Jump to content

MBAM free v2 right click on folder/file results in Scan Progress: Not Running


Recommended Posts

I installed MBAM v2 yesterday on my windows 8.1 laptop, ran the scan, clicked Explorer context menu entry to yes.  I use MBAM free to check download updates before installing.  MBAM free v1.75 worked great with the right click context immediately with scanning the selected file/folder.  With MBAM free v2, no scan is done.  If I click on the MBAM window which comes up, and do a custom scan, it scans more than the file/folder selected, and I cannot tell if it even scans the selected file/folder.  I followed the suggestions in topic 122284 to uninstall with mbam-clean-2.0.2.0.exe, redownloaded and reinstalled MBAM free v2, and still received the same results.  Any suggestions?  Thanks.

Link to post
Share on other sites

Hi:

 

Disclaimer: I'm not qualified to know whether this is or is not the same issue, but....

 

https://forums.malwarebytes.org/index.php?showtopic=145355#entry810727
 

Can you let us know the full path of the file u scanned and filename?

There are a couple bugs with the right click scanning that will be fixed in the next release.

 

Cheers,

 

daledoc1
 

Link to post
Share on other sites

  • Root Admin

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.


 

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Lloyd (administrator) on LLOYD on 31-03-2014 15:16:27
Running from E:\Lloyd's Stuff\Downloads 0002 Software\Farbar 64x vx 2014-03-31
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\WINDOWS\system32\Hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Google Inc.) C:\Users\Lloyd\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Southwest Airlines) C:\Program Files (x86)\Southwest Airlines\Ding\Ding.exe
(FastStone Soft) C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(AdTrustMedia) C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Microsoft Corporation) C:\WINDOWS\syswow64\wwahost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-07-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [systemExplorerAutoStart] - C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2860576 2014-02-28] (Mister Group)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-01] (AVAST Software)
HKLM-x32\...\Run: [PrivDogService] - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedadssvc.exe [525480 2013-12-13] (AdTrustMedia)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [115544 2014-03-04] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3437637007-1443180179-3256198470-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-26] (Google Inc.)
HKU\S-1-5-21-3437637007-1443180179-3256198470-1001\...\Run: [GarminExpressTrayApp] - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [115544 2014-03-04] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3437637007-1443180179-3256198470-1001\...\Run: [Google+ Auto Backup] - C:\Users\Lloyd\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
Startup: C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DING!.lnk
ShortcutTarget: DING!.lnk -> C:\Program Files (x86)\Southwest Airlines\Ding\Ding.exe (Southwest Airlines)
Startup: C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: PrivDog Extension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\1.8.0.18\trustedads.dll (AdTrustMedia)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: HKLM-x32 {08B0E5C0-4FCB-11CF-AAA5-00401C608501} http://147.203.60.11:82/myspeed/admin
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0519D3D7-8899-478B-90BC-4E9D5B3E0F51}: [NameServer]156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{9E617D4B-49F1-4361-92A3-1C1711F3DF75}: [NameServer]156.154.70.22,156.154.71.22

FireFox:
========
FF ProfilePath: C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default
FF Homepage: https://www.google.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Lloyd\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\searchplugins\safeguard-secure-search.xml
FF Extension: PrivDog - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\PrivDog@AdTrustMedia.com [2014-02-02]
FF Extension: Garmin Communicator - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-12-08]
FF Extension: ViewInFirefox - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{5D558C43-550F-4b12-84AB-0D8ABDA9F975} [2013-07-10]
FF Extension: WOT - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-06]
FF Extension: Disconnect - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\2.0@disconnect.me.xpi [2013-08-08]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-07-10]
FF Extension: IE View - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi [2013-07-10]
FF Extension: NoScript - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-10]
FF Extension: Adblock Plus - C:\Users\Lloyd\AppData\Roaming\Mozilla\Firefox\Profiles\148proek.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-26]

Chrome:
=======

CHR Extension: (Google Docs) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-24]
CHR Extension: (Google Drive) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-24]
CHR Extension: (WOT) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-24]
CHR Extension: (YouTube) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-24]
CHR Extension: (Adblock Plus) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-24]
CHR Extension: (PrivDog) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-02-01]
CHR Extension: (Google Search) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-24]
CHR Extension: (avast! Online Security) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-18]
CHR Extension: (Tabs to the front!) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2014-01-24]
CHR Extension: (Disconnect) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]
CHR Extension: (Gmail) - C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-24]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-02-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-21]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-01] (AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6802624 2014-03-05] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-05] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-01-28] ()
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [424280 2014-03-04] (Garmin Ltd or its subsidiaries)
R2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1142768 2014-02-19] (Paramount Software UK Ltd)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-03-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-01] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-17] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-22] (Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-03-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748272 2014-03-05] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [37560 2014-03-05] (COMODO)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-02-19] (REALiX)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127664 2014-03-05] (COMODO)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-02] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-02] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-07-11] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-31 15:15 - 2014-03-31 15:16 - 00000000 ____D () C:\FRST
2014-03-30 11:32 - 2014-03-31 14:55 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-30 11:26 - 2014-03-30 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 11:26 - 2014-03-30 11:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 11:26 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-30 11:26 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-30 11:26 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-29 13:48 - 2014-03-29 13:48 - 00003028 _____ () C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2014-03-29 13:47 - 2014-03-29 13:48 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-03-29 13:47 - 2014-03-29 13:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2014-03-29 13:47 - 2014-03-29 13:47 - 00000000 ____D () C:\Program Files\COMODO
2014-03-29 01:06 - 2014-03-01 01:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-29 01:06 - 2014-02-28 23:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-29 01:06 - 2014-02-28 23:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-29 01:06 - 2014-02-28 23:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-29 01:06 - 2014-02-28 22:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-29 01:06 - 2014-02-28 22:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-29 01:06 - 2014-02-28 22:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-29 01:06 - 2014-02-28 22:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-29 01:06 - 2014-02-28 22:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-29 01:06 - 2014-02-28 22:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-29 01:06 - 2014-02-28 22:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-29 01:06 - 2014-02-28 21:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-29 01:06 - 2014-02-28 21:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-29 01:06 - 2014-02-28 21:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-29 01:06 - 2014-02-28 21:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-29 01:06 - 2014-02-28 21:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-29 01:06 - 2014-02-28 21:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-29 01:06 - 2014-02-22 07:16 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-03-29 01:06 - 2014-02-22 06:24 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-03-29 01:06 - 2014-02-10 22:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-29 01:06 - 2014-02-10 21:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-29 01:06 - 2014-02-10 21:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-29 01:06 - 2014-01-31 11:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-29 01:06 - 2014-01-31 11:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-29 01:06 - 2014-01-31 11:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-29 01:06 - 2014-01-31 08:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-29 01:06 - 2014-01-31 04:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-29 01:06 - 2014-01-29 04:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-29 01:06 - 2014-01-29 03:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-29 01:06 - 2014-01-29 03:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-29 01:06 - 2014-01-29 03:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-29 01:06 - 2014-01-29 03:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-29 01:06 - 2014-01-29 02:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-29 01:06 - 2014-01-29 02:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-29 01:06 - 2014-01-29 02:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-29 01:06 - 2014-01-29 01:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-29 01:06 - 2014-01-28 19:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-29 01:06 - 2014-01-27 14:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-29 01:06 - 2014-01-27 14:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-29 01:06 - 2014-01-27 14:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-29 01:06 - 2014-01-27 13:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-29 01:06 - 2014-01-27 13:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-29 01:06 - 2014-01-27 13:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-29 01:06 - 2014-01-27 13:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-29 01:06 - 2014-01-27 13:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-29 01:06 - 2014-01-27 12:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-29 01:06 - 2014-01-27 12:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-29 01:06 - 2014-01-27 12:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-29 01:06 - 2014-01-27 10:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-29 01:06 - 2014-01-27 10:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-29 01:06 - 2014-01-27 06:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-29 01:06 - 2014-01-17 18:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-29 01:06 - 2014-01-17 16:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-29 01:06 - 2013-12-21 09:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-29 01:06 - 2013-12-21 03:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-29 01:06 - 2013-12-20 05:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-29 01:06 - 2013-12-20 05:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-29 01:06 - 2013-10-30 19:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-29 01:06 - 2013-10-30 19:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-29 01:06 - 2013-10-30 19:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-24 17:55 - 2014-03-24 17:55 - 00000000 ____D () C:\Users\Lloyd\AppData\Local\Apps\2.0
2014-03-20 09:23 - 2014-03-20 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-06 17:59 - 2014-03-06 17:59 - 00000046 _____ () C:\WINDOWS\wininit.ini
2014-03-06 15:11 - 2014-03-06 15:11 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 15:04 - 2014-03-06 15:04 - 00003310 _____ () C:\WINDOWS\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
2014-03-05 12:54 - 2014-03-05 12:54 - 00748272 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00127664 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00037560 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2014-03-05 12:53 - 2014-03-05 12:53 - 00453680 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00363504 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00352984 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00284888 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00045784 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00043216 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00040664 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2014-03-03 00:00 - 2014-03-03 00:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-03-03 00:00 - 2014-03-03 00:00 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-03-02 23:56 - 2014-03-03 00:04 - 00233480 _____ () C:\WINDOWS\hpoins21.dat
2014-03-02 23:56 - 2012-10-14 08:17 - 00006174 ____N () C:\WINDOWS\hpomdl21.dat
2014-03-02 23:20 - 2014-03-02 23:20 - 00000000 __SHD () C:\Recovery
2014-03-02 23:20 - 2014-03-02 21:51 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-02 23:19 - 2014-03-02 23:19 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-02 23:17 - 2014-03-02 23:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-02 23:17 - 2014-03-02 23:17 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-02 23:17 - 2014-03-02 23:17 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-02 23:17 - 2014-03-02 23:17 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-02 23:17 - 2014-03-02 23:17 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-02 23:17 - 2014-03-02 23:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-02 23:16 - 2014-03-02 23:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-02 23:16 - 2014-03-02 23:16 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-02 23:14 - 2014-03-02 23:14 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-02 23:13 - 2014-03-02 23:13 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-03-02 23:11 - 2014-03-02 23:11 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-03-02 23:11 - 2014-03-02 23:11 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-03-02 23:11 - 2014-03-02 23:11 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\inetpub
2014-03-02 23:10 - 2014-01-07 20:46 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-03-02 23:10 - 2014-01-07 20:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-03-02 23:10 - 2014-01-07 20:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-03-02 23:10 - 2014-01-04 10:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-03-02 23:10 - 2014-01-04 10:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-03-02 23:10 - 2014-01-04 09:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-03-02 23:10 - 2014-01-04 08:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-03-02 23:10 - 2014-01-02 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-03-02 23:10 - 2014-01-02 18:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-03-02 23:10 - 2013-12-31 20:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-03-02 23:10 - 2013-12-31 20:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-03-02 23:10 - 2013-12-31 19:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-03-02 23:10 - 2013-12-31 19:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-03-02 23:10 - 2013-12-31 18:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-03-02 23:10 - 2013-12-31 18:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-03-02 23:10 - 2013-12-31 18:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-03-02 23:10 - 2013-12-30 18:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2014-03-02 23:10 - 2013-12-30 18:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-03-02 23:10 - 2013-12-30 18:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2014-03-02 23:10 - 2013-12-30 18:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-03-02 23:10 - 2013-12-30 18:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-03-02 23:10 - 2013-12-27 10:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-03-02 23:10 - 2013-12-27 03:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-03-02 23:10 - 2013-12-27 03:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-03-02 23:10 - 2013-12-27 03:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-03-02 23:10 - 2013-12-27 02:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-03-02 23:10 - 2013-12-27 02:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-03-02 23:10 - 2013-12-27 01:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-03-02 23:10 - 2013-12-21 02:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2014-03-02 23:10 - 2013-12-17 02:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-03-02 23:10 - 2013-12-14 01:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-03-02 23:10 - 2013-12-14 01:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-03-02 23:10 - 2013-12-13 05:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-03-02 23:10 - 2013-12-13 01:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-03-02 23:10 - 2013-12-13 00:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2014-03-02 23:10 - 2013-12-09 03:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-03-02 23:10 - 2013-12-08 23:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-03-02 23:10 - 2013-08-02 23:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-03-02 23:10 - 2013-08-02 23:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-02 23:10 - 2013-08-02 23:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-03-02 23:10 - 2013-08-02 23:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-03-02 23:10 - 2013-08-02 23:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-02 23:10 - 2013-08-02 23:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-03-02 22:01 - 2014-03-31 09:28 - 00000000 __RDO () C:\Users\Lloyd\SkyDrive
2014-03-02 21:52 - 2014-03-02 21:52 - 00001446 _____ () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-02 21:51 - 2014-03-02 21:51 - 00000020 ___SH () C:\Users\Lloyd\ntuser.ini
2014-03-02 21:43 - 2014-03-31 14:24 - 01343654 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-02 21:43 - 2014-03-02 21:43 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-03-02 21:32 - 2014-03-02 21:32 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-03-02 21:32 - 2014-03-02 21:32 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-03-02 21:29 - 2014-03-02 21:29 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-03-02 21:28 - 2014-03-02 22:01 - 00000000 ____D () C:\Users\Lloyd
2014-03-02 21:28 - 2014-03-02 21:43 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-03-02 21:28 - 2014-03-02 21:43 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-03-02 21:28 - 2014-03-02 21:29 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-02 21:28 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-02 21:28 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-02 21:28 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-02 21:25 - 2014-03-02 21:39 - 00973290 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-03-02 21:25 - 2014-03-02 21:29 - 00012096 _____ () C:\WINDOWS\iis.log
2014-03-02 21:23 - 2014-03-02 21:30 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-02 21:23 - 2014-03-02 21:23 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-02 21:23 - 2014-01-25 03:23 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2014-03-02 21:23 - 2014-01-25 03:23 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2014-03-02 21:22 - 2014-03-02 21:34 - 00000000 ____D () C:\Program Files\IDT
2014-03-02 21:22 - 2014-03-02 21:22 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-03-02 21:22 - 2012-08-20 00:45 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2014-03-02 21:22 - 2012-08-20 00:45 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2014-03-02 21:22 - 2012-08-20 00:45 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2014-03-02 21:22 - 2011-05-02 17:27 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2014-03-02 21:22 - 2011-05-02 17:27 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2014-03-02 21:22 - 2011-05-02 17:27 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2014-03-02 21:22 - 2011-05-02 17:27 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2014-03-02 20:56 - 2014-03-02 21:43 - 00006569 _____ () C:\WINDOWS\comsetup.log
2014-03-02 18:39 - 2014-03-02 21:03 - 00223670 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-03-01 13:00 - 2014-03-02 21:34 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-03-01 12:18 - 2014-03-01 12:18 - 00001304 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log
2014-03-01 11:40 - 2014-03-01 11:40 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}

==================== One Month Modified Files and Folders =======

2014-03-31 15:16 - 2014-03-31 15:15 - 00000000 ____D () C:\FRST
2014-03-31 15:08 - 2013-06-25 18:20 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B31273A-F769-4BA3-8451-69AAF717F956}
2014-03-31 15:02 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-31 14:58 - 2013-06-26 11:17 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-31 14:55 - 2014-03-30 11:32 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-03-31 14:24 - 2014-03-02 21:43 - 01343654 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-31 11:36 - 2013-06-25 18:28 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3437637007-1443180179-3256198470-1001
2014-03-31 09:58 - 2013-06-26 11:17 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-31 09:28 - 2014-03-02 22:01 - 00000000 __RDO () C:\Users\Lloyd\SkyDrive
2014-03-30 11:34 - 2013-07-11 16:58 - 00000344 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLloyd.job
2014-03-30 11:26 - 2014-03-30 11:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-30 11:26 - 2014-03-30 11:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-03-30 11:13 - 2013-11-14 02:20 - 00025760 _____ () C:\WINDOWS\PFRO.log
2014-03-30 11:13 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-30 11:12 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-30 09:53 - 2013-06-26 11:17 - 00003880 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-30 09:53 - 2013-06-26 11:17 - 00003644 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 15:33 - 2013-11-14 02:28 - 00958356 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-29 13:48 - 2014-03-29 13:48 - 00003028 _____ () C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2014-03-29 13:48 - 2014-03-29 13:47 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-03-29 13:47 - 2014-03-29 13:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\COMODO
2014-03-29 13:47 - 2014-03-29 13:47 - 00000000 ____D () C:\Program Files\COMODO
2014-03-29 13:47 - 2013-06-26 11:39 - 00000000 ____D () C:\ProgramData\COMODO
2014-03-29 13:44 - 2014-02-01 23:25 - 00000780 _____ () C:\WINDOWS\SysWOW64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
2014-03-29 01:43 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-03-29 01:12 - 2013-08-22 09:44 - 00379304 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 01:11 - 2013-11-03 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 01:11 - 2013-07-18 21:58 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-29 01:11 - 2013-07-18 21:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-29 01:10 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 01:10 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 01:10 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 01:10 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-29 01:09 - 2013-07-18 21:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-03-29 01:07 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-29 01:07 - 2013-07-09 10:00 - 90015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-03-29 01:00 - 2013-06-26 11:17 - 00000000 ____D () C:\Users\Lloyd\AppData\Local\Google
2014-03-26 23:31 - 2013-08-22 09:46 - 00297243 _____ () C:\WINDOWS\setupact.log
2014-03-26 20:35 - 2013-07-04 13:00 - 00000166 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-03-24 17:55 - 2014-03-24 17:55 - 00000000 ____D () C:\Users\Lloyd\AppData\Local\Apps\2.0
2014-03-20 09:23 - 2014-03-20 09:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-16 10:00 - 2013-07-15 15:15 - 00000000 ____D () C:\Users\Lloyd\Documents\TurboTax
2014-03-07 09:10 - 2013-07-15 15:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-07 09:09 - 2014-02-22 12:34 - 00003556 _____ () C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2014-03-07 09:09 - 2013-07-15 15:40 - 00000000 ____D () C:\ProgramData\Garmin
2014-03-07 09:09 - 2013-07-15 15:40 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-03-06 17:59 - 2014-03-06 17:59 - 00000046 _____ () C:\WINDOWS\wininit.ini
2014-03-06 15:25 - 2012-07-26 00:37 - 00000000 ____D () C:\Users\Default.migrated
2014-03-06 15:11 - 2014-03-06 15:11 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 15:04 - 2014-03-06 15:04 - 00003310 _____ () C:\WINDOWS\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
2014-03-05 23:15 - 2013-06-30 22:31 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\HpUpdate
2014-03-05 12:54 - 2014-03-05 12:54 - 00748272 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdguard.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00127664 _____ (COMODO) C:\WINDOWS\system32\Drivers\inspect.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00037560 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdhlp.sys
2014-03-05 12:54 - 2014-03-05 12:54 - 00023168 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmderd.sys
2014-03-05 12:53 - 2014-03-05 12:53 - 00453680 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00363504 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00352984 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00284888 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00045784 _____ (COMODO) C:\WINDOWS\system32\cmdkbd64.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00043216 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2014-03-05 12:53 - 2014-03-05 12:53 - 00040664 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdkbd32.dll
2014-03-05 09:26 - 2014-03-30 11:26 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-30 11:26 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-30 11:26 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-04 17:53 - 2013-08-22 10:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-03-04 17:53 - 2013-08-22 10:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-04 12:26 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-03 00:04 - 2014-03-02 23:56 - 00233480 _____ () C:\WINDOWS\hpoins21.dat
2014-03-03 00:04 - 2013-06-30 22:23 - 00013141 _____ () C:\ProgramData\hpzinstall.log
2014-03-03 00:04 - 2012-07-26 00:26 - 00000127 _____ () C:\WINDOWS\win.ini
2014-03-03 00:00 - 2014-03-03 00:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\spool
2014-03-03 00:00 - 2014-03-03 00:00 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-03-03 00:00 - 2013-06-30 22:28 - 00000000 ____D () C:\Program Files (x86)\HP
2014-03-03 00:00 - 2013-06-30 18:31 - 00000000 ____D () C:\ProgramData\HP
2014-03-02 23:20 - 2014-03-02 23:20 - 00000000 __SHD () C:\Recovery
2014-03-02 23:19 - 2014-03-02 23:19 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-03-02 23:19 - 2014-03-02 23:19 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-03-02 23:19 - 2013-08-22 10:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-03-02 23:18 - 2014-03-02 23:18 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-03-02 23:18 - 2014-03-02 23:18 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-03-02 23:18 - 2014-03-02 23:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-03-02 23:18 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-03-02 23:17 - 2014-03-02 23:17 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-03-02 23:17 - 2014-03-02 23:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-02 23:17 - 2014-03-02 23:17 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-03-02 23:17 - 2014-03-02 23:17 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-03-02 23:17 - 2014-03-02 23:17 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-03-02 23:17 - 2014-03-02 23:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-03-02 23:17 - 2014-03-02 23:17 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-02 23:17 - 2014-03-02 23:17 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-03-02 23:17 - 2014-03-02 23:17 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-03-02 23:17 - 2013-10-21 11:57 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-03-02 23:16 - 2014-03-02 23:16 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-03-02 23:16 - 2014-03-02 23:16 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-03-02 23:16 - 2014-03-02 23:16 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-03-02 23:16 - 2014-03-02 23:16 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-03-02 23:16 - 2014-03-02 23:16 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-03-02 23:16 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-03-02 23:16 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-03-02 23:16 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-03-02 23:16 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-02 23:16 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-02 23:16 - 2013-06-25 18:20 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-02 23:16 - 2013-06-25 18:20 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-02 23:14 - 2014-03-02 23:14 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-03-02 23:14 - 2014-03-02 23:14 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-03-02 23:14 - 2014-03-02 23:14 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-03-02 23:14 - 2014-03-02 23:14 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-03-02 23:14 - 2014-03-02 23:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-03-02 23:13 - 2014-03-02 23:13 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-03-02 23:13 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-02 23:11 - 2014-03-02 23:11 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-03-02 23:11 - 2014-03-02 23:11 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-03-02 23:11 - 2014-03-02 23:11 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-02 23:11 - 2014-03-02 23:11 - 00000000 ____D () C:\inetpub
2014-03-02 23:11 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-03-02 23:11 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-03-02 23:10 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-03-02 22:01 - 2014-03-02 21:28 - 00000000 ____D () C:\Users\Lloyd
2014-03-02 21:54 - 2013-06-25 18:17 - 00000000 ____D () C:\Users\Lloyd\AppData\Local\Packages
2014-03-02 21:52 - 2014-03-02 21:52 - 00001446 _____ () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-02 21:52 - 2013-06-25 18:20 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-03-02 21:51 - 2014-03-02 23:20 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-02 21:51 - 2014-03-02 21:51 - 00000020 ___SH () C:\Users\Lloyd\ntuser.ini
2014-03-02 21:43 - 2014-03-02 21:43 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-03-02 21:43 - 2014-03-02 21:28 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-03-02 21:43 - 2014-03-02 21:28 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-03-02 21:43 - 2014-03-02 20:56 - 00006569 _____ () C:\WINDOWS\comsetup.log
2014-03-02 21:43 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-03-02 21:39 - 2014-03-02 21:25 - 00973290 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-03-02 21:38 - 2013-08-22 10:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-03-02 21:38 - 2013-08-22 10:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-03-02 21:34 - 2014-03-02 21:22 - 00000000 ____D () C:\Program Files\IDT
2014-03-02 21:34 - 2014-03-01 13:00 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-03-02 21:34 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-03-02 21:34 - 2013-07-15 20:16 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Southwest Airlines
2014-03-02 21:34 - 2013-07-01 22:28 - 00000000 ____D () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-03-02 21:34 - 2013-01-18 18:03 - 00000000 ____D () C:\WINDOWS\en
2014-03-02 21:32 - 2014-03-02 21:32 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-03-02 21:32 - 2014-03-02 21:32 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-03-02 21:32 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-03-02 21:32 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-03-02 21:32 - 2013-11-14 02:14 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-03-02 21:32 - 2013-08-22 10:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-03-02 21:32 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-03-02 21:32 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-03-02 21:32 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-03-02 21:32 - 2013-01-18 18:24 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-03-02 21:32 - 2013-01-18 18:00 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-03-02 21:31 - 2013-08-22 10:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-03-02 21:31 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-03-02 21:31 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\Help
2014-03-02 21:31 - 2012-08-03 17:29 - 00000000 ____D () C:\ProgramData\PRICache
2014-03-02 21:30 - 2014-03-02 21:23 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-02 21:30 - 2013-08-22 10:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-03-02 21:30 - 2013-08-22 10:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-02 21:29 - 2014-03-02 21:29 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-03-02 21:29 - 2014-03-02 21:28 - 00000000 ___RD () C:\Users\Lloyd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-02 21:29 - 2014-03-02 21:25 - 00012096 _____ () C:\WINDOWS\iis.log
2014-03-02 21:29 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-03-02 21:23 - 2014-03-02 21:23 - 00000264 _____ () C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01009.Wdf
2014-03-02 21:23 - 2014-03-02 21:23 - 00000000 ____D () C:\Program Files\Synaptics
2014-03-02 21:22 - 2014-03-02 21:22 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-03-02 21:21 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Default
2014-03-02 21:03 - 2014-03-02 18:39 - 00223670 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-03-02 20:54 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-03-02 18:23 - 2013-07-23 19:27 - 00000000 ____D () C:\Users\Lloyd\AppData\Local\CrashDumps
2014-03-02 17:27 - 2013-07-08 16:06 - 00000000 ____D () C:\Users\Lloyd\Documents\Reflect
2014-03-01 12:59 - 2013-06-26 11:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-01 12:18 - 2014-03-01 12:18 - 00001304 _____ () C:\WINDOWS\system32\TeamViewer9_Hooks.log
2014-03-01 12:09 - 2013-07-07 20:52 - 00000000 ____D () C:\Program Files (x86)\System Explorer
2014-03-01 11:43 - 2013-01-18 17:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-01 11:42 - 2013-01-18 17:52 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-01 11:40 - 2014-03-01 11:40 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-01 11:39 - 2013-01-18 18:06 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-01 11:38 - 2012-08-03 19:02 - 00000000 ____D () C:\SWSetup
2014-03-01 11:04 - 2013-07-05 21:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-01 01:05 - 2014-03-29 01:06 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-29 01:06] - [2014-01-31 11:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02



LastRegBack: 2014-03-30 11:49

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Lloyd at 2014-03-31 15:17:14
Running from E:\Lloyd's Stuff\Downloads 0002 Software\Farbar 64x vx 2014-03-31
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Accordance (HKLM-x32\...\{9B088535-6E1D-480E-A5F1-510E1DE6B572}_is1) (Version: 10.4.1 - Oaktree Software, Inc.)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.62 - Hulubulu Software)
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bounce Symphony (x32 Version: 2.2.0.98 - WildTangent) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
C7200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
C7200_Help (x32 Version: 100.0.206.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 31.1.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{8899F0F2-03D8-4DDE-ADCA-4F0A7CE18A74}) (Version: 7.0.51350.4115 - COMODO Security Solutions Inc.)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2817 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2817 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.6.6119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DING! (HKLM-x32\...\{84031A18-BA9A-4156-A74F-E05B52DDFCE2}) (Version: 1.05.005 - Southwest Airlines)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
EditPad Lite 7.3.0 (HKLM\...\EditPad Lite) (Version: 7.3.0 - Just Great Software)
Elevated Installer (x32 Version: 3.0.9.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
FastStone Capture 7.7 (HKLM-x32\...\FastStone Capture) (Version: 7.7 - FastStone Soft)
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotor 1.3.0 (HKLM-x32\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski)
Garmin Express (HKLM-x32\...\{4797b796-0583-4387-b611-cef5a4b063af}) (Version: 3.0.9.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.0.9.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.0.9.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Documentation (HKLM-x32\...\{5AAB470B-88CE-4158-AEF1-EB8DAB4CDFCF}) (Version: 1.2.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP Photo Creations Powered by RocketLife)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 8.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.8 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 4.34 (HKLM\...\HWiNFO64_is1) (Version: 4.34 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.9.1002 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 3.10.7.234 - KC Softwares)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LightBox Free Image Editor (HKLM-x32\...\LightBox Free Image Editor) (Version:  - )
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.2.6314 - Paramount Software (UK) Ltd.) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PhotoFiltre 7 (HKCU\...\PhotoFiltre 7) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PrivDog (HKLM-x32\...\PrivDog) (Version: 1.8.0.15 - privdog.com)
PS_AIO_02_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 5.50 - [den4b] Denis Kozlov)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
System Explorer 4.6.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2013 WinPerFedFormset (x32 Version: 013.000.1874 - Intuit Inc.) Hidden
TurboTax 2013 WinPerReleaseEngine (x32 Version: 013.000.0477 - Intuit Inc.) Hidden
TurboTax 2013 WinPerTaxSupport (x32 Version: 013.000.0164 - Intuit Inc.) Hidden
TurboTax 2013 wrapper (x32 Version: 013.000.0135 - Intuit Inc.) Hidden
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.2 - UltraDefrag Development Team)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinX HD Video Converter Deluxe 4.0.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WOT for Internet Explorer (HKLM\...\{DCAEC601-735C-41AE-B84F-D792F09FB7D1}) (Version: 12.8.2.0 - WOT Services Oy)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.5 - ZONER software)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

14-03-2014 01:15:38 Scheduled Checkpoint
21-03-2014 03:22:20 Scheduled Checkpoint
28-03-2014 16:44:14 Scheduled Checkpoint

==================== Hosts content: ==========================

2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0711EB7D-2AF8-4C2D-AA9F-5A7E2092A176} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-05] (COMODO)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E92BF91-BC8E-497F-BCA2-C83E801750FA} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-05] (COMODO)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4EA2A996-0A7C-4626-A57C-795509C43527} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cisCF2A.exe
Task: {5436807E-BB52-472B-970A-8AA97CE1E740} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5F859D93-D215-4BD7-969C-29DECF96E73D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-29] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79760ACF-A52D-45BD-90B5-3DFD66940668} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F28A516-90D9-4D3C-835E-12574E1ACE27} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {9620B307-3B41-4D85-8F8B-B72413C7C09B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {9D9A8D3F-FED7-43FF-A926-9AF92C885660} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B18BFFBB-5CFA-478E-A5E7-DC9F4D7BF15C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-01] (AVAST Software)
Task: {C7281409-F5F8-4E35-BFD1-566BE0DD5C76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-26] (Google Inc.)
Task: {CE113045-4492-465D-BD50-8DBBCF5BC139} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {CE1DF19C-054E-4BDD-8F88-3591DD3E4C42} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-03-05] (COMODO)
Task: {CFCBDF3F-1D4B-4437-894B-CFDA1DE0E471} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-03-04] ()
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DDE7BD7C-2C66-4E62-A873-2F50BA2F05D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FD4092B9-2FD3-4F99-A51A-180F46C419F4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-11] (Synaptics Incorporated)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLloyd.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-02-01 00:06 - 2013-10-17 10:32 - 00020472 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2014-01-28 09:35 - 2014-01-28 09:35 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2012-10-12 20:22 - 2012-10-12 20:22 - 00120224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 20:22 - 2012-10-12 20:22 - 00048544 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 20:22 - 2012-10-12 20:22 - 00180224 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-01-25 03:22 - 2014-01-25 03:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-14 02:17 - 2013-11-14 02:17 - 00180224 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-03-30 11:07 - 2014-03-30 01:21 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14033000\algo.dll
2014-03-31 15:04 - 2014-03-31 12:02 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14033101\algo.dll
2013-01-18 18:22 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-01-06 11:52 - 2014-01-06 11:52 - 03244032 _____ () C:\Users\Lloyd\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2013-10-21 12:13 - 2013-10-21 12:13 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lloyd\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Photosmart C7200 series
Description: Photosmart C7200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2014 07:38:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_HPSLPSVC, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.16502, time stamp: 0x52c359e8
Exception code: 0xc0000409
Fault offset: 0x000000000008d51b
Faulting process id: 0x1280
Faulting application start time: 0xsvchost.exe_HPSLPSVC0
Faulting application path: svchost.exe_HPSLPSVC1
Faulting module path: svchost.exe_HPSLPSVC2
Report Id: svchost.exe_HPSLPSVC3
Faulting package full name: svchost.exe_HPSLPSVC4
Faulting package-relative application ID: svchost.exe_HPSLPSVC5

Error: (03/30/2014 11:21:18 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_HPSLPSVC, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.16502, time stamp: 0x52c359e8
Exception code: 0xc0000409
Fault offset: 0x000000000008d51b
Faulting process id: 0xb38
Faulting application start time: 0xsvchost.exe_HPSLPSVC0
Faulting application path: svchost.exe_HPSLPSVC1
Faulting module path: svchost.exe_HPSLPSVC2
Report Id: svchost.exe_HPSLPSVC3
Faulting package full name: svchost.exe_HPSLPSVC4
Faulting package-relative application ID: svchost.exe_HPSLPSVC5

Error: (03/30/2014 11:16:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.9.1002, time stamp: 0x5065e128
Faulting module name: IAStorUtil.ni.dll, version: 11.5.9.1002, time stamp: 0x5065e124
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x1bd0
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (03/30/2014 11:16:13 AM) (Source: .NET Runtime) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/30/2014 11:09:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_HPSLPSVC, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.16502, time stamp: 0x52c359e8
Exception code: 0xc0000409
Fault offset: 0x000000000008d51b
Faulting process id: 0x1888
Faulting application start time: 0xsvchost.exe_HPSLPSVC0
Faulting application path: svchost.exe_HPSLPSVC1
Faulting module path: svchost.exe_HPSLPSVC2
Report Id: svchost.exe_HPSLPSVC3
Faulting package full name: svchost.exe_HPSLPSVC4
Faulting package-relative application ID: svchost.exe_HPSLPSVC5

Error: (03/29/2014 03:08:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_HPSLPSVC, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.16502, time stamp: 0x52c359e8
Exception code: 0xc0000409
Fault offset: 0x000000000008d51b
Faulting process id: 0xa68
Faulting application start time: 0xsvchost.exe_HPSLPSVC0
Faulting application path: svchost.exe_HPSLPSVC1
Faulting module path: svchost.exe_HPSLPSVC2
Report Id: svchost.exe_HPSLPSVC3
Faulting package full name: svchost.exe_HPSLPSVC4
Faulting package-relative application ID: svchost.exe_HPSLPSVC5

Error: (03/29/2014 02:35:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.9.1002, time stamp: 0x5065e128
Faulting module name: IAStorUtil.ni.dll, version: 11.5.9.1002, time stamp: 0x5065e124
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x16e4
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (03/29/2014 02:35:34 PM) (Source: .NET Runtime) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/29/2014 01:52:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.9.1002, time stamp: 0x5065e128
Faulting module name: IAStorUtil.ni.dll, version: 11.5.9.1002, time stamp: 0x5065e124
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x102c
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5

Error: (03/29/2014 01:52:53 PM) (Source: .NET Runtime) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (03/31/2014 10:00:02 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/30/2014 07:38:15 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 2 time(s).

Error: (03/30/2014 11:28:49 AM) (Source: DCOM) (User: LLOYD)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}

Error: (03/30/2014 11:21:18 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/30/2014 11:16:17 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/30/2014 11:09:03 AM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 2 time(s).

Error: (03/30/2014 10:00:03 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

Error: (03/29/2014 10:31:46 PM) (Source: DCOM) (User: LLOYD)
Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}

Error: (03/29/2014 03:08:13 PM) (Source: Service Control Manager) (User: )
Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/29/2014 02:35:37 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (03/30/2014 07:38:15 PM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.3.9600.163845215dfe3ntdll.dll6.3.9600.1650252c359e8c0000409000000000008d51b128001cf4c3561291e14C:\WINDOWS\system32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dllbed5caaa-b86c-11e3-bebb-d4c9ef68b4e2

Error: (03/30/2014 11:21:18 AM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.3.9600.163845215dfe3ntdll.dll6.3.9600.1650252c359e8c0000409000000000008d51bb3801cf4c331128c92fC:\WINDOWS\system32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll521fb0d2-b827-11e3-bebb-d4c9ef68b4e2

Error: (03/30/2014 11:16:14 AM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.9.10025065e128IAStorUtil.ni.dll11.5.9.10025065e124c00000050002f3fd1bd001cf4c335b28a0d6C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\853e24a5a081d03994b2b46eccb0107d\IAStorUtil.ni.dll9d250b55-b826-11e3-bebb-d4c9ef68b4e2

Error: (03/30/2014 11:16:13 AM) (Source: .NET Runtime)(User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/30/2014 11:09:03 AM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.3.9600.163845215dfe3ntdll.dll6.3.9600.1650252c359e8c0000409000000000008d51b188801cf4b8ada7b56abC:\WINDOWS\system32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dll9be6a4fd-b825-11e3-beba-d4c9ef68b4e2

Error: (03/29/2014 03:08:12 PM) (Source: Application Error)(User: )
Description: svchost.exe_HPSLPSVC6.3.9600.163845215dfe3ntdll.dll6.3.9600.1650252c359e8c0000409000000000008d51ba6801cf4b85bb7e864aC:\WINDOWS\system32\svchost.exeC:\WINDOWS\SYSTEM32\ntdll.dlldab584e8-b77d-11e3-beba-d4c9ef68b4e2

Error: (03/29/2014 02:35:37 PM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.9.10025065e128IAStorUtil.ni.dll11.5.9.10025065e124c00000050002f3fd16e401cf4b86053a7db9C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\853e24a5a081d03994b2b46eccb0107d\IAStorUtil.ni.dll4d0a390a-b779-11e3-beba-d4c9ef68b4e2

Error: (03/29/2014 02:35:34 PM) (Source: .NET Runtime)(User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (03/29/2014 01:52:54 PM) (Source: Application Error)(User: )
Description: IAStorDataMgrSvc.exe11.5.9.10025065e128IAStorUtil.ni.dll11.5.9.10025065e124c00000050002f3fd102c01cf4b8012ae2a84C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\853e24a5a081d03994b2b46eccb0107d\IAStorUtil.ni.dll55405e1d-b773-11e3-beb9-d4c9ef68b4e2

Error: (03/29/2014 01:52:53 PM) (Source: .NET Runtime)(User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


CodeIntegrity Errors:
===================================
  Date: 2014-03-31 15:12:24.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 15:04:22.418
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 14:55:24.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 14:44:25.986
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 14:31:46.996
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 11:36:14.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 10:55:06.449
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 10:46:44.164
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 10:37:10.310
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-31 10:25:28.765
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 21%
Total physical RAM: 8084.27 MB
Available physical RAM: 6381.06 MB
Total Pagefile: 9364.27 MB
Available Pagefile: 7117.12 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.66 GB) (Free:88.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.52 GB) (Free:2.92 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (MyData) (Fixed) (Total:756.21 GB) (Free:631.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 383CF27A)

Partition: GPT Partition Type.

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

Not sure what's going on there for sure at this time but something is certainly causing multiple failures and could certainly be why the Context Menu is not functioning but also would be much more important to get these issues resolved.

 

 

Not sure if it's an infection issue, a hardware issue, or simply some type of software conflict at this time.  I would recommend creating a NEW topic in the malware removal forum and have one of the Experts assist you in making sure the computer is not infected and go on from there.

 

https://forums.malwarebytes.org/index.php?showforum=7

 

 

 

 

 

System errors:=============Error: (03/31/2014 10:00:02 AM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (03/30/2014 07:38:15 PM) (Source: Service Control Manager) (User: )Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 2 time(s).Error: (03/30/2014 11:28:49 AM) (Source: DCOM) (User: LLOYD)Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}Error: (03/30/2014 11:21:18 AM) (Source: Service Control Manager) (User: )Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 1 time(s).Error: (03/30/2014 11:16:17 AM) (Source: Service Control Manager) (User: )Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).Error: (03/30/2014 11:09:03 AM) (Source: Service Control Manager) (User: )Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 2 time(s).Error: (03/30/2014 10:00:03 AM) (Source: DCOM) (User: NT AUTHORITY)Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (03/29/2014 10:31:46 PM) (Source: DCOM) (User: LLOYD)Description: {FBA44040-BD27-4A09-ACC8-C08B7C723DCD}Error: (03/29/2014 03:08:13 PM) (Source: Service Control Manager) (User: )Description: The HP Network Devices Support service terminated unexpectedly.  It has done this 1 time(s).Error: (03/29/2014 02:35:37 PM) (Source: Service Control Manager) (User: )Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
Link to post
Share on other sites

  • 2 weeks later...

1.  I still have the same problem with MBAM v2 on my win8.1 laptop.  When I right-click on a folder to scan with MBAM, the MBAM window pops up, but does not automatically scan the folder/file.  And when I try the custom scan, uncheck everything and check the folder to be checked, it scans more than the folder/file, and I cannot tell for sure if it scans the folder.

 

Also, after I ran Tweaking.com windows repair, I have the following problem with ie11:

2.  I normally download software from internet explorer (vx).  My home page is google https://www.google.com/.  When I tried to signin to my google account, I received an error msg:  "Oops, your browser seems to have cookies disabled.  Make sure cookies are enabled, or try opening a new browser window."  I went to internet options, turned on third party and session cookies, but still was not able in signin to google in internet explorer.  I also tried adding https://www.google.com to trusted sites.

 

I tried Firefox with the same google home page and logging on to google, and it worked.

 

I have not figured out what tweaking.com windows repair did to prevent me logging in to google in ie11.

 

Thanks.

Link to post
Share on other sites

lloydeb

 

1. I believe that they have found a bug with the right click scan option and are working on a fix for a future release...

 

2. As for IE11, have you tried to reset your browser back to default settings? Click on Tools -> Internet Options -> Advanced Tab -> Click on Reset -> check Delete Personal Settings -> Click OK and then restart your browser...

Link to post
Share on other sites

They announce notifications about program updates HERE as well as on Twitter, Facebook and other places.  You will also get a notifications in the system tray about program updates.

 

If you go back to version 1.75 you will start getting notifications about 2.0.1 which is the current version.  Its up to you if you want to go back to version 1.75.

 

If its only because of the right click scan issue, I would not go backwards, but that's just me.  Even with some bugs in v2.0.1 I think it has better scanning and detection as well as a better web blocker.

Link to post
Share on other sites

I do a custom scan, uncheck Pre-Scan Operations, Filesystem objects, and Heuristic Analysis, check the folder to scan.  The scan takes 5 min 11 seconds.  View detailed log, and it says Folders 0, Files 0.  It does not look to me like it scanned the folder I selected.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/10/2014
Scan Time: 2:11:32 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.10.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lloyd

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 199554
Time Elapsed: 5 min, 11 sec

Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Disabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

I do a custom scan, uncheck Pre-Scan Operations, Filesystem objects, and Heuristic Analysis, check the folder to scan.  The scan takes 5 min 11 seconds.  View detailed log, and it says Folders 0, Files 0.  It does not look to me like it scanned the folder I selected.

OK we have the same options, I was just confused as you mentioned above that you uncheck Pre-Scan Operations, Filesystem objects, and Heuristic Analysis and I could not see those options...
Link to post
Share on other sites

I made mistake in my post.  I uncheck the 3 on the left, and select the downloaded folder on the right to scan with MBAM v2.  When the scan starts, it indicates that it is scanning the things I mentioned:  Pre-Scan Operations, Filesystem objects, and Heuristic Analysis.  What I do not see is the folder I selected to scan.

Link to post
Share on other sites

Yes, I made a mistake.  When the scan starts running, then it shows that it is scanning the items mentioned:  Pre-Scan Operations, Filesystem objects, and Heuristic Analysis.   What I do not see is that the Custom Scan is scanning the selected folder.  It scans 199554 objects, takes 5 minutes, indicates that it has scanned zero folders and zero files.

Link to post
Share on other sites

OK I did a scan of my Downloads folder and unchecked the same three things you did and the log looks like this:

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 4/10/2014

Scan Time: 9:16:14 PM

Logfile:

Administrator: Yes

Version: 2.00.1.1004

Malware Database: v2014.04.11.03

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Enabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Owner

Scan Type: Custom Scan

Result: Completed

Objects Scanned: 226636

Time Elapsed: 1 min, 7 sec

Memory: Disabled

Startup: Disabled

Filesystem: Enabled

Archives: Disabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

So then I did another custom but this time I left the 3 items checked.... Here is the log...

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 4/10/2014

Scan Time: 9:20:38 PM

Logfile:

Administrator: Yes

Version: 2.00.1.1004

Malware Database: v2014.04.11.03

Rootkit Database: v2014.03.27.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Chameleon: Enabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Owner

Scan Type: Custom Scan

Result: Completed

Objects Scanned: 288047

Time Elapsed: 1 min, 44 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

Pretty much the same results... Except if you notice with the items enabled more objects are scanned:

Objects Scanned: 288047

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.