB12" = Windows Driver Package - FTDI CDM Driver Package (02/17/2009 2.04.16)
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"CCleaner" = CCleaner
"Drive Encryption" = Drive Encryption for HP ProtectTools
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HPProtectTools" = HP ProtectTools Security Manager
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{6283B16A-66AE-48F9-BCA5-9EABDAE1790B}" = MYOB Accounting Plus v18 ED
"InstallShield_{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Office14.AccessR" = Microsoft Access 2010
"PDF Complete" = PDF Complete Special Edition
"P-Plus" = P-Plus
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 8/6/2013 9:56:37 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4025
Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5023
Error - 8/6/2013 9:56:38 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5023
Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6037
Error - 8/6/2013 9:56:39 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6037
Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7082
Error - 8/6/2013 9:56:40 PM | Computer Name = Moar-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7082
[ Hewlett-Packard Events ]
Error - 5/14/2013 9:19:28 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 60 TargetSite: Void UpdateAndDetect()
Error - 5/22/2013 7:25:37 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 5/28/2013 9:56:07 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 6/4/2013 9:34:50 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 50 TargetSite: Void UpdateAndDetect()
Error - 6/11/2013 9:20:11 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 6/19/2013 12:29:13 AM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: TargetSite: Void UpdateAndDetect()
Error - 6/30/2013 11:49:06 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 7/4/2013 5:03:03 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 7/9/2013 9:50:53 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
Error - 7/17/2013 8:43:35 PM | Computer Name = Moar-Laptop | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace:
at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect()
at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe
Version:
06.00.01.01 Path: C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
en-US RAM: 3055 Ram Utilization: 40 TargetSite: Void UpdateAndDetect()
[ HP Power Assistant Events ]
Error - 8/9/2013 4:09:59 AM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)
at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)
Error - 8/9/2013 5:57:50 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 8/9/2013 5:57:51 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).
Error - 8/9/2013 5:57:51 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)
at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)
Error - 8/9/2013 6:22:36 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 8/9/2013 6:22:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).
Error - 8/9/2013 6:22:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)
at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)
Error - 8/9/2013 6:32:36 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Current OS (processorVersion=32, version=6.1, servicePack=1.0) not
found in the dat file.
Error - 8/9/2013 6:32:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).
Error - 8/9/2013 6:32:37 PM | Computer Name = Moar-Laptop | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)
at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)
[ HP Wireless Assistant Events ]
Error - 11/6/2010 3:35:24 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 11/6/2010 3:35:24 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()
Error - 11/6/2010 3:35:26 AM | Computer Name = OR055N592I12M | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597 at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
calibration) at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 8/29/2012 7:38:34 PM | Computer Name = Moar-Laptop | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Call was canceled by the
message filter. (Exception from HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) at
System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode,
IntPtr errorInfo) at System.Management.ManagementScope.InitializeGuts(Object
o) at System.Management.ManagementScope.Initialize() at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get() at HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) at HPPA_Service.CurrentConfiguration.ApplyDeviceManagerState(List`1
radios) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ Media Center Events ]
Error - 4/5/2011 9:40:47 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 1:40:44 p.m. - Error connecting to the internet. 1:40:44 p.m. -
Unable to contact server..
Error - 4/15/2011 6:52:13 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 10:52:13 a.m. - Error connecting to the internet. 10:52:13 a.m. -
Unable to contact server..
Error - 4/15/2011 6:52:21 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 10:52:18 a.m. - Error connecting to the internet. 10:52:18 a.m. -
Unable to contact server..
Error - 4/15/2011 11:49:49 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 3:49:49 p.m. - Error connecting to the internet. 3:49:49 p.m. -
Unable to contact server..
Error - 4/15/2011 11:49:59 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 3:49:54 p.m. - Error connecting to the internet. 3:49:54 p.m. -
Unable to contact server..
Error - 4/26/2011 1:26:31 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 5:26:31 p.m. - Error connecting to the internet. 5:26:31 p.m. -
Unable to contact server..
Error - 4/26/2011 1:26:39 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 5:26:36 p.m. - Error connecting to the internet. 5:26:36 p.m. -
Unable to contact server..
Error - 4/26/2011 2:26:44 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 6:26:44 p.m. - Error connecting to the internet. 6:26:44 p.m. -
Unable to contact server..
Error - 4/26/2011 2:26:49 AM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 6:26:49 p.m. - Error connecting to the internet. 6:26:49 p.m. -
Unable to contact server..
Error - 5/13/2011 9:59:14 PM | Computer Name = Moar-Laptop | Source = MCUpdate | ID = 0
Description = 1:59:11 p.m. - Error connecting to the internet. 1:59:11 p.m. -
Unable to contact server..
[ OSession Events ]
Error - 11/11/2011 12:26:58 AM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 209454
seconds with 600 seconds of active time. This session ended with a crash.
Error - 3/12/2012 4:05:07 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 69935
seconds with 240 seconds of active time. This session ended with a crash.
Error - 7/8/2012 11:03:31 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 878
seconds with 180 seconds of active time. This session ended with a crash.
Error - 7/13/2012 4:35:11 PM | Computer Name = Moar-Laptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 131
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 7/24/2013 6:44:43 PM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =
Error - 7/24/2013 9:25:45 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.631.0 Update Source: %%859 Update Stage:
%%852 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 8/2/2013 2:17:20 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1274.0 Update Source: %%859 Update Stage:
%%852 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 8/4/2013 9:31:46 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%853 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 8/4/2013 9:31:46 PM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%853 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024001e Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 8/5/2013 3:23:57 AM | Computer Name = Moar-Laptop | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.155.1466.0 Update Source: %%859 Update Stage:
%%852 Source Path:
http://www.microsoft.com Signature Type: %%800 Update Type: %%803
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9700.0 Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 8/7/2013 5:40:47 AM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =
Error - 8/9/2013 1:06:10 AM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =
Error - 8/9/2013 5:56:19 PM | Computer Name = Moar-Laptop | Source = DCOM | ID = 10010
Description =
Error - 8/9/2013 6:24:45 PM | Computer Name = Moar-Laptop | Source = Service Control Manager | ID = 7034
Description = The File Sanitizer for HP ProtectTools service terminated unexpectedly.
It has done this 1 time(s).
< End of report >
OTL.txt
OTL logfile created on: 8/10/2013 10:34:07 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Moar\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: New Zealand | Language: ENZ | Date Format: d/MM/yyyy
2.98 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 52.51% Memory free
5.97 Gb Paging File | 4.08 Gb Available in Paging File | 68.31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 350.43 Gb Free Space | 78.14% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.48 Gb Free Space | 74.39% Space Free | Partition Type: FAT32
Computer Name: MOAR-LAPTOP | User Name: Moar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
PRC - [2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\IDT\WDM\AEstSrv.exe
PRC - [2013/07/25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/06/20 17:25:44 | 000,995,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013/05/16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013/05/16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013/05/15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/30 14:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/11/23 14:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
PRC - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe
PRC - [2012/05/09 21:15:12 | 000,029,696 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr4.AnyCPU.exe
PRC - [2012/05/09 21:15:12 | 000,029,184 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.AppHost.Clr2.AnyCpu.exe
PRC - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe
PRC - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe
PRC - [2011/02/25 17:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/05 11:23:02 | 000,376,832 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010/06/19 11:25:12 | 001,691,192 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
PRC - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
PRC - [2010/06/09 18:04:02 | 002,831,648 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2010/06/09 18:04:02 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
PRC - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
PRC - [2010/04/06 06:11:54 | 000,008,192 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
PRC - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 16:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010/03/02 05:26:40 | 000,256,056 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
PRC - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2009/12/12 12:57:38 | 011,265,536 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
PRC - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
PRC - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) -- C:\Windows\System32\uArcCapture.exe
PRC - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
PRC - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
PRC - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2009/07/14 13:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\windows\System32\wbem\WMIADAP.EXE
========== Modules (No Company Name) ========== MOD - [2013/07/18 21:01:15 | 000,113,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll
MOD - [2013/07/18 21:01:15 | 000,092,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll
MOD - [2013/07/16 14:29:31 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\c57eba08ab60f48e7d57228849d92a34\System.Web.ni.dll
MOD - [2013/07/16 14:29:25 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\89fe719039385377f6b5ad8d0070aa6b\System.Runtime.Remoting.ni.dll
MOD - [2013/07/14 10:21:13 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a7a3ebc76a454af37918211506e81e31\System.Management.ni.dll
MOD - [2013/07/14 10:21:12 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ae317486cd9abc8b617e5a71e193ce78\IAStorUtil.ni.dll
MOD - [2013/07/13 17:27:44 | 002,297,856 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
MOD - [2013/07/13 17:27:39 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013/07/13 17:27:15 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
MOD - [2013/07/13 17:27:03 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
MOD - [2013/07/13 17:26:56 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
MOD - [2013/07/13 17:26:53 | 012,238,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
MOD - [2013/07/13 17:26:45 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
MOD - [2013/07/13 17:26:40 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
MOD - [2013/07/13 17:26:38 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
MOD - [2013/07/13 17:26:37 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
MOD - [2013/07/13 17:26:30 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/05/16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013/05/16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/09/05 00:30:26 | 000,237,112 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll
MOD - [2010/09/05 00:30:26 | 000,011,320 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll
MOD - [2010/08/05 22:57:22 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/06/22 12:54:38 | 000,098,304 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2010/06/19 11:25:12 | 000,267,832 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
MOD - [2010/06/19 11:25:12 | 000,055,864 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
MOD - [2010/06/19 11:25:12 | 000,052,280 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
MOD - [2010/06/09 18:04:14 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2010/04/06 06:11:54 | 000,008,192 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
MOD - [2009/06/18 06:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/18 06:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/18 06:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
========== Services (SafeList) ========== SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/08/04 07:54:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/31 20:05:34 | 000,254,034 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2013/07/31 20:05:33 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AEstSrv.exe -- (AESTFilters)
SRV - [2013/07/12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/06/20 18:05:14 | 000,295,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/06/20 18:05:14 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/27 16:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/11 22:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/08/10 15:48:50 | 000,197,536 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 21:15:12 | 000,048,128 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.HighPrivilegeUtilities.exe -- (UWS HiPriv Services)
SRV - [2012/05/09 21:15:10 | 000,064,512 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UltiDev.WebServer.Monitor.exe -- (UltiDev Web Server Pro)
SRV - [2012/05/09 21:15:10 | 000,044,032 | ---- | M] (UltiDev LLC) [Auto | Running] -- C:\Program Files\UltiDev\Web Server\UWS.LowPrivilegeUtilities.exe -- (UWS LoPriv Services)
SRV - [2010/12/13 14:24:26 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/08/05 11:22:34 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/06/19 11:25:12 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe -- (HP Power Assistant Service)
SRV - [2010/06/09 18:04:02 | 000,656,672 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/05/10 07:42:40 | 000,090,112 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe -- (HPDayStarterService)
SRV - [2010/04/06 06:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010/03/19 06:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 16:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/02 05:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2009/12/16 12:11:14 | 000,281,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2009/12/15 05:47:46 | 001,639,728 | ---- | M] (Validity Sensors, Inc.) [Auto | Stopped] -- C:\Windows\System32\vcsFPService.exe -- (vcsFPService)
SRV - [2009/12/12 12:57:20 | 000,297,984 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe -- (HPFSService)
SRV - [2009/12/05 00:22:40 | 000,506,472 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Windows\System32\uArcCapture.exe -- (uArcCapture)
SRV - [2009/11/25 13:57:20 | 000,300,808 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/11/19 10:17:36 | 000,036,864 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2009/11/18 09:39:16 | 000,362,040 | ---- | M] (Hewlett-Packard Ltd) [On_Demand | Stopped] -- C:\Windows\System32\flcdlock.exe -- (FLCDLOCK)
SRV - [2009/11/05 09:46:56 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/11/05 09:46:54 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/03 08:12:02 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/10/24 06:52:36 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/07/14 13:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/14 13:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 13:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Moar\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2013/06/18 21:50:08 | 000,107,392 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/08/24 02:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/24 02:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/12/20 18:42:04 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/11/21 00:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010/11/21 00:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010/11/21 00:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/21 00:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/21 00:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 22:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010/11/20 22:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010/11/20 21:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 21:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 21:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/10/27 14:00:42 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/10/27 14:00:42 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2010/10/27 14:00:42 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2010/10/27 14:00:42 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/10/27 14:00:42 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/08/05 11:51:46 | 005,587,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010/08/05 10:47:02 | 000,210,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010/05/06 12:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/04/03 10:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2010/03/18 06:49:56 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/02/17 07:24:12 | 000,021,560 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2010/02/10 23:01:10 | 000,132,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009/12/19 11:13:44 | 001,763,968 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/12/16 12:12:28 | 000,051,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2009/12/16 12:12:16 | 000,013,256 | ---- | M] (McAfee, Inc.) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2009/12/16 12:12:14 | 000,040,088 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2009/12/16 12:12:10 | 000,110,520 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2009/12/04 22:48:18 | 000,029,824 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftVCapture.sys -- (ARCVCAM)
DRV - [2009/11/11 21:11:00 | 000,181,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/11/03 08:11:56 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/10/22 08:37:52 | 000,032,312 | ---- | M] (Hewlett-Packard Development Company L.P.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DAMDrv.sys -- (DAMDrv)
DRV - [2009/09/18 08:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/14 11:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 11:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/07/14 11:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/09 08:48:38 | 000,025,656 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2009/07/09 08:48:22 | 000,033,848 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2006/11/11 10:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" =
http://www.bing.com/...rc=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.co.nz/IE - HKCU\..\SearchScopes,DefaultScope = {26A6DBF7-894B-4744-B7F3-8253831CFAE5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\..\SearchScopes\{26A6DBF7-894B-4744-B7F3-8253831CFAE5}: "URL" =
http://www.google.co...utputEncoding?}IE - HKCU\..\SearchScopes\{52D96E36-E07E-4DD3-AFDE-DD355B45D224}: "URL" =
http://www.bing.com/...rc=IE-SearchBoxIE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/09/05 00:48:31 | 000,000,000 | ---D | M]
[2013/07/20 19:39:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: ([2013/07/16 12:06:16 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DTRun] c:\Program Files\Arcsoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //FWEvent.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1959AF40-4A1C-4E4E-A865-F8A5B513BB15}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/08/10 10:24:44 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/10 09:56:00 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2013/08/09 20:58:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/08/09 20:41:26 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\windows\System32\sdnclean.exe
[2013/08/09 20:41:14 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013/08/09 20:14:16 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\ElevatedDiagnostics
[2013/08/09 20:14:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/08/09 20:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/07/31 20:07:11 | 000,531,968 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:06:48 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2013/07/31 20:06:48 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2013/07/31 20:06:48 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2013/07/31 20:06:47 | 012,705,884 | ---- | C] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:06:47 | 001,953,792 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:06:47 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:06:47 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2013/07/31 20:06:44 | 000,179,712 | ---- | C] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 19:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\AGDATA
[2013/07/31 19:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phoenix 6.5
[2013/07/20 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2013/07/20 19:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/07/19 21:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saltbush Software
[2013/07/18 21:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
[2013/07/18 20:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
[2013/07/16 15:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/07/16 14:42:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rdpvideominiport.sys
[2013/07/16 14:42:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/07/16 14:42:21 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\aaclient.dll
[2013/07/16 14:42:21 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpudd.dll
[2013/07/16 14:42:21 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TSWbPrxy.exe
[2013/07/16 14:42:21 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys
[2013/07/16 14:42:21 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MsRdpWebAccess.dll
[2013/07/16 14:42:21 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tsgqec.dll
[2013/07/16 14:42:21 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbGDCoInstaller.dll
[2013/07/16 14:42:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprtPS.dll
[2013/07/16 14:42:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/07/16 14:42:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RdpGroupPolicyExtension.dll
[2013/07/16 14:42:20 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpcorets.dll
[2013/07/16 14:42:20 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wksprt.exe
[2013/07/16 14:42:20 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\rdpendp_winip.dll
[2013/07/16 14:40:40 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/07/16 14:39:47 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013/07/16 13:07:33 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013/07/16 13:07:01 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Roaming\Malwarebytes
[2013/07/16 13:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/16 13:06:47 | 000,000,000 | ---D | C] -- C:\Users\Moar\AppData\Local\Programs
[2013/07/16 12:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/07/16 12:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/07/16 12:22:26 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013/07/16 12:22:26 | 000,789,416 | ---- | C] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013/07/16 12:22:26 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/07/16 12:22:21 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/07/16 12:22:21 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/07/16 12:22:21 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/07/16 12:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/07/16 12:21:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013/07/16 12:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013/07/16 12:17:18 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/16 12:07:49 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/07/16 11:59:54 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/16 11:38:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/07/16 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\Moar\Desktop\Malware Toolkit
[2013/07/13 16:43:15 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/07/13 16:43:13 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/07/13 16:43:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/07/13 16:43:13 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/07/13 16:43:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/07/13 16:43:11 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/07/13 16:43:11 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/07/13 16:43:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/07/13 16:43:11 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/07/13 16:43:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/07/13 11:31:11 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2013/07/13 11:31:07 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2013/07/13 11:31:06 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/07/13 11:31:06 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qedit.dll
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2013/08/10 10:36:39 | 000,733,350 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/08/10 10:36:39 | 000,152,134 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/08/10 10:36:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/10 10:36:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/10 10:28:36 | 000,065,536 | ---- | M] () -- C:\windows\System32\Ikeext.etl
[2013/08/10 10:28:16 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/08/10 10:28:14 | 3203,850,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/10 10:24:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/08/10 10:16:27 | 000,000,098 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013/08/10 10:14:04 | 000,666,633 | ---- | M] () -- C:\Users\Moar\Desktop\adwcleaner.exe
[2013/08/09 20:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Moar\Desktop\OTL.exe
[2013/08/09 20:41:30 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:02:44 | 000,000,763 | ---- | M] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/08/08 20:35:40 | 000,000,316 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForMoar.job
[2013/08/04 07:54:21 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/08/04 07:54:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013/07/31 20:05:36 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\windows\System32\drivers\stwrt.sys
[2013/07/31 20:05:35 | 001,953,792 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2013/07/31 20:05:35 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\windows\sttray.exe
[2013/07/31 20:05:34 | 012,705,884 | ---- | M] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2013/07/31 20:05:34 | 000,934,912 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapo.dll
[2013/07/31 20:05:34 | 000,531,968 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2013/07/31 20:05:34 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stcplx.dll
[2013/07/31 20:05:34 | 000,179,712 | ---- | M] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2013/07/31 20:05:33 | 000,380,928 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2013/07/31 20:05:33 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2013/07/31 20:05:32 | 000,140,288 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2013/07/31 20:05:32 | 000,061,440 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2013/07/31 19:30:11 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/18 21:01:13 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 16:12:30 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/07/16 13:56:11 | 000,000,312 | ---- | M] () -- C:\windows\wininit.ini
[2013/07/16 12:22:17 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\windows\System32\npDeployJava1.dll
[2013/07/16 12:22:17 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\windows\System32\deployJava1.dll
[2013/07/16 12:22:17 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaws.exe
[2013/07/16 12:22:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\javaw.exe
[2013/07/16 12:22:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\windows\System32\java.exe
[2013/07/16 12:22:17 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\windows\System32\WindowsAccessBridge.dll
[2013/07/16 12:06:16 | 000,000,027 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/07/13 17:25:03 | 000,346,352 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[3 C:\Users\Moar\*.tmp files -> C:\Users\Moar\*.tmp -> ]
========== Files Created - No Company Name ========== [2013/08/10 10:16:20 | 000,000,098 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013/08/10 10:14:01 | 000,666,633 | ---- | C] () -- C:\Users\Moar\Desktop\adwcleaner.exe
[2013/08/09 20:41:30 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/08/09 20:41:30 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/08/09 20:02:44 | 000,000,763 | ---- | C] () -- C:\Users\Moar\Documents\CleanSilverlight.cmd
[2013/07/31 20:06:47 | 000,001,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2013/07/31 19:30:11 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\Phoenix 6.5.lnk
[2013/07/18 21:01:13 | 000,002,143 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/07/16 15:08:57 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2013/07/16 15:07:30 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/07/16 14:20:45 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/07/16 13:54:32 | 000,000,312 | ---- | C] () -- C:\windows\wininit.ini
[2013/07/16 12:21:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSP.sys.sum
[2013/06/28 21:26:50 | 000,000,175 | ---- | C] () -- C:\windows\System32\drivers\aswSnx.sys.sum
[2011/09/26 15:23:50 | 000,098,304 | ---- | C] () -- C:\windows\System32\redmonnt.dll
[2011/09/24 10:31:23 | 000,000,204 | ---- | C] () -- C:\windows\MYOBP.INI
[2011/09/24 10:31:23 | 000,000,041 | ---- | C] () -- C:\windows\MYOB.INI
[2011/09/24 10:27:30 | 000,000,663 | ---- | C] () -- C:\windows\openrda.ini
[2011/09/24 10:27:12 | 000,000,000 | ---- | C] () -- C:\windows\drvxl32.INI
[2011/09/24 10:27:10 | 000,000,000 | ---- | C] () -- C:\windows\drvwd32.INI
[2011/06/17 18:23:53 | 000,001,849 | ---- | C] () -- C:\Users\Moar\AppData\Roaming\GhostObjGAFix.xml
========== ZeroAccess Check ========== [2009/07/14 16:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 16:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 00:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 13:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >