Jump to content

! System Not Fully Protected


Recommended Posts

I'm getting a red "! Your system is not fully protected" message at the top of the dashboard. It says "fix now" and I click it, nothing happens.

 

Also getting under Database Verson: "unable to access update server". 

 

Plus, under Real Time Protection: No Protection.

 

Any idea why this is going on? My system is running slow, like it's trying to open something in the backgroud or something.

 

Help me please. Thanks.

 

 

Link to post
Share on other sites

Hi:

 

It is perfectly safe and is used here and at other computer help forums 100s of times a day. :)

Please tell Norton to allow it or, if need be, pause your Norton protection briefly, in order to run it.

Be sure to re-enable Norton after doing so.

 

Also, as it appears you have had malware problems in the past, it's possible that FRST has been run on this computer before.

So, before running it, please be sure there is a check-mark in the box for "Addition.txt" under the options, so that it will produce both logs.

 

Then, please post back with all 3 logs (2 from FRST and 1 from mbam-check).

 

Thanks,

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01

Ran by Scott Duncan (administrator) on SCOTTDUNCAN-PC on 18-08-2014 20:25:24

Running from C:\Users\Scott Duncan\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Common Files\Citrix\System32\CdfSvc.exe

(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe

(Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Streaming Client\RadeHlprSvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\nis.exe

(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE

(Google Inc.) C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe

(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

(Dropbox, Inc.) C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe

(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Scott Duncan\Downloads\FRST64 (10).exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)

HKLM\...\Run: [smartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)

HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1520552 2011-03-02] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-20] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)

HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)

HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [103768 2009-09-13] (Citrix Systems, Inc.)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1667072 2012-02-28] (AimerSoft)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5563760 2014-06-02] (Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [MusicManager] => C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [Google Update] => C:\Users\Scott Duncan\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-09-04] (Google Inc.)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-08-18] (Google Inc.)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-2949255578-4130258502-838744892-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk

ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\Users\Scott Duncan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Scott Duncan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk

ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

ShellIconOverlayIdentifiers-x32: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe


SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 


SearchScopes: HKLM-x32 - DefaultScope value is missing.


SearchScopes: HKCU - DefaultScope {CD0DBE38-5D83-4061-BA5C-C1A7017210EA} URL = 


SearchScopes: HKCU - {CD0DBE38-5D83-4061-BA5C-C1A7017210EA} URL = 

BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM-x32 {55963676-2F5E-4BAF-AC28-CF26AA587566} https://sslvpn.usawest.org/CACHE/stc/1/binaries/vpnweb.cab

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Scott Duncan\AppData\Roaming\Mozilla\Firefox\Profiles\y52dp84x.default-1399684827563

FF Homepage: www.google.com

FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @citrix.com/Citrix Offline Plug-in -> C:\Program Files (x86)\Citrix\Streaming Client\nprade.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Scott Duncan\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Scott Duncan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Scott Duncan\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)

FF Extension: No Name - C:\Users\Scott Duncan\AppData\Roaming\Mozilla\Firefox\Profiles\y52dp84x.default-1399684827563\Extensions\staged [2014-08-18]

FF Extension: LastPass - C:\Users\Scott Duncan\AppData\Roaming\Mozilla\Firefox\Profiles\y52dp84x.default-1399684827563\Extensions\support@lastpass.com [2014-08-09]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-09]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-09]

FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-09]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-08-09]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-08-09]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-08-18]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-02-25]

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-25]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR StartupUrls: "hxxp://www.google.com/"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File

CHR Extension: (Google Docs) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-11]

CHR Extension: (Google Drive) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-11]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (YouTube) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-11]

CHR Extension: (Google Search) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-11]

CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-02-25]

CHR Extension: (Add Email Signature - WiseStamp) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjjniaenghhbffhplhdcipdgidbajdp [2014-01-09]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-05-23]

CHR Extension: (BBC Good Food) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkffnoliaheoidfeejcmnidkkgilkja [2013-08-11]

CHR Extension: (Mafia Wars Addon) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llfmkjppmncfcgdebajkjnopgodlcaoe [2013-08-11]

CHR Extension: (Google Wallet) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]

CHR Extension: (Gmail) - C:\Users\Scott Duncan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-11]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\Exts\Chrome.crx [2014-08-15]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

R2 CdfSvc; C:\Program Files (x86)\Common Files\Citrix\System32\CdfSvc.exe [321448 2011-05-03] (Citrix Systems, Inc.)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]

R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [358984 2014-05-21] (Verizon) [File not signed]

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe [276376 2014-07-31] (Symantec Corporation)

R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-12-26] (Symantec Corporation)

R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)

R2 RadeHlprSvc; C:\Program Files (x86)\Citrix\Streaming Client\RadeHlprSvc.exe [210864 2011-07-19] (Citrix Systems, Inc.)

R2 RadeSvc; C:\Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe [1034152 2011-07-19] (Citrix Systems, Inc.)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-06-02] (Western Digital Technologies, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1505000.013\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)

R1 cdfdrv; C:\Windows\System32\DRIVERS\cdfdrv.sys [38448 2011-03-01] (Citrix Systems, Inc.)

R1 ctxpidmn; C:\Windows\System32\DRIVERS\ctxpidmn.sys [83288 2011-06-30] (Citrix Systems, Inc.)

R2 CtxSbx; C:\Windows\System32\DRIVERS\CtxSbx.sys [309080 2011-06-30] (Citrix Systems, Inc.)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-24] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-24] (Symantec Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140815.001\IDSvia64.sys [525016 2014-07-11] (Symantec Corporation)

R1 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [91352 2014-05-12] (Malwarebytes Corporation)

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 MWAC; \??\C:\windows\system32\drivers\ [0 ] () [File not signed]

S3 MWAC; \??\C:\windows\SysWOW64\drivers\ [0 ] () [File not signed]

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140818.019\ENG64.SYS [126040 2014-08-13] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140818.019\EX64.SYS [2099288 2014-08-13] (Symantec Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1505000.013\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1505000.013\SRTSPX64.SYS [36952 2013-10-29] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1505000.013\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)

R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-24] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1505000.013\Ironx64.SYS [264280 2013-10-29] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1505000.013\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)

S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)

S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)

S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)

S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)

S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)

S3 vpnva; system32\DRIVERS\vpnva64.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-18 20:24 - 2014-08-18 20:24 - 02101760 _____ (Farbar) C:\Users\Scott Duncan\Downloads\FRST64 (10).exe

2014-08-18 19:28 - 2014-08-18 19:29 - 00262144 _____ () C:\windows\Minidump\081814-43446-01.dmp

2014-08-18 19:14 - 2014-08-18 20:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-08-15 08:23 - 2014-08-15 08:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security

2014-08-15 04:01 - 2014-08-16 15:48 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Florida Move Docs

2014-08-15 04:01 - 2014-08-15 04:03 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Florida Trip Docs & Receipts

2014-08-15 04:00 - 2014-08-15 08:36 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Indian River Medical Center Docs

2014-08-14 21:17 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll

2014-08-14 21:17 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll

2014-08-14 21:17 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe

2014-08-14 21:17 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll

2014-08-14 21:17 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe

2014-08-14 21:17 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll

2014-08-14 21:16 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe

2014-08-14 21:16 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe

2014-08-14 19:57 - 2014-07-31 16:41 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-08-14 19:57 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-08-14 19:57 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-08-14 19:57 - 2014-07-25 07:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-08-14 19:57 - 2014-07-25 07:01 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-08-14 19:57 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-08-14 19:57 - 2014-07-25 06:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-08-14 19:57 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-08-14 19:57 - 2014-07-25 06:28 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-08-14 19:57 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-08-14 19:57 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-08-14 19:57 - 2014-07-25 06:11 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-08-14 19:57 - 2014-07-25 06:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-08-14 19:57 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-08-14 19:57 - 2014-07-25 06:03 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-08-14 19:57 - 2014-07-25 06:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-08-14 19:57 - 2014-07-25 06:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-08-14 19:57 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-08-14 19:57 - 2014-07-25 05:47 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-08-14 19:57 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-08-14 19:57 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-08-14 19:57 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-08-14 19:57 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-08-14 19:57 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-08-14 19:57 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-08-14 19:57 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-08-14 19:57 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-08-14 19:57 - 2014-07-25 05:19 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-08-14 19:57 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-08-14 19:57 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-08-14 19:57 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-08-14 19:57 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-08-14 19:57 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-08-14 19:57 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-08-14 19:57 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-08-14 19:57 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-08-14 19:57 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-08-14 19:57 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-08-14 19:57 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-14 19:57 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-08-14 19:57 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-08-14 19:57 - 2014-07-25 04:39 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-08-14 19:57 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-08-14 19:57 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-08-14 19:57 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-08-14 19:57 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-08-14 19:57 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-08-14 19:57 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-08-14 19:57 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-08-14 19:57 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-08-14 19:57 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-08-14 19:57 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-08-14 19:57 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-08-14 19:57 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-08-14 19:57 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-08-14 19:57 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-08-14 19:57 - 2014-07-15 20:25 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll

2014-08-14 19:57 - 2014-07-15 20:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll

2014-08-14 19:57 - 2014-07-15 19:46 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll

2014-08-14 19:57 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll

2014-08-14 19:57 - 2014-07-15 19:12 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

2014-08-14 19:57 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL

2014-08-14 19:57 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL

2014-08-14 19:57 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL

2014-08-14 19:57 - 2014-07-08 19:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL

2014-08-14 19:57 - 2014-07-08 19:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL

2014-08-14 19:57 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL

2014-08-14 19:57 - 2014-07-08 18:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL

2014-08-14 19:57 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL

2014-08-14 19:57 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL

2014-08-14 19:57 - 2014-07-08 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL

2014-08-14 19:57 - 2014-07-08 15:38 - 00419992 _____ () C:\windows\system32\locale.nls

2014-08-14 19:57 - 2014-07-08 15:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls

2014-08-14 19:57 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll

2014-08-14 19:57 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll

2014-08-14 19:57 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys

2014-08-14 19:57 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll

2014-08-14 19:57 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll

2014-08-14 19:57 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll

2014-08-14 19:57 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe

2014-08-14 19:57 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll

2014-08-14 19:57 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll

2014-08-14 19:57 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll

2014-08-14 19:56 - 2014-08-06 19:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-08-14 19:56 - 2014-08-06 19:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-08-14 19:56 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll

2014-08-14 19:56 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll

2014-08-14 13:49 - 2014-08-15 04:02 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Local\Adobe

2014-08-10 22:53 - 2014-08-10 22:53 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-10 22:53 - 2014-08-10 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-10 15:54 - 2014-08-10 15:54 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (3).html

2014-08-10 15:54 - 2014-08-10 15:54 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (2).html

2014-08-10 15:18 - 2014-08-10 15:18 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals.html

2014-08-10 15:18 - 2014-08-10 15:18 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (1).html

2014-08-10 10:21 - 2014-08-10 10:21 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys

2014-08-09 23:27 - 2014-08-09 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-08-08 08:03 - 2014-08-08 09:30 - 00000000 ____D () C:\Users\Scott Duncan\Documents\IRMC Job Information 2014

2014-08-01 18:42 - 2010-05-14 15:04 - 00138752 _____ (Hewlett-Packard Company) C:\windows\system32\hpf3l02t.dll

2014-07-25 20:03 - 2014-07-25 20:03 - 02417471 _____ () C:\Users\Scott Duncan\Downloads\L01-audio.zip

2014-07-25 07:48 - 2014-07-25 07:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

2014-07-24 18:01 - 2014-07-24 18:01 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-07-24 18:01 - 2014-07-24 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-24 17:59 - 2014-07-24 18:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-24 17:59 - 2014-07-24 18:01 - 00000000 ____D () C:\Program Files\iTunes

2014-07-24 17:59 - 2014-07-24 18:01 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-24 17:59 - 2014-07-24 17:59 - 00000000 ____D () C:\Program Files\iPod

2014-07-21 14:51 - 2014-07-21 14:51 - 00019968 _____ () C:\Users\Scott Duncan\Downloads\cancer help.wps

2014-07-20 07:00 - 2014-07-20 07:00 - 00004489 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-18 20:26 - 2011-08-18 13:24 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-18 20:25 - 2014-05-09 13:13 - 00040548 _____ () C:\Users\Scott Duncan\Downloads\FRST.txt

2014-08-18 20:25 - 2014-05-09 13:12 - 00000000 ____D () C:\FRST

2014-08-18 20:24 - 2014-08-18 20:24 - 02101760 _____ (Farbar) C:\Users\Scott Duncan\Downloads\FRST64 (10).exe

2014-08-18 20:21 - 2014-08-18 19:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-08-18 20:20 - 2014-05-18 06:08 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-18 20:13 - 2014-02-27 17:46 - 00000604 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2949255578-4130258502-838744892-1000.job

2014-08-18 19:58 - 2012-04-07 02:48 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-08-18 19:45 - 2011-08-18 12:37 - 01797320 _____ () C:\windows\WindowsUpdate.log

2014-08-18 19:39 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-18 19:39 - 2009-07-13 21:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-18 19:38 - 2013-09-04 18:09 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000UA.job

2014-08-18 19:33 - 2014-03-17 09:47 - 00000000 ___RD () C:\Users\Scott Duncan\Google Drive

2014-08-18 19:32 - 2014-01-15 23:50 - 00000000 ___RD () C:\Users\Scott Duncan\Dropbox

2014-08-18 19:32 - 2014-01-15 23:48 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Roaming\Dropbox

2014-08-18 19:31 - 2014-01-16 11:56 - 00008192 _____ () C:\windows\SysWOW64\WDPABKP.dat

2014-08-18 19:30 - 2011-08-18 13:24 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-18 19:29 - 2014-08-18 19:28 - 00262144 _____ () C:\windows\Minidump\081814-43446-01.dmp

2014-08-18 19:29 - 2009-07-13 22:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-08-18 19:28 - 2012-09-15 18:05 - 638881613 _____ () C:\windows\MEMORY.DMP

2014-08-18 19:28 - 2012-09-15 18:05 - 00000000 ____D () C:\windows\Minidump

2014-08-18 19:28 - 2009-07-13 21:51 - 00137762 _____ () C:\windows\setupact.log

2014-08-18 19:04 - 2009-07-13 22:13 - 00006510 _____ () C:\windows\system32\PerfStringBackup.INI

2014-08-18 18:16 - 2009-07-13 21:45 - 05023712 _____ () C:\windows\system32\FNTCACHE.DAT

2014-08-18 07:38 - 2013-09-04 18:09 - 00000884 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000Core.job

2014-08-17 06:18 - 2014-01-16 11:06 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Photography Biz

2014-08-16 15:48 - 2014-08-15 04:01 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Florida Move Docs

2014-08-15 22:56 - 2009-07-13 22:08 - 00032574 _____ () C:\windows\Tasks\SCHEDLGU.TXT

2014-08-15 14:29 - 2014-01-09 20:48 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-15 08:36 - 2014-08-15 04:00 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Indian River Medical Center Docs

2014-08-15 08:23 - 2014-08-15 08:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security

2014-08-15 08:14 - 2012-07-18 19:51 - 00003234 _____ () C:\windows\System32\Tasks\Norton WSC Integration

2014-08-15 08:14 - 2011-08-18 13:21 - 00000000 ____D () C:\windows\system32\Drivers\NISx64

2014-08-15 08:13 - 2014-06-25 06:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

2014-08-15 08:13 - 2012-07-18 19:51 - 00002472 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk

2014-08-15 04:03 - 2014-08-15 04:01 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Florida Trip Docs & Receipts

2014-08-15 04:02 - 2014-08-14 13:49 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Local\Adobe

2014-08-15 03:38 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\PolicyDefinitions

2014-08-14 21:33 - 2011-12-03 18:38 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-08-14 21:27 - 2013-07-14 16:35 - 00000000 ____D () C:\windows\system32\MRT

2014-08-14 21:22 - 2011-11-06 13:32 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-08-14 21:16 - 2014-05-06 21:00 - 00000000 ___SD () C:\windows\system32\CompatTel

2014-08-14 15:57 - 2012-03-17 18:25 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Roaming\Skype

2014-08-14 09:50 - 2012-04-07 02:48 - 00699568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-08-14 09:50 - 2012-04-07 02:48 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

2014-08-14 09:50 - 2011-11-12 17:49 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-14 08:27 - 2014-02-25 09:19 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Outlook Files

2014-08-13 17:35 - 2014-01-15 23:50 - 00001056 _____ () C:\Users\Scott Duncan\Desktop\Dropbox.lnk

2014-08-13 17:35 - 2014-01-15 23:49 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-12 19:22 - 2014-05-18 06:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-11 13:39 - 2009-07-13 20:20 - 00000000 ____D () C:\windows\rescache

2014-08-10 22:54 - 2013-10-21 07:37 - 00000000 ____D () C:\ProgramData\Oracle

2014-08-10 22:53 - 2014-08-10 22:53 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-08-10 22:53 - 2014-08-10 22:53 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-10 22:53 - 2014-08-10 22:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-10 22:53 - 2012-03-01 06:44 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-10 15:54 - 2014-08-10 15:54 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (3).html

2014-08-10 15:54 - 2014-08-10 15:54 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (2).html

2014-08-10 15:18 - 2014-08-10 15:18 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals.html

2014-08-10 15:18 - 2014-08-10 15:18 - 00000240 _____ () C:\Users\Scott Duncan\Downloads\rentals (1).html

2014-08-10 10:30 - 2013-08-21 05:29 - 00001088 _____ () C:\Users\Public\Desktop\Vz  In-Home Agent.lnk

2014-08-10 10:21 - 2014-08-10 10:21 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys

2014-08-10 05:07 - 2014-01-09 20:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-08-09 23:28 - 2014-08-09 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-08-09 10:54 - 2012-03-17 18:25 - 00000000 ____D () C:\ProgramData\Skype

2014-08-08 09:30 - 2014-08-08 08:03 - 00000000 ____D () C:\Users\Scott Duncan\Documents\IRMC Job Information 2014

2014-08-07 14:51 - 2012-03-17 18:25 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-08-06 19:06 - 2014-08-14 19:56 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-08-06 19:01 - 2014-08-14 19:56 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-08-05 09:29 - 2013-05-01 18:06 - 00000000 ____D () C:\Users\Scott Duncan\Documents\Resume Update 2014

2014-08-01 18:45 - 2011-11-19 10:54 - 00000059 _____ () C:\windows\wpd99.drv

2014-08-01 18:45 - 2011-11-19 10:54 - 00000000 ____D () C:\ProgramData\pdf995

2014-08-01 18:43 - 2014-05-26 11:52 - 00000000 ____D () C:\ProgramData\HP

2014-07-31 16:41 - 2014-08-14 19:57 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll

2014-07-31 16:16 - 2014-08-14 19:57 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll

2014-07-25 20:03 - 2014-07-25 20:03 - 02417471 _____ () C:\Users\Scott Duncan\Downloads\L01-audio.zip

2014-07-25 07:52 - 2014-08-14 19:57 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-07-25 07:48 - 2014-07-25 07:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom

2014-07-25 07:48 - 2012-07-20 16:20 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2

2014-07-25 07:45 - 2012-07-20 16:19 - 00000000 ____D () C:\Users\Scott Duncan\AppData\Local\Downloaded Installations

2014-07-25 07:02 - 2014-08-14 19:57 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-07-25 07:01 - 2014-08-14 19:57 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-07-25 06:51 - 2014-08-14 19:57 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-07-25 06:30 - 2014-08-14 19:57 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-07-25 06:28 - 2014-08-14 19:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-07-25 06:28 - 2014-08-14 19:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-07-25 06:25 - 2014-08-14 19:57 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-07-25 06:25 - 2014-08-14 19:57 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll

2014-07-25 06:11 - 2014-08-14 19:57 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-07-25 06:10 - 2014-08-14 19:57 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-07-25 06:04 - 2014-08-14 19:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-07-25 06:03 - 2014-08-14 19:57 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-07-25 06:00 - 2014-08-14 19:57 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-07-25 06:00 - 2014-08-14 19:57 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-07-25 05:59 - 2014-08-14 19:57 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-07-25 05:47 - 2014-08-14 19:57 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-07-25 05:40 - 2014-08-14 19:57 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-07-25 05:34 - 2014-08-14 19:57 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-07-25 05:34 - 2014-08-14 19:57 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-07-25 05:33 - 2014-08-14 19:57 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-07-25 05:30 - 2014-08-14 19:57 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll

2014-07-25 05:28 - 2014-08-14 19:57 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-07-25 05:28 - 2014-08-14 19:57 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-07-25 05:21 - 2014-08-14 19:57 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-07-25 05:19 - 2014-08-14 19:57 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-07-25 05:18 - 2014-08-14 19:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-07-25 05:17 - 2014-08-14 19:57 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-07-25 05:17 - 2014-08-14 19:57 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-07-25 05:12 - 2014-08-14 19:57 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-07-25 05:10 - 2014-08-14 19:57 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-07-25 05:10 - 2014-08-14 19:57 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-07-25 05:08 - 2014-08-14 19:57 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-07-25 05:06 - 2014-08-14 19:57 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-07-25 04:52 - 2014-08-14 19:57 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-07-25 04:47 - 2014-08-14 19:57 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-07-25 04:43 - 2014-08-14 19:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-25 04:42 - 2014-08-14 19:57 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-07-25 04:39 - 2014-08-14 19:57 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-07-25 04:39 - 2014-08-14 19:57 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-07-25 04:36 - 2014-08-14 19:57 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-07-25 04:34 - 2014-08-14 19:57 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-07-25 04:29 - 2014-08-14 19:57 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-07-25 04:23 - 2014-08-14 19:57 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-07-25 04:13 - 2014-08-14 19:57 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-07-25 04:07 - 2014-08-14 19:57 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-07-25 04:07 - 2014-08-14 19:57 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-07-25 04:03 - 2014-08-14 19:57 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-07-25 03:52 - 2014-08-14 19:57 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-07-25 03:26 - 2014-08-14 19:57 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-07-25 03:17 - 2014-08-14 19:57 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-07-25 03:09 - 2014-08-14 19:57 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-07-25 03:05 - 2014-08-14 19:57 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-07-25 03:00 - 2014-08-14 19:57 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-07-24 23:29 - 2012-05-15 06:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-07-24 23:29 - 2012-05-15 06:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-07-24 21:41 - 2012-05-15 06:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-07-24 18:01 - 2014-07-24 18:01 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-07-24 18:01 - 2014-07-24 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-07-24 18:01 - 2014-07-24 17:59 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-07-24 18:01 - 2014-07-24 17:59 - 00000000 ____D () C:\Program Files\iTunes

2014-07-24 18:01 - 2014-07-24 17:59 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-07-24 17:59 - 2014-07-24 17:59 - 00000000 ____D () C:\Program Files\iPod

2014-07-22 06:35 - 2010-11-20 20:47 - 00337772 _____ () C:\windows\PFRO.log

2014-07-21 14:51 - 2014-07-21 14:51 - 00019968 _____ () C:\Users\Scott Duncan\Downloads\cancer help.wps

2014-07-20 07:00 - 2014-07-20 07:00 - 00004489 _____ () C:\windows\SysWOW64\jupdate-1.7.0_65-b20.log

 

Some content of TEMP:

====================

C:\Users\Scott Duncan\AppData\Local\Temp\bnngrhra.dll

C:\Users\Scott Duncan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsxqdvf.dll

C:\Users\Scott Duncan\AppData\Local\Temp\HitmanPro.exe

C:\Users\Scott Duncan\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\Scott Duncan\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Scott Duncan\AppData\Local\Temp\LMkRstPt.exe

C:\Users\Scott Duncan\AppData\Local\Temp\ose00000.exe

C:\Users\Scott Duncan\AppData\Local\Temp\qpzm2eya.dll

C:\Users\Scott Duncan\AppData\Local\Temp\Quarantine.exe

C:\Users\Scott Duncan\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Scott Duncan\AppData\Local\Temp\uadeap27.dll

C:\Users\Scott Duncan\AppData\Local\Temp\z-fjhctt.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-11 12:47

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01

Ran by Scott Duncan at 2014-08-18 20:26:14

Running from C:\Users\Scott Duncan\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}

AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)

Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)

Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)

Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)

Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Citrix Offline Plug-in (HKLM-x32\...\{70BB990A-1461-4178-943D-7F771067D95C}) (Version: 6.5.0.6684 - Citrix Systems, Inc.)

Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)

Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)

Citrix online plug-in (DV) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (HDX) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (USB) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden

Citrix online plug-in (Web) (x32 Version: 11.2.0.31560 - Citrix Systems, Inc.) Hidden

Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)

eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

FileOpener Packages (HKCU\...\FileOpener Packages) (Version:  - ) <==== ATTENTION

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)

IHA_MessageCenter (HKLM-x32\...\{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)

iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)

Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)

Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.7 - Google)

Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.5.0.19 - Symantec Corporation)

Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.5.38.0 - Symantec Corporation)

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )

PdfEdit995 (HKLM-x32\...\PdfEdit995) (Version:  - )

Photomatix Pro version 4.1.3 (HKLM\...\PhotomatixPro41x64_is1) (Version: 4.1.3 - HDRsoft Sarl)

Photomatix Pro version 4.2.7 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.7 - HDRsoft Ltd)

Photomatix Pro version 5.0.3 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0.3 - HDRsoft Ltd)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)

Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Signature995 (HKLM-x32\...\Signature995) (Version:  - )

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

Smart Shooter 2 (HKLM-x32\...\SmartShooter) (Version:  - Francis Hart)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)

The Photographer's Ephemeris (HKLM-x32\...\Flexrise.9F3FBFC56E7DF11606748B3513468A7A7FB809D1.1) (Version: 1.1.1 - UNKNOWN)

The Photographer's Ephemeris (x32 Version: 1.1.1 - UNKNOWN) Hidden

TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)

TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)

Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)

TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)

TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)

Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)

TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)

TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)

TOSHIBA eco Utility (HKLM\...\{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.25.64 - TOSHIBA Corporation)

TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)

TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden

TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.06.00 - )

TOSHIBA Hardware Setup (Version: 4.08.06.00 - TOSHIBA) Hidden

TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)

TOSHIBA HDD/SSD Alert (Version: 3.1.64.7 - TOSHIBA Corporation) Hidden

TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7 - TOSHIBA Corporation) Hidden

Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.10.26 - Symantec Corporation)

TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)

TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)

Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)

TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)

TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)

TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)

TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)

TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden

TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)

TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)

TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)

TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.06.00 - )

TOSHIBA Supervisor Password (Version: 4.08.06.00 - TOSHIBA) Hidden

TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)

TOSHIBA Value Added Package (Version: 1.5.4.64 - TOSHIBA Corporation) Hidden

TOSHIBA Value Added Package (x32 Version: 1.5.4.64 - TOSHIBA Corporation) Hidden

TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)

TOSHIBA Web Camera Application (x32 Version: 2.0.0.19 - TOSHIBA Corporation) Hidden

TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)

ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)

Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)

Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)

Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)

Vz In Home Agent (HKLM-x32\...\{E28F5145-74F0-4696-A17F-BBB2927BEA40}) (Version: 8.03.54 - Verizon)

Vz In-Home Agent (HKLM-x32\...\VzInHomeAgent) (Version: 9.0.63.0 - Verizon)

WD Drive Utilities (HKLM-x32\...\{F9784E1D-4455-4BFF-A97A-1B1355A4FFDB}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{324C58C7-A292-4523-A943-91DE1EB6A1FE}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{F6ABA2F3-9759-48CD-B25B-A07A811E92E4}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{72fda14f-5a07-49d5-b7f7-202377e9b522}) (Version: 2.4.1.9 - Western Digital Technologies, Inc.)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2949255578-4130258502-838744892-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2949255578-4130258502-838744892-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2949255578-4130258502-838744892-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2949255578-4130258502-838744892-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2949255578-4130258502-838744892-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

25-07-2014 04:38:52 Windows Update

25-07-2014 14:45:55 Installed TomTom HOME.

11-08-2014 05:51:35 Installed Java 7 Update 67

15-08-2014 04:15:46 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-13 19:34 - 2014-01-27 08:53 - 00000027 ____N C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0CD567AF-3A16-4035-94C5-D913899368E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000Core => C:\Users\Scott Duncan\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-04] (Google Inc.)

Task: {1424C604-BA00-4777-92A8-313228E9F8C3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)

Task: {30BF87B7-E8C9-41E4-BDFA-13ADAF78FA3D} - \Updater21802.exe No Task File <==== ATTENTION

Task: {34F8B800-EA5A-4106-A891-F7E1AF74CE77} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-12-26] (Symantec Corporation)

Task: {36236339-090F-4F74-9C09-38D061ACAB63} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {3EED82D1-9DE0-4542-8E06-FF238A2252F7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe

Task: {425BA744-0B9B-414A-92C2-0CB75E609EBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)

Task: {54355DBE-5A87-40A0-950F-153D81A5D352} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14] (Adobe Systems Incorporated)

Task: {5CF0707E-4AEC-4245-A474-90276BDCEDBE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {6241290D-013A-4803-8DDE-B0442F8C74F0} - System32\Tasks\{3CA3C75F-24DE-4279-9001-CE5C4459001E} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)

Task: {84DE06EF-DF18-4056-82B2-26EE54FD3E2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000UA => C:\Users\Scott Duncan\AppData\Local\Google\Update\GoogleUpdate.exe [2013-09-04] (Google Inc.)

Task: {AB16D759-6017-4275-A742-12A26BF65B71} - System32\Tasks\G2MUpdateTask-S-1-5-21-2949255578-4130258502-838744892-1000 => C:\Users\Scott Duncan\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-06] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {C05D3B8D-97CA-4B68-9757-328655E822DD} - System32\Tasks\HP AR Program Upload - 155fdf2358db467d981dad0c497fde19f643245d58da4a248b3636fb02dc4005 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {C4FF36E6-B5F9-4635-AEF0-2627B1D3D11F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {D75EB5D5-2801-4AEE-B61D-9D05B0654822} - \MySearchDial No Task File <==== ATTENTION

Task: {D92B8832-C4F9-417E-996B-8F8C3C1933BD} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)

Task: {EB3595AC-9935-44DE-81DE-B12A79BAACCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)

Task: {FE732D04-B00B-408F-A956-9AC55ECC346E} - System32\Tasks\AdobeAAMUpdater-1.0-ScottDuncan-PC-Scott Duncan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-2949255578-4130258502-838744892-1000.job => C:\Users\Scott Duncan\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000Core.job => C:\Users\Scott Duncan\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2949255578-4130258502-838744892-1000UA.job => C:\Users\Scott Duncan\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2011-11-19 10:54 - 2006-10-19 22:44 - 00047616 _____ () C:\windows\System32\pdf995mon64.dll

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2011-04-04 19:18 - 2011-04-04 19:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll

2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll

2010-12-08 15:42 - 2010-12-08 15:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 10683392 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 07741952 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\QtGui4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 02248192 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\QtCore4.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 01681408 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll

2014-05-15 14:20 - 2014-05-15 14:20 - 00117248 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\libaacdec.dll

2014-05-15 14:20 - 2014-05-15 14:20 - 00231936 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll

2014-05-15 14:21 - 2014-05-15 14:21 - 00253440 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\libid3tag.dll

2014-05-15 14:24 - 2014-05-15 14:24 - 00344064 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll

2013-12-10 14:06 - 2013-12-10 14:06 - 00026624 _____ () C:\Users\Scott Duncan\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll

2014-08-18 19:32 - 2014-08-18 19:32 - 00043008 _____ () c:\Users\Scott Duncan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsxqdvf.dll

2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Scott Duncan\AppData\Roaming\Dropbox\bin\libcef.dll

2014-08-18 19:31 - 2014-08-18 19:31 - 00098816 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32api.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00110080 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\pywintypes27.dll

2014-08-18 19:31 - 2014-08-18 19:31 - 00364544 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\pythoncom27.dll

2014-08-18 19:31 - 2014-08-18 19:31 - 00045568 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_socket.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 01160704 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_ssl.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00320512 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32com.shell.shell.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00713216 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_hashlib.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 01175040 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._core_.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00805888 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._gdi_.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00811008 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._windows_.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 01062400 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._controls_.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00735232 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._misc_.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00128512 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_elementtree.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00127488 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\pyexpat.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00557056 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\pysqlite2._sqlite.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00007168 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\hashobjs_ext.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00087552 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_ctypes.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00119808 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32file.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00108544 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32security.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00018432 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32event.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00038912 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32inet.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00070656 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._html2.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00167936 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32gui.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00011264 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32crypt.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00027136 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\_multiprocessing.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00122368 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._wizard.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00010240 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\select.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00024064 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32pipe.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00686080 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\unicodedata.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00025600 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32pdh.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00525640 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\windows._lib_cacheinvalidation.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00035840 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32process.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00017408 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32profile.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00022528 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\win32ts.pyd

2014-08-18 19:31 - 2014-08-18 19:31 - 00078336 _____ () C:\Users\Scott Duncan\AppData\Local\Temp\_MEI49842\wx._animate.pyd

2014-08-15 14:29 - 2014-08-06 20:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-15 14:29 - 2014-08-06 20:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-15 14:29 - 2014-08-06 20:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-15 14:29 - 2014-08-06 20:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-15 14:29 - 2014-08-06 20:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/18/2014 08:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x187c

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:54:00 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0xd34

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x27c

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:32:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )

Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.

Parameter name: dueTime

Stack Trace:

   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)

   at System.Timers.Timer.set_Enabled(Boolean value)

   at SnappCloud.ActivationReminder.AraClient.PostInit()

   at SnappCloud.ActivationReminder.Program.Main(String[] args)

 

Error: (08/18/2014 07:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x870

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:30:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/18/2014 07:24:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x118c

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:23:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x2098

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x518

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

Error: (08/18/2014 07:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Faulting module name: mbamservice.exe, version: 3.0.2.0, time stamp: 0x5318d363

Exception code: 0x40000015

Fault offset: 0x0007da8a

Faulting process id: 0x1b7c

Faulting application start time: 0xmbamservice.exe0

Faulting application path: mbamservice.exe1

Faulting module path: mbamservice.exe2

Report Id: mbamservice.exe3

 

 

System errors:

=============

Error: (08/18/2014 08:01:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 4 time(s).

 

Error: (08/18/2014 07:54:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 3 time(s).

 

Error: (08/18/2014 07:34:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 2 time(s).

 

Error: (08/18/2014 07:31:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (08/18/2014 07:29:29 PM) (Source: BugCheck) (EventID: 1001) (User: )

Description: 0x000000ce (0xfffff8800b8e39ef, 0x0000000000000008, 0xfffff8800b8e39ef, 0x0000000000000000)C:\windows\MEMORY.DMP081814-43446-01

 

Error: (08/18/2014 07:28:32 PM) (Source: mbamchameleon) (EventID: 28930) (User: )

Description: Mbamchameleon failed to initiate Object Manager filtering - C0000034

 

Error: (08/18/2014 07:28:32 PM) (Source: mbamchameleon) (EventID: 28929) (User: )

Description: Mbamchameleon failed to initiate File System filtering - C0000034

 

Error: (08/18/2014 07:28:19 PM) (Source: mbamchameleon) (EventID: 28930) (User: )

Description: Mbamchameleon failed to initiate Object Manager filtering - C0000034

 

Error: (08/18/2014 07:28:19 PM) (Source: mbamchameleon) (EventID: 28929) (User: )

Description: Mbamchameleon failed to initiate File System filtering - C0000034

 

Error: (08/18/2014 07:28:55 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 7:26:57 PM on ‎8/‎18/‎2014 was unexpected.

 

 

Microsoft Office Sessions:

=========================

Error: (08/18/2014 08:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a187c01cfbb59cf9db015C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe167ab890-274d-11e4-a8e8-e89a8f990259

 

Error: (08/18/2014 07:54:00 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8ad3401cfbb58ca5762a5C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe1160fa07-274c-11e4-a8e8-e89a8f990259

 

Error: (08/18/2014 07:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a27c01cfbb561d3568abC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe6418e73b-2749-11e4-a8e8-e89a8f990259

 

Error: (08/18/2014 07:32:31 PM) (Source: Toshiba App Place) (EventID: 0) (User: )

Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.

Parameter name: dueTime

Stack Trace:

   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)

   at System.Timers.Timer.set_Enabled(Boolean value)

   at SnappCloud.ActivationReminder.AraClient.PostInit()

   at SnappCloud.ActivationReminder.Program.Main(String[] args)

 

Error: (08/18/2014 07:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a87001cfbb5577afa583C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exec944928e-2748-11e4-a8e8-e89a8f990259

 

Error: (08/18/2014 07:30:26 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/18/2014 07:24:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a118c01cfbb549c89c59cC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exee38fda81-2747-11e4-ba73-e89a8f990259

 

Error: (08/18/2014 07:23:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a209801cfbb5480a06ceaC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exec7b48e46-2747-11e4-ba73-e89a8f990259

 

Error: (08/18/2014 07:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a51801cfbb544660fac7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe8d6a8f5b-2747-11e4-ba73-e89a8f990259

 

Error: (08/18/2014 07:21:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a1b7c01cfbb543cbc87cbC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe83c1599f-2747-11e4-ba73-e89a8f990259

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-01-27 07:49:08.437

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-01-27 07:49:08.359

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Pentium® CPU B940 @ 2.00GHz

Percentage of memory in use: 46%

Total physical RAM: 6091.86 MB

Available physical RAM: 3257.54 MB

Total Pagefile: 12181.9 MB

Available Pagefile: 8920.45 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (TI106139W0E) (Fixed) (Total:450.57 GB) (Free:277.25 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 4E59E2AF)

Partition 1: (Active) - (Size=1.5 GB) - (Type=27)

Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=13.7 GB) - (Type=17)

 

==================== End Of Log ============================

Link to post
Share on other sites

mbam-check result log version:     2.1.1.1001

========================================

 

User Account type:                 Administrator

OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System

Current Version and Build:         6.1.7601.0 

Malwarebytes Anti-Malware:         

Installed On:                      2014/05/30

Malware Database:                  0000.00.00.00

Rootkit Database:                  0000.00.00.00

Remediation Database:              0000.00.00.00

IP Database:                       0000.00.00.00

Domain Database:                   0000.00.00.00

License:                           Premium

Malware Protection:                4 (The service is running.)

Malicious Website Protection:      1 (The service is not running.)

Chameleon:                         4 (The service is running.)

Log Created:                       2014/08/18 20:31:09

Compatibility Flag Settings:

=================================

 

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers

C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exeREG_SZ RUNASADMIN ELEVATECREATEPROCESS

 

 

Malwarebytes Anti-Malware Shell Extension Block Check:

======================================================

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

 

MBAM Startup Entries: 

=====================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

 

Malwarebytes Anti-Malware Service and Driver Status:

=======================================================

 

--------------Driver File Info:--------------

C:\windows\system32\drivers\mbam.sys

File Size: 25816     BYTES FileVersion: 0.1.13.0 MD5: [f92b0e478c0faa6d6661e6e977247e60]

C:\windows\system32\drivers\mwac.sys

File Size: 63704     BYTES FileVersion: 1.0.1.0 MD5: [15e8abc06843672955ce26a009533bad]

C:\windows\system32\drivers\mbamswissarmy.sys

File Size: 122584    BYTES FileVersion: 0.1.7.0 MD5: [8a50d5304e6ae48664cf5838ec32f647]

C:\windows\system32\drivers\mbamchameleon.sys

File Size: 91352     BYTES FileVersion: 1.0.4.0 MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]

 

--------------MBAMProtector:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMService:--------------

Type:                   16

State:                  1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE:        1067

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMScheduler:--------------

Type:                   16

State:                  4 (The service is running.)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMChameleon:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

--------------MBAMWebAccessControl:--------------

Type:                   1

State:                  1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE:        1077

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

Required Dependencies:

======================

 

--------------BFE:--------------

Type:                   32

State:                  4 (The service is running.)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

DisplayName                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1001

Group                         REG_SZ NetworkProvider

ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork

Description                   REG_SZ @%SystemRoot%\system32\bfe.dll,-1002

ObjectName                    REG_SZ NT AUTHORITY\LocalService

ErrorControl                  REG_DWORD 1

Start                         REG_DWORD 2

Type                          REG_DWORD 32

DependOnService               REG_MULTI_SZ RpcSs

 

ServiceSidType                REG_DWORD 3

RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

 

FailureActions                REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters

ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll

ServiceDllUnloadOnStop        REG_DWORD 1

ServiceMain                   REG_SZ BfeServiceMain

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter

{8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data

 

{e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data

 

{e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data

 

{0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data

 

{034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data

 

{cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data

 

{47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data

 

{5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data

 

{ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data

 

{b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data

 

{430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data

 

{a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data

 

{c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data

 

{3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data

 

{e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data

 

{2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data

 

{638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data

 

{f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data

 

{0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data

 

{1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data

 

{39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data

 

{f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data

 

{a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data

 

{98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data

 

{70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data

 

{fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data

 

{64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data

 

{e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data

 

{dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data

 

{113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data

 

{ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data

 

{b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data

 

{2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data

 

{1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data

 

{d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data

 

{d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data

 

{c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data

 

{f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data

 

{fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data

 

{b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data

 

{68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data

 

{21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data

 

{ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data

 

{c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data

 

{9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data

 

{3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data

 

{cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data

 

{511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout

{288d1fdb-0317-7e44-cb75-83debf2aebf5}REG_BINARY Binary Data

 

{43ebc567-3739-d724-e89c-cd57f7f662be}REG_BINARY Binary Data

 

{e07dc617-78d7-4317-8d98-1de4a06a7447}REG_BINARY Binary Data

 

{fa50a7a7-58aa-48cc-b795-039f0519e05d}REG_BINARY Binary Data

 

{83b672f1-37df-f3d4-c8be-2d0ed09451ed}REG_BINARY Binary Data

 

{1938590a-37c1-4754-e9ee-c9198f101b57}REG_BINARY Binary Data

 

{63ceb950-c8c2-62c4-197a-70815d052de9}REG_BINARY Binary Data

 

{7f44d536-a1d5-04b4-5821-f9d3f05e7b77}REG_BINARY Binary Data

 

{0c1ac9f9-08e1-4a93-b969-f2cc78ab71da}REG_BINARY Binary Data

 

{ba7a59eb-6441-4b0a-8867-5e8b896c2786}REG_BINARY Binary Data

 

{822c8b33-e507-cad4-ab50-e06d74102386}REG_BINARY Binary Data

 

{ce939e38-be51-53f4-d98e-c7905ea7af84}REG_BINARY Binary Data

 

{b787f560-894f-8db4-1bd5-ea38d2f4006a}REG_BINARY Binary Data

 

{5040b65d-0ecd-5fc4-99ee-7bccd3941b13}REG_BINARY Binary Data

 

{e53d1460-4afc-e1e4-8a2e-e210cc564688}REG_BINARY Binary Data

 

{2e971130-3bf4-ea64-9ab5-cb9c3a0cad57}REG_BINARY Binary Data

 

{bff0c14d-5646-7644-3a01-f0344e4cb231}REG_BINARY Binary Data

 

{3ce1de5f-d7ef-e064-1991-abe3beefda33}REG_BINARY Binary Data

 

{d384de9c-320b-7564-788b-7e17bd4f3e06}REG_BINARY Binary Data

 

{b6fe0628-75e9-41d4-c85b-106b79a9605c}REG_BINARY Binary Data

 

{6db2047b-4844-4a34-c9f7-612acd816b15}REG_BINARY Binary Data

 

{7dbcb70a-fa99-76c4-2bb7-44e9545c290b}REG_BINARY Binary Data

 

{f0888ff5-e13d-e844-1b13-64f885451c9e}REG_BINARY Binary Data

 

{1e6f2082-dc1c-e774-9889-d77bc276de17}REG_BINARY Binary Data

 

{34392ca1-05dd-d324-d886-a1db63fd0a1c}REG_BINARY Binary Data

 

{2c8aea04-7f81-44e4-380a-4f1f1fd3ec8b}REG_BINARY Binary Data

 

{4d6ff4f5-33fc-04a4-5a43-580d83238c1f}REG_BINARY Binary Data

 

{056d0c54-b875-6b54-3b6b-85fb20ef945b}REG_BINARY Binary Data

 

{d9bf7a23-80e2-16f4-4916-10b6881da7f4}REG_BINARY Binary Data

 

{3b15de27-387f-0b04-b8fd-9cfec1fc2b53}REG_BINARY Binary Data

 

{ff60487c-9b38-8b74-eaad-a723fe2920f3}REG_BINARY Binary Data

 

{e113abe3-c2c2-e7d4-981a-1d81cef728cd}REG_BINARY Binary Data

 

{f9c69fee-fab9-4d14-7bf0-4150924172c3}REG_BINARY Binary Data

 

{013bfb29-c999-4f74-e91a-163592356489}REG_BINARY Binary Data

 

{a1f52b10-d3a0-5584-db3f-4fbff5ee691e}REG_BINARY Binary Data

 

{a66e372d-6ad2-32b4-fa7a-9e5406a06efb}REG_BINARY Binary Data

 

{25452abe-22c4-46e4-4b43-4e63c44ff052}REG_BINARY Binary Data

 

{d2186677-8f09-80c4-9a3c-fb95a7cafe47}REG_BINARY Binary Data

 

{13d22885-8869-6194-8a68-eabf78dc7b1d}REG_BINARY Binary Data

 

{85d443eb-d02f-35b4-09b6-17a55933e9a9}REG_BINARY Binary Data

 

{468aa82e-7c0b-3484-f976-c96cac54f548}REG_BINARY Binary Data

 

{d7167dab-073c-70f4-eaa7-27a7f9058100}REG_BINARY Binary Data

 

{aa75c41d-0567-9754-fbb4-98314d2e1025}REG_BINARY Binary Data

 

{72d8a0b2-f9e8-3a14-5947-53b26053e2cc}REG_BINARY Binary Data

 

{1e83b45d-73c2-3c74-69ca-ca49a21a9471}REG_BINARY Binary Data

 

{124cd831-d190-26d4-1912-9d66a2f87850}REG_BINARY Binary Data

 

{f4965f1d-9b1d-c1b4-a9bf-7f14d9558673}REG_BINARY Binary Data

 

{d9fbf698-6e04-4044-e834-05a80e2c7216}REG_BINARY Binary Data

 

{3c565f9a-e9d1-52d4-280a-204519ae9b74}REG_BINARY Binary Data

 

{cae4853d-d48a-5094-9998-a654d8a1f201}REG_BINARY Binary Data

 

{c195d6cb-28ba-0244-f9ea-d52c30774a2f}REG_BINARY Binary Data

 

{945df99a-f3cd-63b4-1925-816ce9429e3b}REG_BINARY Binary Data

 

{323a84ef-da67-4c44-3940-200827d6c044}REG_BINARY Binary Data

 

{379a9aa8-6286-9274-6a9a-1b9f9fef5ea2}REG_BINARY Binary Data

 

{3162ae5d-fd53-7894-badc-9910318def3f}REG_BINARY Binary Data

 

{83ad9a09-ff8f-4a54-d99a-cec7b98984ff}REG_BINARY Binary Data

 

{2de5159c-7a8e-f814-58c2-236f884dbb18}REG_BINARY Binary Data

 

{539b7c6d-8ad7-ea54-cbba-f028c6a88719}REG_BINARY Binary Data

 

{6329feaf-fae0-51e4-aba7-9107bc00d060}REG_BINARY Binary Data

 

{b99aa75f-8721-98a4-e952-f03e1e644994}REG_BINARY Binary Data

 

{a49c4ab8-c054-9914-2b9c-7d0ae48d8505}REG_BINARY Binary Data

 

{7df4b338-f782-f0f4-9bed-e9b45deb580e}REG_BINARY Binary Data

 

{f319fd16-192f-13a4-ea06-180e16c755f9}REG_BINARY Binary Data

 

{3cc23cb2-30bd-6674-3bf9-81d622fde73d}REG_BINARY Binary Data

 

{4053bd41-f27e-8bc4-39d8-4420fc25b014}REG_BINARY Binary Data

 

{92517201-7702-8bf4-dbea-9fdfe8a32410}REG_BINARY Binary Data

 

{1d0f6316-1e62-7cb4-b908-aebc52d7af48}REG_BINARY Binary Data

 

{c28099d7-7ef3-3f64-785c-9e82ff2678a9}REG_BINARY Binary Data

 

{9a81b08a-d239-9f14-ea63-fa043703c04b}REG_BINARY Binary Data

 

{a739d627-00a3-9634-ebf2-0b0c7977fea1}REG_BINARY Binary Data

 

{bd54f486-7316-ae84-bad6-efec4ca12d63}REG_BINARY Binary Data

 

{9d16cb2a-7eb4-db64-5980-d989275b5c6a}REG_BINARY Binary Data

 

{b95281e9-0df5-3664-289a-2cda6a45f97d}REG_BINARY Binary Data

 

{ca4cad28-4dd9-6034-69c5-d5362f3cc1cb}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter

{8c300c03-7d30-1b44-8a83-dcc8c09cfa85}REG_BINARY Binary Data

 

{e311ae9f-e0fb-7f04-7b55-8a257506650f}REG_BINARY Binary Data

 

{e88282c2-f90f-ef54-1a60-13cbe22eceaa}REG_BINARY Binary Data

 

{4ef2b2de-4b97-0234-3bbf-eaa6719814d6}REG_BINARY Binary Data

 

{e1739739-ee27-4492-b61b-b1fd907d9e88}REG_BINARY Binary Data

 

{e7609227-f261-4b39-a7f5-64e338ade472}REG_BINARY Binary Data

 

{0f14dd31-cf58-4fab-9127-e085c7547d7a}REG_BINARY Binary Data

 

{f3009b7d-992b-4cce-b65a-2792465c6ea4}REG_BINARY Binary Data

 

{034c737b-f629-a1b4-6afb-1a2f44a1a1d7}REG_BINARY Binary Data

 

{dcbbcd6b-37fe-0914-2b3e-a5a15ed83c24}REG_BINARY Binary Data

 

{cfb4c757-0bff-94e4-7801-a2b2f62f35ce}REG_BINARY Binary Data

 

{a5f90f38-2ba6-0c84-3a97-906cc41a4860}REG_BINARY Binary Data

 

{47a3a498-021c-7304-b85a-6bb5e43ade96}REG_BINARY Binary Data

 

{3bb6a48a-db01-da24-6b94-b0890b8da96f}REG_BINARY Binary Data

 

{5bb9675e-0064-2cb4-d89d-bcd4e20e11c8}REG_BINARY Binary Data

 

{642969df-6023-55a4-384d-a00571e7a98a}REG_BINARY Binary Data

 

{ca70ae30-59e8-46ef-b483-c22ee366ab29}REG_BINARY Binary Data

 

{c91d1d66-421c-4b87-ac5b-a18193abbd64}REG_BINARY Binary Data

 

{b18f04c9-f2e9-4d39-9510-b9265a6b071d}REG_BINARY Binary Data

 

{bb623a72-5252-4284-a365-1cd0f83e55ce}REG_BINARY Binary Data

 

{430f2767-3528-2784-289e-b0860d99a608}REG_BINARY Binary Data

 

{3ba7deb2-a886-ae74-f87a-72194738a423}REG_BINARY Binary Data

 

{a06ae492-b0c1-1f94-caa4-bb9b226ca22d}REG_BINARY Binary Data

 

{11cc978e-2782-1724-79bf-9a7edca87fae}REG_BINARY Binary Data

 

{c540d974-3c6c-be64-5bff-3db65b322a1d}REG_BINARY Binary Data

 

{9de53702-392d-8044-2953-fc2bc7af47ad}REG_BINARY Binary Data

 

{3e3f092e-1288-a8c4-28bf-2b4ef96df312}REG_BINARY Binary Data

 

{d96b0bca-4c17-2b34-48b1-60566dd3e999}REG_BINARY Binary Data

 

{e20f0605-5735-38d4-6aea-19d1b15c7868}REG_BINARY Binary Data

 

{e448f4a4-8392-a954-699a-41c712f4a5d3}REG_BINARY Binary Data

 

{2dc4271a-246e-a1a4-3a70-4c8f14fd7ba0}REG_BINARY Binary Data

 

{e1de2d9d-2a11-f554-0acf-db826b0f4bd6}REG_BINARY Binary Data

 

{638ffdf7-a3ff-66c4-7b65-4f406b0da651}REG_BINARY Binary Data

 

{5342d19f-180e-3124-b95c-cc8d73fef5b1}REG_BINARY Binary Data

 

{f9bc3444-96d0-0ca4-8920-5425ed611a9e}REG_BINARY Binary Data

 

{1c5aab44-1a9b-9c04-9a1d-f9f85ec51e98}REG_BINARY Binary Data

 

{0ff1f959-c0d4-3ca4-a8a5-cb469d318b39}REG_BINARY Binary Data

 

{b5db1d35-04c6-07f4-3912-a48d9266dc36}REG_BINARY Binary Data

 

{1dd94704-a218-0d34-18d3-1ba50d201728}REG_BINARY Binary Data

 

{a95b3da7-c453-a294-cacb-b5065e5a9dd0}REG_BINARY Binary Data

 

{39f29298-8fa5-0144-fab3-bcd9ad227c3b}REG_BINARY Binary Data

 

{4dbfdcf1-8cd6-79a4-1b57-d3ce0245e8ed}REG_BINARY Binary Data

 

{f154d790-c121-3a84-7824-f7ff97bea29e}REG_BINARY Binary Data

 

{b00673e4-f4be-01d4-cab1-cab8f7f217a8}REG_BINARY Binary Data

 

{a708428d-50f4-9d44-aa15-fd48988b7d66}REG_BINARY Binary Data

 

{ad3611e0-f9e2-ebf4-49e1-59361a5ffbea}REG_BINARY Binary Data

 

{98b0b712-aa06-f734-0bec-c14f445161c4}REG_BINARY Binary Data

 

{605a11a1-39e0-8eb4-2850-e2b24f317d76}REG_BINARY Binary Data

 

{70e10304-e806-1af4-4a65-791688215398}REG_BINARY Binary Data

 

{883a9337-5ef5-f4c4-5b87-239da3ee190f}REG_BINARY Binary Data

 

{fb588d62-f991-4044-bba6-5e96cf3939df}REG_BINARY Binary Data

 

{b14c171c-cba7-ebd4-fbb8-ce1071abca6d}REG_BINARY Binary Data

 

{64f39050-d77f-7a74-8a07-2a7c2dd7802d}REG_BINARY Binary Data

 

{24c60015-9c25-3f34-cacf-92da9840e906}REG_BINARY Binary Data

 

{e69be8e1-869d-0e34-99f6-f82ea91df33d}REG_BINARY Binary Data

 

{6d7c050d-a47a-9914-9b9c-3ec20b9d7698}REG_BINARY Binary Data

 

{dcae098a-dff1-ffe4-9b22-0bb2738885db}REG_BINARY Binary Data

 

{2efb3fad-ff4c-e684-5b3c-af1df1bf1ca9}REG_BINARY Binary Data

 

{113ba551-0a01-aa84-1944-25df351f74ab}REG_BINARY Binary Data

 

{125c4673-2cbe-b8d4-8aee-faf905c18997}REG_BINARY Binary Data

 

{ef11fc1e-9d20-ff14-3b74-55b7e55eeb97}REG_BINARY Binary Data

 

{49339bce-1676-b564-79f0-9dedba6ac5a0}REG_BINARY Binary Data

 

{b457115e-0fc4-89f4-2b7d-85e7d94efcaa}REG_BINARY Binary Data

 

{d167b2f1-e18b-4644-2b1f-c8c84095db6b}REG_BINARY Binary Data

 

{2265f512-4d6b-8484-fbf8-7d6ec7579b67}REG_BINARY Binary Data

 

{65bd1b95-7c25-1cb4-e8cf-5f77cf66fc7e}REG_BINARY Binary Data

 

{1b0fa1a4-5e46-8cc4-18c0-f5ff3dd69546}REG_BINARY Binary Data

 

{aea589d8-0f00-bc04-0a41-f96b266d758d}REG_BINARY Binary Data

 

{d663476c-94a3-c5e4-db44-7aa6c8fabd83}REG_BINARY Binary Data

 

{db7b7458-6817-ce44-0abe-440eae0c2b57}REG_BINARY Binary Data

 

{d4de1868-54d9-b4e4-ab30-b9c378cb4b18}REG_BINARY Binary Data

 

{60268e51-b7fd-c1e4-6b82-638aa19227bd}REG_BINARY Binary Data

 

{c8e26ddd-a426-73e4-b848-a5c31a087eca}REG_BINARY Binary Data

 

{1ad00215-eb30-eda4-69bd-346d8371787a}REG_BINARY Binary Data

 

{f67c8b29-2d24-0a74-fbd7-a5cbbe16f710}REG_BINARY Binary Data

 

{60286bb2-acca-67d4-58d8-3610a6618e15}REG_BINARY Binary Data

 

{fbe3d017-fb99-8c14-aad9-631321b22614}REG_BINARY Binary Data

 

{169d6be1-b993-6af4-c9f7-74f6946781e4}REG_BINARY Binary Data

 

{b47f0b6a-3185-6434-c8b0-e1e69c18eb94}REG_BINARY Binary Data

 

{30146aff-3c2c-0aa4-3905-894aa433e953}REG_BINARY Binary Data

 

{7587f941-cafe-99d4-fb05-f470e11db9d0}REG_BINARY Binary Data

 

{a3d09149-cc40-6854-f9b2-5a83e63b5aa9}REG_BINARY Binary Data

 

{08851390-28f1-d024-0a30-96424e7f2a8c}REG_BINARY Binary Data

 

{e00fb75c-bfb8-a0b4-ea1a-aad548b5cb38}REG_BINARY Binary Data

 

{d1d8fe07-0f6f-3bb4-8b2d-ac54185b9ea4}REG_BINARY Binary Data

 

{07a51945-f0a0-a984-19dd-a2fa6df50ca1}REG_BINARY Binary Data

 

{aa959992-13eb-eab4-c8c3-344b164dedc0}REG_BINARY Binary Data

 

{e124c736-1dd5-f034-181e-202a6f0d45e3}REG_BINARY Binary Data

 

{45b3b6b8-08a0-0eb4-2b3f-7cba6fcff68a}REG_BINARY Binary Data

 

{63f3d0c3-b230-3384-a9a0-05fe70c051a9}REG_BINARY Binary Data

 

{7d972967-373f-53c4-c822-6d9b98040aac}REG_BINARY Binary Data

 

{8b0216d4-8c51-5674-d977-0d4c5873c41f}REG_BINARY Binary Data

 

{68487fdc-3301-cef4-ea7a-583c54b3069c}REG_BINARY Binary Data

 

{63421a09-1e6b-1724-88be-ac3012cda100}REG_BINARY Binary Data

 

{21e3a753-0ccf-f284-abd6-7221adbd9311}REG_BINARY Binary Data

 

{d0bbb240-772e-3144-4bcd-ef6b426e90ba}REG_BINARY Binary Data

 

{0259c1da-7cce-f914-7a21-487e1e084a28}REG_BINARY Binary Data

 

{1dd6069a-5a11-49c4-ba9a-67c6a44f5b4c}REG_BINARY Binary Data

 

{104e67d6-ec8f-28b4-bb61-00fde33ab1eb}REG_BINARY Binary Data

 

{b4251f4a-2d5a-b014-0a4a-ed36b5e10ea0}REG_BINARY Binary Data

 

{ffb717c4-ecc7-8b14-3978-dca6602db705}REG_BINARY Binary Data

 

{4f8e204e-5624-9234-8a78-8f16aae3ef20}REG_BINARY Binary Data

 

{c40bc20f-87a8-8e24-e824-38f14fb83d7e}REG_BINARY Binary Data

 

{c55f646a-7d0e-5ff4-9b56-abc231ba1bef}REG_BINARY Binary Data

 

{4776b92a-fed9-d8e4-9a0e-f85cf5865d35}REG_BINARY Binary Data

 

{9f3078ed-3bb3-2e24-ab4a-71722a21fd64}REG_BINARY Binary Data

 

{92ac1647-5cd5-a1d4-0bc1-5fd3213c8c4b}REG_BINARY Binary Data

 

{02cca994-9a30-25a4-3b7c-bd328cba6209}REG_BINARY Binary Data

 

{a64e2fd7-fb02-4674-8819-10780570e8b7}REG_BINARY Binary Data

 

{8daa920a-dfd9-7844-5bf9-ab95051685aa}REG_BINARY Binary Data

 

{9cd26f24-b76d-2e14-ca19-d17d552bb424}REG_BINARY Binary Data

 

{9c8380e5-0d81-eef4-a88b-21dd395c25fa}REG_BINARY Binary Data

 

{3bbaa68c-b062-66a4-8a85-648680f757ca}REG_BINARY Binary Data

 

{22482d59-35d6-1f44-3b51-19ad61d3114c}REG_BINARY Binary Data

 

{cd1b16b0-cc00-0be4-79f2-7b4ae69a2037}REG_BINARY Binary Data

 

{87dc86f5-72ee-2fc4-8a83-0363327f1b96}REG_BINARY Binary Data

 

{511094b4-6ffd-e2e4-0bcf-9794e77d95ae}REG_BINARY Binary Data

 

{d7429422-150f-0c74-3bba-dc048e9baf3d}REG_BINARY Binary Data

 

{bf1b654b-5339-2a44-1923-64119b05b796}REG_BINARY Binary Data

 

{36ed884e-2b1f-e2d4-5b52-d7b9371a4b93}REG_BINARY Binary Data

 

{f0b80ade-0944-73b4-09cc-ba867baba6d6}REG_BINARY Binary Data

 

{3627ecb2-b18b-74a4-7b8a-4dc864cfe05e}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider

{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

 

{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

 

{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

 

{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

 

{06e9d64c-15e9-4615-a862-1f0dc2674c6a}REG_BINARY Binary Data

 

{d4bd4a0f-7591-4da2-ae67-3aa97c3c34c2}REG_BINARY Binary Data

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer

{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

 

{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

 

{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data

 

{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data

 

{138d8cf9-63ce-0264-2a6a-82012a3041e9}REG_BINARY Binary Data

 

{e104491e-e3ff-5884-297d-4a606059202a}REG_BINARY Binary Data

 

{944c7c85-2d3e-3ca4-b96c-45f1fbacf534}REG_BINARY Binary Data

 

{7ad177f7-b8b6-f044-982b-02fba7bb5a4b}REG_BINARY Binary Data

 

{982a8b99-8fda-5af4-394e-b3a86eeae3a2}REG_BINARY Binary Data

 

{716551c6-d81c-c314-8b60-8e802d17af65}REG_BINARY Binary Data

 

{fa440e9d-3210-9e34-0941-9e24589c14a7}REG_BINARY Binary Data

 

{3659e00e-8c62-9174-8be9-e4e562795f04}REG_BINARY Binary Data

 

{a98edafe-8f64-8144-fa1b-ba21cc1c77dd}REG_BINARY Binary Data

 

{7e0920ad-bcec-bb94-f850-b022eac09779}REG_BINARY Binary Data

 

--------------fltmgr:--------------

Type:                   2

State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)

WIN32_EXIT_CODE:        0

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr

AttachWhenLoaded              REG_DWORD 1

DisplayName                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001

Group                         REG_SZ FSFilter Infrastructure

ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys

Description                   REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000

ErrorControl                  REG_DWORD 3

Start                         REG_DWORD 0

Tag                           REG_DWORD 1

Type                          REG_DWORD 2

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum

0                             REG_SZ Root\LEGACY_FLTMGR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

 

 

C:\windows\system32\drivers\fltmgr.sys

File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]

C:\windows\SysWOW64\mscomctl.ocx

File Size: 1070232   BYTES FileVersion: 6.1.98.39 MD5: [766f501b61c22723536af696a74133d4]

C:\windows\SysWOW64\olepro32.dll

File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]
Link to post
Share on other sites

 


MBAM Registry Settings and License Info:

========================================

--------------Settings:--------------

Advanced: 

    AutomaticQuarantine:                                       true 

    AutostartProtection:                                       true 

    EarlyStartSelfProtection:                                  true 

    LimitedMode:                                               false 

    SelfProtection:                                            true 

    StartSilentMode:                                           false 

    StartupDelay:                                              15 

ApplicationState: 

    First-Run-After-Installation:                              false 

General: 

    DaysUntilNotifyExpiration:                                 5 

    Language:                                                   

    RightClickAccess:                                          true 

    SilentErrors:                                              false 

Logging: 

    ExportLog:                                                 true 

Notification: 

ProtectionTray: 

    DisplayMilliseconds:                                       7000 

ScanHistory: 

    Duration_Complete:                                         3000 

    Duration_Driver:                                           10000 

    Duration_Filesystem:                                       0 

    Duration_Heuristics:                                       0 

    Duration_Loading:                                          0 

    Duration_MasterBootRecord:                                 0 

    Duration_Memory:                                           40000 

    Duration_PreScan:                                          11000 

    Duration_Registry:                                         3000 

    Duration_Sector:                                           0 

    Duration_SectorMemory:                                     1000 

    Duration_Startup:                                          10000 

    ItemCount_Complete:                                        0 

    ItemCount_Driver:                                          333 

    ItemCount_Filesystem:                                      0 

    ItemCount_Heuristics:                                      0 

    ItemCount_Loading:                                         0 

    ItemCount_MasterBootRecord:                                3 

    ItemCount_Memory:                                          2797 

    ItemCount_PreScan:                                         0 

    ItemCount_Registry:                                        659 

    ItemCount_Sector:                                          0 

    ItemCount_SectorMemory:                                    221 

    ItemCount_Startup:                                         2562 

    LastScanDateEpoch:                                         1408418446091 

    LastScanType:                                              1 (Threat Scan)

Update: 

    LastUpdate:                                                2014-08-16T14:25:00 

    NotifyInstallReady:                                        true 

    NotifyOutdatedDatabase:                                    1 

    ProxyPassword:                                              

    ProxyPort:                                                 0 

    ProxyServer:                                                

    ProxyUsername:                                              

    UseProxy:                                                  false 

    UseProxyAuthentication:                                    false 

--------------Account:--------------

  Account Status:                                              Premium 

  Expiration Time:                                             2034/05/18 06:08:06 

  Activation Time:                                             2014/05/18 06:08:06 

  Trial Used:                                                  false 

--------------Access Policies:--------------

 

Scheduler Queue:

================

 

tasks: 

    59831fd6-9997-4094-8e50-6adca69830b3:                       

      parameters:                                               

        CheckForUpdatesBeforeScanStart:                        false 

        ScanConfig:                                             

          ExitWhenNoMalwareDetected:                           false 

          FileSystemOption:                                    true 

          RebootSystemWhenMalwareDetected:                     false 

          RemoveMalwareAutomaticallyWhenScanEnds:              false 

          ScanArchives:                                        true 

          ScanHeuristic:                                       true 

          ScanMemoryObjects:                                   true 

          ScanPUM:                                             2 

          ScanPUP:                                             2 

          ScanRegistry:                                        true 

          ScanRootkits:                                        false 

          ScanStartup:                                         true 

          ScanTargets:                                          

          ScanType:                                            1 (Threat Scan)

          Silent:                                              true 

        StartTaskFromSystemAccount:                            false 

        TaskType:                                              0 

      triggers:                                                 

        e3bed033-ade0-4a49-8ea5-9d6c44ec0185:                   

          dateinterval:                                        0:0:0 

          lastscheduled:                                       Mon, 18 Aug 2014 20:20:46.006195 -0700 

          lasttriggered:                                       Mon, 18 Aug 2014 20:20:46.006195 -0700 

          nextscheduled:                                       Mon, 18 Aug 2014 21:20:46.006195 -0700 

          recovery:                                            00:00:00 

          start:                                               Tue, 19 Aug 2014 02:20:46 +0000 

          timeinterval:                                        01:00:00 

          type:                                                3 

          uuid:                                                e3bed033-ade0-4a49-8ea5-9d6c44ec0185 

      type:                                                    scan 

      uuid:                                                    59831fd6-9997-4094-8e50-6adca69830b3 

    73f21eb8-3626-4472-9aaa-31494332af6e:                       

      parameters:                                               

        CheckForUpdatesBeforeScanStart:                        true 

        ProcessLaunchedFromScheduler:                          true 

        ScanConfig:                                             

          ExitWhenNoMalwareDetected:                           false 

          ExportLog:                                           true 

          FileSystemOption:                                    true 

          RebootSystemWhenMalwareDetected:                     false 

          RemoveMalwareAutomaticallyWhenScanEnds:              false 

          ScanArchives:                                        true 

          ScanExtra:                                           true 

          ScanHeuristic:                                       true 

          ScanMemoryObjects:                                   true 

          ScanPUM:                                             2 

          ScanPUP:                                             2 

          ScanRegistry:                                        true 

          ScanRootkits:                                        false 

          ScanStartup:                                         true 

          ScanTargets:                                          

          ScanType:                                            1 (Threat Scan)

          Silent:                                              true 

          TerminateExplorerWhenMalwareIsRemoved:               false 

        StartTaskFromSystemAccount:                            false 

        TaskType:                                              0 

      triggers:                                                 

        6d84bbf9-92ea-4e84-b0b7-7e9985a8ae8f:                   

          dateinterval:                                        1:0:0 

          lastscheduled:                                       Mon, 18 Aug 2014 17:14:57.203059 -0700 

          lasttriggered:                                       Mon, 18 Aug 2014 17:14:57.203059 -0700 

          nextscheduled:                                       Tue, 19 Aug 2014 17:29:52.203059 -0700 

          recovery:                                            23:00:00 

          start:                                               Thu, 12 Jun 2014 01:00:00 +0000 

          timeinterval:                                        00:00:00 

          type:                                                4 

          uuid:                                                6d84bbf9-92ea-4e84-b0b7-7e9985a8ae8f 

      type:                                                    scan 

      uuid:                                                    73f21eb8-3626-4472-9aaa-31494332af6e 

    74bd8651-166b-410f-99d6-338fe079b4ce:                       

      parameters:                                               

        NotifyWhenUpdateCompletes:                             true 

        ProcessLaunchedFromScheduler:                          true 

        TaskType:                                              3 

      triggers:                                                 

        f149661e-5430-4caa-bb21-74205e98740f:                   

          dateinterval:                                        0:0:0 

          lastscheduled:                                       Mon, 18 Aug 2014 19:44:35.739063 -0700 

          lasttriggered:                                       Mon, 18 Aug 2014 19:44:35.739063 -0700 

          nextscheduled:                                       Mon, 18 Aug 2014 21:39:43.739063 -0700 

          recovery:                                            00:00:00 

          start:                                               Thu, 12 Jun 2014 01:00:00 +0000 

          timeinterval:                                        02:00:00 

          type:                                                3 

          uuid:                                                f149661e-5430-4caa-bb21-74205e98740f 

      type:                                                    update 

      uuid:                                                    74bd8651-166b-410f-99d6-338fe079b4ce 

 

Pending File Rename Operations: 

================================

If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.

 

MBAMProtector Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector

Type                          REG_DWORD 2

Start                         REG_DWORD 3

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ \??\C:\windows\system32\drivers\mbam.sys

Group                         REG_SZ FSFilter Anti-Virus

DependOnService               REG_MULTI_SZ FltMgr

 

WOW64                         REG_DWORD 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances

DefaultInstance               REG_SZ MBAMProtector Instance

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance

Altitude                      REG_SZ 328800

Flags                         REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters

PassThruFile                  REG_DWORD 0

ProductPath                   REG_DWORD 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum

0                             REG_SZ Root\LEGACY_MBAMPROTECTOR\0000

Count                         REG_DWORD 1

NextInstance                  REG_DWORD 1

 

MBAMService Registry Values:

============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"

DependOnService               REG_MULTI_SZ MBAMProtector

 

WOW64                         REG_DWORD 1

ObjectName                    REG_SZ LocalSystem

DelayedAutostart              REG_DWORD 0

 

MBAMScheduler Registry Values:

==============================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler

Type                          REG_DWORD 16

Start                         REG_DWORD 2

ErrorControl                  REG_DWORD 1

ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"

WOW64                         REG_DWORD 1

ObjectName                    REG_SZ LocalSystem

 

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:

===============================================================================

 

--------------TERMService:--------------

Type:                   32

State:                  1 (The service is not running.) (State is stopped)

WIN32_EXIT_CODE:        1077

SERVICE_EXIT_CODE:      0

CHECKPOINT:             0

WAIT_HINT:              0

 

 

TermService Start is set to: 3 (Manual Startup)

 

Proxy Status: No proxy is Set

 

Proxy Override: 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\

ProxyOverride REG_SZ <local>;*.local

 

LAN Settings:

=============

 

only 'Automatically detect settings' is selected

 

SystemPartition:

================

 

HKEY_LOCAL_MACHINE\SYSTEM\Setup\

SystemPartition REG_SZ \Device\HarddiskVolume1

 

Balloon Tips Status:

====================

 

Enabled

 

Time Format Settings:

=====================

 

Should be:

h:mm:ss tt

AM 

PM 

:

 

Currently:

REG_SZ h:mm:ss tt

REG_SZ AM

REG_SZ PM

REG_SZ :

 

Language and Regional Settings:

===============================

 

ACP:  Language is English (United States)

MACCP:  Language is English (United States)

OEMCP:  Language is English (United States)

 

Startup Folders for Error_Expanding_Variables Check:

====================================================

 

All Users Startup Folder Exists.

Current User's Startup Folder Exists.

 

 

Context Menu Entries:

=====================

 

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\MBAMShlExt

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt\CurVer

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\MBAMExt.MBAMShlExt.1\CLSID

(Default):                    REG_SZ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

 

 

 


Link to post
Share on other sites


HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}

(Default):                    REG_SZ IMBAMShlExt

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\ProxyStubClsid32

(Default):                    REG_SZ {00020424-0000-0000-C000-000000000046}

HKEY_CLASSES_ROOT\Interface\{015FAC74-0374-494A-A02D-316D562C0FCE}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

Version                       REG_SZ 1.0

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}

(Default):                    REG_SZ MBAMShlExt Class

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\InprocServer32

(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll

ThreadingModel                REG_SZ Apartment

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\ProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt.1

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\TypeLib

(Default):                    REG_SZ {AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}\VersionIndependentProgID

(Default):                    REG_SZ MBAMExt.MBAMShlExt

 

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default):                    REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0

(Default):                    REG_SZ MBAMExt 1.0 Type Library

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\0\win32

(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\FLAGS

(Default):                    REG_SZ 0

HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{AFF1A83B-6C83-4342-8E68-1648DE06CB65}\1.0\HELPDIR

(Default):                    REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware

 

 

List of MBAM Related Directories:

=================================

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\

7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]

atl100.dll                               File Size: 159032    BYTES FileVersion:  10.0.40219.325 MD5: [e013127ee031f1418b72fde79b1c2366]

changes.txt                              File Size: 2261      BYTES FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]

license.rtf                              File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]

master.conf                              File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]

mbam.dll                                 File Size: 579896    BYTES FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]

mbam.exe                                 File Size: 6970168   BYTES FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]

mbamcore.dll                             File Size: 1680696   BYTES FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]

mbamdor.exe                              File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]

mbamext.dll                              File Size: 184632    BYTES FileVersion:  3.0.4.0        MD5: [945bb364b09f3a8e998dbff02a0a5a58]

mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]

mbamscheduler.exe                        File Size: 1809720   BYTES FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]

mbamservice.exe                          File Size: 860472    BYTES FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]

mbamsrv.dll                              File Size: 4437816   BYTES FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]

msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]

msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]

QtCore4.dll                              File Size: 2732856   BYTES FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]

QtGui4.dll                               File Size: 8575288   BYTES FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]

QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]

unins000.dat                             File Size: 43719     BYTES FileVersion:  N/A            MD5: [e53abb75bec3be665d1497cf938c01f3]

unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows

chameleon.chm                            File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]

firefox.com                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

firefox.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

firefox.pif                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

firefox.scr                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

iexplore.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

mbam-chameleon.com                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

mbam-chameleon.exe                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

mbam-chameleon.pif                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

mbam-chameleon.scr                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

mbam-killer.exe                          File Size: 1181496   BYTES FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]

rundll32.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

svchost.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

windows.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

winlogon.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats

qgif4.dll                                File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages

lang_bg.qm                               File Size: 144048    BYTES FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]

lang_bs.qm                               File Size: 145523    BYTES FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]

lang_ca.qm                               File Size: 132254    BYTES FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]

lang_cs.qm                               File Size: 141243    BYTES FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]

lang_da.qm                               File Size: 130101    BYTES FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]

lang_de.qm                               File Size: 149462    BYTES FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]

lang_el.qm                               File Size: 149912    BYTES FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]

lang_en.qm                               File Size: 115961    BYTES FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]

lang_es.qm                               File Size: 130487    BYTES FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]

lang_et.qm                               File Size: 138126    BYTES FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]

lang_fi.qm                               File Size: 144256    BYTES FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]

lang_fr.qm                               File Size: 149253    BYTES FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]

lang_he.qm                               File Size: 116101    BYTES FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]

lang_hr.qm                               File Size: 139841    BYTES FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]

lang_hu.qm                               File Size: 145621    BYTES FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]

lang_id.qm                               File Size: 143102    BYTES FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]

lang_it.qm                               File Size: 146851    BYTES FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]

lang_ja.qm                               File Size: 121282    BYTES FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]

lang_ko.qm                               File Size: 118033    BYTES FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]

lang_nl.qm                               File Size: 146325    BYTES FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]

lang_no.qm                               File Size: 142918    BYTES FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]

lang_pl.qm                               File Size: 145434    BYTES FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]

lang_pt_BR.qm                            File Size: 131739    BYTES FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]

lang_pt_PT.qm                            File Size: 149128    BYTES FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]

lang_ro.qm                               File Size: 121166    BYTES FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]

lang_ru.qm                               File Size: 122186    BYTES FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]

lang_sk.qm                               File Size: 119827    BYTES FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]

lang_sl.qm                               File Size: 143191    BYTES FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]

lang_sr.qm                               File Size: 143261    BYTES FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]

lang_sv.qm                               File Size: 142525    BYTES FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]

lang_tr.qm                               File Size: 142194    BYTES FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]

lang_vi.qm                               File Size: 126874    BYTES FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]

lang_zh_tr.qm                            File Size: 110870    BYTES FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

 

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins

fixdamage.exe                            File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

 

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware

actions.ref                              File Size: 314       BYTES FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]

exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]

mbam-setup.exe                           File Size: 17292760  BYTES FileVersion:  2.0.2.1012     MD5: [e90bf9e1562f40140161573b79cd5720]

rules.ref                                File Size: 9210565   BYTES FileVersion:  N/A            MD5: [79dc4b201c501831987786057709ffef]

swissarmy.ref                            File Size: 22157     BYTES FileVersion:  N/A            MD5: [2b16fc2cdc8eb2c5124c3c4eadcc878d]

 

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration

build.conf                               File Size: 217       BYTES FileVersion:  N/A            MD5: [0e95590356047cc5c043a28c3e14c482]

database.conf                            File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]

gatekeeper.conf                          File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]

license.conf                             File Size: 577       BYTES FileVersion:  N/A            MD5: [35300b9bf01f53a2894e7de28bb52858]

manifest.conf                            File Size: 2225      BYTES FileVersion:  N/A            MD5: [07a35c4c87e87f3adca2f0fe7e4ca75d]

marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]

net.conf                                 File Size: 356       BYTES FileVersion:  N/A            MD5: [7d4cc049ef1b099a8ccb0348a7c30ecb]

notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]

scheduler.conf                           File Size: 3512      BYTES FileVersion:  N/A            MD5: [5d77962a23511ba0acd3d7afe6a42ae3]

settings.conf                            File Size: 2097      BYTES FileVersion:  N/A            MD5: [276d2bbc9575cc52fe4cd16333f735eb]

statistics.conf                          File Size: 597       BYTES FileVersion:  N/A            MD5: [f151d006eba8934b8b28ffe1192091cb]

 

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

mbam-log-2014-05-18 (06-33-21).xml       File Size: 2490      BYTES FileVersion:  N/A            MD5: [33328ab2b720ea2ac01350934ed9a192]

mbam-log-2014-05-18 (06-49-44).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [dcea3623a19f8eb7033808bcda1ee068]

mbam-log-2014-05-20 (19-00-47).xml       File Size: 2482      BYTES FileVersion:  N/A            MD5: [d27aee2d8d5847828793b1446de30c40]

mbam-log-2014-05-22 (07-18-31).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [7ebcc73048b75893061a916be99728a6]

mbam-log-2014-05-23 (07-30-51).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [8feaa71d315d25c8785ded79ae5db471]

mbam-log-2014-05-23 (21-40-35).xml       File Size: 2478      BYTES FileVersion:  N/A            MD5: [1309d270c00bf768ba16173c2658b462]

mbam-log-2014-05-23 (21-42-05).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [91f2f1aa8e0898ef2096b5b3cb8ebfaa]

mbam-log-2014-05-24 (07-30-11).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [b68247991609b237e5e210bb873eb01b]

mbam-log-2014-05-25 (08-17-48).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [fcfcae7239719d4b77835d3e64ba05f7]

mbam-log-2014-05-26 (08-08-58).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [f58bb4a949977214996f3d4bc3feac3f]

mbam-log-2014-05-26 (15-02-14).xml       File Size: 2478      BYTES FileVersion:  N/A            MD5: [e7c1edee68ea872e6b19df93175a51a7]

mbam-log-2014-05-26 (15-03-07).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [35d2b41f4f2d4f9a881300efa7f78c82]

mbam-log-2014-05-27 (08-02-26).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [99437fdd750bd6a1a60c7d5396056adb]

mbam-log-2014-05-27 (22-25-23).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [38b6883e83d8d58daf446bdc8a5ce3fd]

mbam-log-2014-05-28 (08-12-09).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [ac4f8aca71f0b8a2e2a563013fe6ec3e]

mbam-log-2014-05-29 (08-21-10).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [e9c4ea93a8742bfb44acd3e02c0c05bb]

mbam-log-2014-05-30 (08-19-58).xml       File Size: 2492      BYTES FileVersion:  N/A            MD5: [3fd2d4f8fda6a7c8fe2f74d2b1b5d326]

mbam-log-2014-05-30 (23-59-19).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [88811c5ade1e86f1c7793e78cdb92727]

mbam-log-2014-05-31 (08-16-25).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [345f89b884381d3577f78a859bf870a1]

mbam-log-2014-06-01 (08-10-07).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [cb3032f98cb910f14f7a1415acf04a02]

mbam-log-2014-06-02 (08-09-16).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [7d250e6b2e98380868f988f92b919d6d]

mbam-log-2014-06-03 (08-03-31).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [0a4c256e52d47783023f956a98e29a7e]

mbam-log-2014-06-04 (08-00-09).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [524b07de5a46148659aa1fda24f426b5]

mbam-log-2014-06-05 (07-51-20).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [77683004c6788aee9109180b5dededff]

mbam-log-2014-06-06 (07-58-07).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [48eb88d1429ac9d615086490b928b2c7]

mbam-log-2014-06-08 (16-54-24).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [97fd0ffb4fe130de354060a827df5c7c]

mbam-log-2014-06-09 (17-14-12).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [7142ce9601f7aa34f104e55c11bf450c]

mbam-log-2014-06-10 (17-10-50).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [4937cd3d3d7f3b13f7068eea1dcd19e4]

mbam-log-2014-06-11 (10-23-29).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [4787c12e0b1086a7eda12ad7c65eedff]

mbam-log-2014-06-11 (17-56-37).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [0c491a4a6372fe7a17ac40de1e85c647]

mbam-log-2014-06-12 (18-02-46).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [0c73e37fbc4cbd64a36751c8ba55da70]

mbam-log-2014-06-13 (17-51-49).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [f0658d996ebc56699c6243450f31e4c2]

mbam-log-2014-06-14 (17-55-41).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [af7e394944bb4aba5fc7ff2a448c8b68]

mbam-log-2014-06-15 (17-56-19).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [e3ba199f13b03a6c5250238c13fb576e]

mbam-log-2014-06-16 (06-56-49).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d86d208f3588a48a2e2b2babe8a42449]

mbam-log-2014-06-16 (17-54-03).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [f290f775e9b138a5ec32c9d61115f6e8]

mbam-log-2014-06-18 (17-59-40).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [66a43afe2ca582b97a7d3acfb0f91978]

mbam-log-2014-06-19 (17-56-51).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [8ff99553579ebbdb2bda66d84d92d626]

mbam-log-2014-06-20 (08-27-30).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [91d961482180e081db9afa2170393ef3]

mbam-log-2014-06-20 (17-44-51).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [5eb08faea24459e60ae582fa6bd9da7f]

mbam-log-2014-06-21 (18-09-26).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d0f629ee7076393132ca73a2c2ccdc92]

mbam-log-2014-06-22 (18-16-43).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [3c6e67ec68023d0e303fc543779e5470]

mbam-log-2014-06-23 (07-36-32).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [4cc45c7c051f0e63a7e03fa6abaf15bc]

mbam-log-2014-06-23 (18-14-03).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [bd83e4ae2f867f2d83b755aa6f254c44]

mbam-log-2014-06-24 (18-15-51).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [a6c23322c8e5af8779a83f75327414e1]

mbam-log-2014-06-24 (22-48-59).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d2ed65d40f424c93299c7c9f33a76a1d]

mbam-log-2014-06-25 (18-27-22).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [02433ef9db1af722062e68fa5c7dba03]

mbam-log-2014-06-26 (19-14-23).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [268cbcd1fd65bd7057db12555dc7186f]

mbam-log-2014-06-27 (19-09-51).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [19ede2e3ad2b933fe1a8edb395592835]

mbam-log-2014-06-28 (19-06-00).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [e07edf68f649d0c3d849c7fc2f2fa534]

mbam-log-2014-06-29 (07-00-35).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [8e8d8ca3058099d5a239ea437db4ed22]

mbam-log-2014-06-29 (18-51-05).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [5e3aaaee18c2a8923572d6b8930ba681]

mbam-log-2014-06-30 (18-58-33).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [30d20f7e7d375076fb8aeb8f33f87cc0]

mbam-log-2014-07-01 (19-09-40).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [96840ac37695d471b44aea4951b1320c]

mbam-log-2014-07-02 (19-11-51).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [73d41456bdb4b90fb6dbf82a83ad5a36]

mbam-log-2014-07-03 (19-18-20).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [eeeebbc72c6b909ffa7afe98a479a906]

mbam-log-2014-07-04 (19-12-53).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [19a9baf3ecdeef8695b4df35556bcf28]

mbam-log-2014-07-05 (19-31-59).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [1570a04cf6809d86287fd0a0aebdfe3b]

mbam-log-2014-07-06 (19-43-11).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [20097bb55565cc8798822452c7dba19e]

mbam-log-2014-07-08 (20-53-31).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d4b6bb0a334ee4c35f5db5f5315d33cd]

mbam-log-2014-07-09 (20-53-55).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [3fac97381e14a747e8d9f1aad2bfa4b4]

mbam-log-2014-07-10 (20-45-35).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d71dc8b529732e4715d667fe3161819a]

mbam-log-2014-07-11 (21-02-29).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [0b205b5a8c36b21f629549a06c79b2aa]

mbam-log-2014-07-12 (20-49-01).xml       File Size: 2518      BYTES FileVersion:  N/A            MD5: [717bd8c57de3d1be48a8dfe5dd2d0a8c]

mbam-log-2014-07-13 (20-34-15).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [c778188cdff7fb4a17c4ee8a5c1785b1]

mbam-log-2014-07-14 (20-43-08).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [9002c4cf17b820fc8a4cefc6ed5798c3]

mbam-log-2014-07-15 (21-26-49).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [2a383f11c63f730628e244d1bfd484db]

mbam-log-2014-07-16 (23-11-28).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [467c7f455fee3b1cf59316848c8903d0]

mbam-log-2014-07-21 (06-58-06).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [5a617483a1b241d1c11072037112a227]

mbam-log-2014-07-21 (11-33-48).xml       File Size: 2518      BYTES FileVersion:  N/A            MD5: [8e92c56e91f94e7e847a533c2738c28d]

mbam-log-2014-07-25 (10-57-35).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [1a4556a1762c9f8a94327c0fa9ec194b]

mbam-log-2014-07-28 (13-46-28).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [8fc7cfdc9442f3f7f29befbcda5ae41a]

mbam-log-2014-07-29 (14-39-22).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [4f8398246c33bcd52bcbbc777757ffd4]

mbam-log-2014-07-30 (04-12-30).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [561c83c335393ec74c33d15ad249ddd4]

mbam-log-2014-08-03 (20-31-30).xml       File Size: 2502      BYTES FileVersion:  N/A            MD5: [3577bf835b4f7e488d0cdb4213e5c546]

mbam-log-2014-08-07 (04-51-50).xml       File Size: 2864      BYTES FileVersion:  N/A            MD5: [838361c4535cd929636247bd6a04d6c4]

mbam-log-2014-08-10 (10-21-24).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [42a9000458360cbda10abb78b4c0ed52]

mbam-log-2014-08-11 (10-05-56).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [0dd07486606c9e13c5cc06422c6a143f]

mbam-log-2014-08-12 (10-16-26).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [d7b49fc8decb3339d0db59f0db75b442]

mbam-log-2014-08-13 (10-23-41).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [f3d0ec30f13fe71d30f89de909b543b7]

mbam-log-2014-08-15 (09-56-43).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [5989a9783940d7c60c8cd1a080dc1fa6]

mbam-log-2014-08-16 (05-42-00).xml       File Size: 2516      BYTES FileVersion:  N/A            MD5: [1d54406c5d19435a5e15b094b6d35847]

mbam-log-2014-08-18 (19-14-29).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [1fe0f094f1cf16264ff613993a34cf0f]

mbam-log-2014-08-18 (19-22-03).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [a36369af6ab089dcae8c6d458a857f7c]

mbam-log-2014-08-18 (19-52-17).xml       File Size: 2508      BYTES FileVersion:  N/A            MD5: [df5a273e1f169e5b9af10a83aef88b89]

mbam-log-2014-08-18 (19-53-16).xml       File Size: 2502      BYTES FileVersion:  N/A            MD5: [f41de6351e8364e9b0b9cef5914c7baa]

mbam-log-2014-08-18 (19-54-13).xml       File Size: 2508      BYTES FileVersion:  N/A            MD5: [3ae41032aecaa8b344984221e41c742a]

mbam-log-2014-08-18 (20-20-46).xml       File Size: 2510      BYTES FileVersion:  N/A            MD5: [650042d1b19ecc8ba143843380ac2721]

protection-log-2014-05-18.xml            File Size: 13142     BYTES FileVersion:  N/A            MD5: [e149d5aba96e2abae74136cc61a3a37b]

protection-log-2014-05-19.xml            File Size: 15815     BYTES FileVersion:  N/A            MD5: [1d2abf714b93a6411c3a7ddec648347e]

protection-log-2014-05-20.xml            File Size: 19078     BYTES FileVersion:  N/A            MD5: [175fb6c1b00ca17ac62b7c7af227afa7]

protection-log-2014-05-21.xml            File Size: 14337     BYTES FileVersion:  N/A            MD5: [d88995d9a7aca452b60116a1517d8aab]

protection-log-2014-05-22.xml            File Size: 11655     BYTES FileVersion:  N/A            MD5: [a121694eefe55e60139303fff7626058]

protection-log-2014-05-23.xml            File Size: 13734     BYTES FileVersion:  N/A            MD5: [893323e709e2eb5cbedaeabe2c1f39cf]

protection-log-2014-05-24.xml            File Size: 10933     BYTES FileVersion:  N/A            MD5: [d176a55a3dad0fecee5047d654bd94e5]

protection-log-2014-05-25.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [94fd9c719f5a67947c3e1cd1bef6eb8b]

protection-log-2014-05-26.xml            File Size: 16287     BYTES FileVersion:  N/A            MD5: [e0ed513acadc188f5f38143ce48d6684]

protection-log-2014-05-27.xml            File Size: 16104     BYTES FileVersion:  N/A            MD5: [539c78cf2d28871c18c981590075ea5d]

protection-log-2014-05-28.xml            File Size: 9568      BYTES FileVersion:  N/A            MD5: [d272f4b5bd79bd78c09e732080f69e16]

protection-log-2014-05-29.xml            File Size: 17003     BYTES FileVersion:  N/A            MD5: [fe06d714abc732e74905360d940ec6f0]

protection-log-2014-05-30.xml            File Size: 16716     BYTES FileVersion:  N/A            MD5: [eaddc008d47901775b8ffefcd49f852d]

protection-log-2014-05-31.xml            File Size: 17893     BYTES FileVersion:  N/A            MD5: [03c7c16a90076943c2f29b3f4fb22a70]

protection-log-2014-06-01.xml            File Size: 13720     BYTES FileVersion:  N/A            MD5: [ffb1157d7a7a76a716442c92c6b79391]

protection-log-2014-06-02.xml            File Size: 16984     BYTES FileVersion:  N/A            MD5: [83a5555a7ee70095b690f28bf4cd540a]

protection-log-2014-06-03.xml            File Size: 11932     BYTES FileVersion:  N/A            MD5: [a23d1f75327dac80eb0b979c201be56d]

protection-log-2014-06-04.xml            File Size: 19957     BYTES FileVersion:  N/A            MD5: [18f46d5871d028aaad3e0afb4b98fc54]

protection-log-2014-06-05.xml            File Size: 14912     BYTES FileVersion:  N/A            MD5: [9ee07261842fbff33f460c3a2e91f980]

protection-log-2014-06-06.xml            File Size: 14304     BYTES FileVersion:  N/A            MD5: [2778641c9f253df31ce3b8480e2c7e67]

protection-log-2014-06-07.xml            File Size: 10746     BYTES FileVersion:  N/A            MD5: [459b9331008ad465f92b938060559d2e]

protection-log-2014-06-08.xml            File Size: 10746     BYTES FileVersion:  N/A            MD5: [0c36ebee8232a802e051bacf962d968b]

protection-log-2014-06-09.xml            File Size: 17879     BYTES FileVersion:  N/A            MD5: [05d8b5c49f75a883bf24cbd7ee41284d]

protection-log-2014-06-10.xml            File Size: 9568      BYTES FileVersion:  N/A            MD5: [8a38d885cdbad19433fec8977f4df806]

protection-log-2014-06-11.xml            File Size: 12832     BYTES FileVersion:  N/A            MD5: [53a283e28eecba3ab2a659c1e0087f7e]

protection-log-2014-06-12.xml            File Size: 15209     BYTES FileVersion:  N/A            MD5: [d32f150ef5737a8cfca9d2d53e67f7f2]

protection-log-2014-06-13.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [035d1a8e9a7d49af57bd12cc180aa5c5]

protection-log-2014-06-14.xml            File Size: 11045     BYTES FileVersion:  N/A            MD5: [9441adb6afd782cd8e5b696c22e4a290]

protection-log-2014-06-15.xml            File Size: 5406      BYTES FileVersion:  N/A            MD5: [8544ada33181ac8b50f2fb9f8e780042]

protection-log-2014-06-16.xml            File Size: 13727     BYTES FileVersion:  N/A            MD5: [2b60b27d68c989dd03ed1d1520ed0e44]

protection-log-2014-06-17.xml            File Size: 11048     BYTES FileVersion:  N/A            MD5: [dcb0b0a41ac9480bb45c1c6b7d3f4f83]

protection-log-2014-06-18.xml            File Size: 8675      BYTES FileVersion:  N/A            MD5: [af0cdb219e2476aeb694daa6a9f897d5]

protection-log-2014-06-19.xml            File Size: 5721      BYTES FileVersion:  N/A            MD5: [6c18c4fe4c594bb23e88e8fefc35bf49]

protection-log-2014-06-20.xml            File Size: 11965     BYTES FileVersion:  N/A            MD5: [73cb65d00dd136a07d4d63702a2a541f]

protection-log-2014-06-21.xml            File Size: 6593      BYTES FileVersion:  N/A            MD5: [f98614c6b04d5573ade8fb137cb76b98]

protection-log-2014-06-22.xml            File Size: 8674      BYTES FileVersion:  N/A            MD5: [3df7afaf553a5d5358992c01d57aa5de]

protection-log-2014-06-23.xml            File Size: 12259     BYTES FileVersion:  N/A            MD5: [bb1647eaf1ae828f86a6ad4ff6a545c2]

protection-log-2014-06-24.xml            File Size: 5406      BYTES FileVersion:  N/A            MD5: [0135389f2eb5686765d076e5623c779e]

protection-log-2014-06-25.xml            File Size: 10760     BYTES FileVersion:  N/A            MD5: [30dea6713deafb4b2233d6c9218157b3]

protection-log-2014-06-26.xml            File Size: 7487      BYTES FileVersion:  N/A            MD5: [7429055ad1fb292b55fa12a9785e25c6]

protection-log-2014-06-27.xml            File Size: 7487      BYTES FileVersion:  N/A            MD5: [c59d3978e7bc5a2c663f4a9b9db95130]

protection-log-2014-06-28.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [4e8e7750a9d78f0601644863dac8abce]

protection-log-2014-06-29.xml            File Size: 12832     BYTES FileVersion:  N/A            MD5: [4307aa045beb985e3904776658a587ba]

protection-log-2014-06-30.xml            File Size: 7802      BYTES FileVersion:  N/A            MD5: [981101e2890a4551cc2d0939da5c3261]

protection-log-2014-07-01.xml            File Size: 8980      BYTES FileVersion:  N/A            MD5: [6c76c094a51c61f46a3018d7da4f27b8]

protection-log-2014-07-02.xml            File Size: 9853      BYTES FileVersion:  N/A            MD5: [1732881c09a6c17ebaed5ecdf2d50501]

protection-log-2014-07-03.xml            File Size: 11951     BYTES FileVersion:  N/A            MD5: [114f6eaec4d50434ec4e1a4fdc04d7b5]

protection-log-2014-07-04.xml            File Size: 10746     BYTES FileVersion:  N/A            MD5: [441dc7e26c1f91256bf4d8c4d4c25e99]

protection-log-2014-07-05.xml            File Size: 7483      BYTES FileVersion:  N/A            MD5: [2661c46ae6360c5e2127de82154a711f]

protection-log-2014-07-06.xml            File Size: 5402      BYTES FileVersion:  N/A            MD5: [1fbf92c709804b9fefe90ae33be51a9d]

protection-log-2014-07-07.xml            File Size: 12825     BYTES FileVersion:  N/A            MD5: [be6875b2aacc0e962c529c3e4a6ecf40]

protection-log-2014-07-08.xml            File Size: 13720     BYTES FileVersion:  N/A            MD5: [cf0bb71b331827849c1db90bf8178682]

protection-log-2014-07-09.xml            File Size: 13140     BYTES FileVersion:  N/A            MD5: [b22ec216de9f194e0cd588182b484559]

protection-log-2014-07-10.xml            File Size: 11776     BYTES FileVersion:  N/A            MD5: [e3cf3d99c6248d98f1b3c42b534dd483]

protection-log-2014-07-11.xml            File Size: 9117      BYTES FileVersion:  N/A            MD5: [eab2d5decbdbe179c90e3f50bdf703c1]

protection-log-2014-07-12.xml            File Size: 14019     BYTES FileVersion:  N/A            MD5: [c81f9fb2cca729c9935687daee3fa650]

protection-log-2014-07-13.xml            File Size: 5406      BYTES FileVersion:  N/A            MD5: [c870985923fdcd67ee15f23920edbd90]

protection-log-2014-07-14.xml            File Size: 11071     BYTES FileVersion:  N/A            MD5: [2f037315499fc7733159d29ad6743297]

protection-log-2014-07-15.xml            File Size: 10756     BYTES FileVersion:  N/A            MD5: [28494fe3d1f95eb1e329e70e3781611b]

protection-log-2014-07-16.xml            File Size: 11649     BYTES FileVersion:  N/A            MD5: [15a73a668204d8fe692e1e0947323389]

protection-log-2014-07-17.xml            File Size: 12258     BYTES FileVersion:  N/A            MD5: [4c61b1f01c5684738de2da47a3792f74]

protection-log-2014-07-18.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [230553131607699257b6605d2941447b]

protection-log-2014-07-19.xml            File Size: 12835     BYTES FileVersion:  N/A            MD5: [afc87e80e6bcdc106ae44f3213897f3b]

protection-log-2014-07-20.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [b0aa44cd108bb3da948763e785be66e0]

protection-log-2014-07-21.xml            File Size: 9565      BYTES FileVersion:  N/A            MD5: [ac570b8c5fadb20b30e5771a1c48b139]

protection-log-2014-07-22.xml            File Size: 9860      BYTES FileVersion:  N/A            MD5: [271f454c10eea267c3b0147ede5e7b47]

protection-log-2014-07-23.xml            File Size: 9860      BYTES FileVersion:  N/A            MD5: [b75f6917b9c90d1f733aeb1242d7cbb4]

protection-log-2014-07-24.xml            File Size: 10150     BYTES FileVersion:  N/A            MD5: [15d8314b30ed285d8cf01c68f5393ac4]

protection-log-2014-07-25.xml            File Size: 12835     BYTES FileVersion:  N/A            MD5: [f3080e877dbe1874cd3ace6e8b67233e]

protection-log-2014-07-26.xml            File Size: 11045     BYTES FileVersion:  N/A            MD5: [8efe5a66ba7ace1ef3d4935328b7a8b2]

protection-log-2014-07-27.xml            File Size: 9860      BYTES FileVersion:  N/A            MD5: [02f17f9f4d9f5f1fcec7d2ab6e58503f]

protection-log-2014-07-28.xml            File Size: 10755     BYTES FileVersion:  N/A            MD5: [841721bce99fdf7c36b95797b630a43e]

protection-log-2014-07-29.xml            File Size: 8673      BYTES FileVersion:  N/A            MD5: [3f8399e76aea47a7906f52cb5541bc98]

protection-log-2014-07-30.xml            File Size: 7775      BYTES FileVersion:  N/A            MD5: [eea0041ac2291efc61805295bd57b1e2]

protection-log-2014-07-31.xml            File Size: 7778      BYTES FileVersion:  N/A            MD5: [f7b14b31027bfe4756f019fa1aaec75e]

protection-log-2014-08-01.xml            File Size: 13725     BYTES FileVersion:  N/A            MD5: [2f26c48772856e91aacaa5b07e911315]

protection-log-2014-08-02.xml            File Size: 6588      BYTES FileVersion:  N/A            MD5: [b9b227ccc4bf3dd89f4241101e61d24d]

protection-log-2014-08-03.xml            File Size: 4509      BYTES FileVersion:  N/A            MD5: [9b0de214d035b1a1754c9a80e7e3c90d]

protection-log-2014-08-04.xml            File Size: 17588     BYTES FileVersion:  N/A            MD5: [ff70c82fb017d2b62a613546a56b574b]

protection-log-2014-08-05.xml            File Size: 16090     BYTES FileVersion:  N/A            MD5: [4e64c37a9fe3b31fac2eac4b4d07215e]

protection-log-2014-08-06.xml            File Size: 15490     BYTES FileVersion:  N/A            MD5: [367c6fe3f541eb14eb8f62669c81ddbe]

protection-log-2014-08-07.xml            File Size: 12826     BYTES FileVersion:  N/A            MD5: [48b21a719e7d77a8dcb6358107dabe72]

protection-log-2014-08-08.xml            File Size: 16091     BYTES FileVersion:  N/A            MD5: [11810d6abca8f323daf78cbbab0d3a0b]

protection-log-2014-08-09.xml            File Size: 15491     BYTES FileVersion:  N/A            MD5: [201aedcf4c1cdfccc442c6fa16e1c292]

protection-log-2014-08-10.xml            File Size: 11045     BYTES FileVersion:  N/A            MD5: [faa68544be97e99a0b6dbdd37683467f]

protection-log-2014-08-11.xml            File Size: 11649     BYTES FileVersion:  N/A            MD5: [01303a3ba114130a8bfb91a0d307817e]

protection-log-2014-08-12.xml            File Size: 13736     BYTES FileVersion:  N/A            MD5: [61d14f0b34ec210614a3a9dce07ef7a5]

protection-log-2014-08-13.xml            File Size: 14916     BYTES FileVersion:  N/A            MD5: [7d653f67d2d03928b2ec7876d324f9c3]

protection-log-2014-08-14.xml            File Size: 16106     BYTES FileVersion:  N/A            MD5: [5dfb56b34b61f0593fea265fe0350264]

protection-log-2014-08-15.xml            File Size: 20267     BYTES FileVersion:  N/A            MD5: [cb52b958ca7d0fc421e94310e854bf6c]

protection-log-2014-08-16.xml            File Size: 6589      BYTES FileVersion:  N/A            MD5: [34930e70d6d6d0b873363954e17b186a]

 

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

2465121892.data                          File Size: 701       BYTES FileVersion:  N/A            MD5: [79d27caaadf6812c16fc19c886f794c5]

2465121892.quar                          File Size: 3828      BYTES FileVersion:  N/A            MD5: [c96920203042b0473059774d7a20ec49]

 

Malware Exclusions:

===================

Web Exclusions:

================

Quarantined Items:

===================

Unable to access quarantine information: Error code 20002===============================================================

END OF FILE

Link to post
Share on other sites

Hello RSD:

We will do just fine with what logs you have posted.

To begin, please follow the advice in the locked and pinned topic What to do: Runtime error - database stuck on 2014.03.04 - program stopped.

 

Then please try to update the Malwarebytes Anti-Malware database and let us know, in a reply to this thread, how it went.

 

Thank you.

Link to post
Share on other sites

Ok, I was able to check for updates after several times of Windows timing out.

 

No updates available, but I am still getting !Your System IS Not Protected, and Real Time Protection: Not Protected. Version V2014.08.19.03

 

Ran Threat Scan: 43 Seconds, 3700 Objects Scanned. Nothing Found.

Link to post
Share on other sites

Hello RSD:

Your Threat Scan was not long enough in duration nor were enough items scanned.

Yes - v2014.08.19.03 is still current as I send this. However, let's try this next:

  • Please try the following and let us know if this corrects your issue: MBAM Clean Removal Process 2.x.
  • If that does not correct the issue, then please read the following and individually attach the 3 requested logs in a reply to this thread: Diagnostic Logs.
  • The 3 files, from Step 2, to be individually attached from your desktop are: CheckResults.txt, FRST.txt and Addition.txt. Please do not Copy and Paste them into a reply.
  • NOTE: There is an FAQ section with valuable information located in Common Questions, Issues, and their Solutions.
Please let us know the status of your issue in a reply to this thread.

Thank You. :)

Link to post
Share on other sites

Seems like I'm updated and it scanned successfully.

 

Threat Scan

1:43:01

Objects Scanned 402737

Threats found 0

 

Dashboard says "Your system is fully protected". 

 

I believe we're good. Anything else?

 

Thanks for your help if this is all.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.