Sorry for the delay, I have a grueling work schedule. Since my post I have run malware bytes once. Here are the requested the logs:
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2014 01
Ran by James (administrator) on THOMPSONPC on 23-07-2014 09:07:47
Running from C:\Users\James\Downloads
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sendori) C:\Program Files (x86)\PureLeads\plsapp.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(PureLeads) C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe
(AMD) C:\Windows\System32\atieclxx.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(PureLeads) C:\Program Files (x86)\PureLeads\PureLeadsTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUicnt.exe
(sendori) C:\Program Files (x86)\PureLeads\PureLeads.Service.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-07-24] (McAfee, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PureLeads Tray] => C:\Program Files (x86)\PureLeads\PureLeadsTray.exe [83232 2014-06-27] (PureLeads)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49184;https=127.0.0.1:49184
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...q={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\plsapp.dll [357664] (Sendori)
Winsock: Catalog9 02 C:\Windows\SysWOW64\plsapp.dll [357664] (Sendori)
Winsock: Catalog9 03 C:\Windows\SysWOW64\plsapp.dll [357664] (Sendori)
Winsock: Catalog9 04 C:\Windows\SysWOW64\plsapp.dll [357664] (Sendori)
Winsock: Catalog9 15 C:\Windows\SysWOW64\plsapp.dll [357664] (Sendori)
Winsock: Catalog9-x64 01 C:\Windows\system32\plsapp64.dll [464160] (Sendori)
Winsock: Catalog9-x64 02 C:\Windows\system32\plsapp64.dll [464160] (Sendori)
Winsock: Catalog9-x64 03 C:\Windows\system32\plsapp64.dll [464160] (Sendori)
Winsock: Catalog9-x64 04 C:\Windows\system32\plsapp64.dll [464160] (Sendori)
Winsock: Catalog9-x64 15 C:\Windows\system32\plsapp64.dll [464160] (Sendori)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\ajwadlwx.default
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\James\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\James\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-04-22]
==================== Services (Whitelisted) =================
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-09-25] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4700872 2014-07-13] (iolo technologies, LLC)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [175464 2013-07-24] (McAfee, Inc.)
R3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-07-05] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-09-25] (McAfee, Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 plsapp; C:\Program Files (x86)\PureLeads\plsapp.exe [3846944 2014-06-27] (Sendori)
R2 PlsvcV1; C:\Program Files (x86)\PureLeads\PureLeadsSvc.exe [91936 2014-06-27] (PureLeads)
R2 PlsvcV2; C:\Program Files (x86)\PureLeads\PureLeads.Service.exe [24352 2014-06-27] (sendori)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-04-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-04-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390680 2013-10-31] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32912 2014-07-16] (EldoS Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-01-13] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-04-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-23 09:07 - 2014-07-23 09:08 - 00016625 _____ () C:\Users\James\Downloads\FRST.txt
2014-07-23 09:07 - 2014-07-23 09:08 - 00000000 ____D () C:\FRST
2014-07-23 09:06 - 2014-07-23 09:06 - 02091520 _____ (Farbar) C:\Users\James\Downloads\FRST64.exe
2014-07-23 09:06 - 2014-07-23 09:06 - 01082368 _____ (Farbar) C:\Users\James\Downloads\FRST.exe
2014-07-23 08:48 - 2014-07-23 08:48 - 00000000 ____D () C:\Users\James\AppData\Roaming\Electronic Arts
2014-07-23 08:46 - 2014-07-23 08:47 - 09091423 _____ (Electronic Arts) C:\Users\James\Downloads\GameFaceBrowserPluginInstaller.1.8.0.0.exe
2014-07-23 08:44 - 2014-07-23 08:44 - 00000000 ____D () C:\Users\James\AppData\Local\Unity
2014-07-23 08:43 - 2014-07-23 08:43 - 01080480 _____ (Unity Technologies ApS) C:\Users\James\Downloads\UnityWebPlayer.exe
2014-07-22 20:02 - 2014-07-22 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-07-20 12:22 - 2014-07-23 08:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 12:19 - 2014-07-20 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 12:19 - 2014-07-20 12:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 12:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-20 12:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-20 12:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-20 12:18 - 2014-07-20 12:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\James\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 11:36 - 2014-07-20 11:36 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-20 11:35 - 2014-07-20 11:35 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-20 10:33 - 2014-07-20 10:33 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup
2014-07-20 10:33 - 2014-07-20 10:33 - 00000000 ____D () C:\Windows\system32\config\Before Compact
2014-07-20 10:25 - 2014-07-23 08:40 - 00000000 ____D () C:\Users\James\Documents\Food
2014-07-20 08:12 - 2014-07-20 08:12 - 00021464 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-07-20 00:55 - 2014-07-20 17:50 - 00000386 _____ () C:\Windows\system32\ioloBootDefrag.cfg
2014-07-20 00:54 - 2014-07-20 00:54 - 00004028 _____ () C:\Windows\System32\Tasks\HPGenoobeReminder
2014-07-20 00:53 - 2014-07-20 12:22 - 00000000 ____D () C:\Users\James\Desktop\Cleanup_Security
2014-07-20 00:53 - 2014-07-20 00:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-07-20 00:52 - 2014-07-20 00:52 - 00000000 ____D () C:\Windows\system32\config\Original
2014-07-20 00:52 - 2014-07-20 00:52 - 00000000 ____D () C:\Users\James\Desktop\Fantasy Tools
2014-07-20 00:50 - 2014-07-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2014-07-20 00:50 - 2014-07-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LineupDominator
2014-07-20 00:50 - 2014-07-13 13:36 - 02155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2014-07-20 00:50 - 2014-07-13 13:36 - 02097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2014-07-20 00:49 - 2014-07-23 09:04 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-07-20 00:49 - 2014-07-20 00:49 - 00003118 _____ () C:\Windows\System32\Tasks\iolo Process Governor
2014-07-20 00:49 - 2014-07-20 00:49 - 00000000 ____D () C:\Users\James\AppData\Roaming\ioloGovernor
2014-07-20 00:49 - 2014-07-20 00:49 - 00000000 ____D () C:\Program Files (x86)\iolo
2014-07-20 00:49 - 2014-07-13 13:53 - 00057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2014-07-20 00:49 - 2014-07-13 13:53 - 00026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2014-07-20 00:49 - 2014-07-13 13:31 - 00082160 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2014-07-20 00:48 - 2014-07-13 18:39 - 43459232 _____ (iolo technologies, LLC ) C:\Users\James\Documents\SystemMechanic.exe
2014-07-20 00:47 - 2014-07-20 00:48 - 05562242 _____ ( ) C:\Users\James\Downloads\LD90a_Setup.exe
2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-07-20 00:41 - 2014-07-23 08:14 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F95BF861-9522-41E9-87DD-C49DDC66815A}
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 __SHD () C:\Users\James\AppData\Local\EmieUserList
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 __SHD () C:\Users\James\AppData\Local\EmieSiteList
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 ____D () C:\Users\James\AppData\Roaming\Macromedia
2014-07-20 00:40 - 2014-07-20 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Projections Dominator
2014-07-20 00:40 - 1998-10-07 16:05 - 00154392 _____ (Sheridan Software Systems, Inc.) C:\Windows\SysWOW64\Splitter.ocx
2014-07-20 00:39 - 2014-07-20 00:53 - 00000000 ____D () C:\Users\James\AppData\Roaming\Hewlett-Packard
2014-07-20 00:39 - 2014-07-20 00:39 - 00459696 _____ () C:\Users\James\Downloads\sm_dm.exe
2014-07-20 00:39 - 2014-07-20 00:39 - 00000000 ____D () C:\Users\James\AppData\Local\AMD
2014-07-20 00:38 - 2014-07-22 06:14 - 00000000 __RDO () C:\Users\James\OneDrive
2014-07-20 00:37 - 2014-07-20 00:37 - 03516556 _____ ( ) C:\Users\James\Downloads\PD90c_Setup.exe
2014-07-20 00:37 - 2014-07-20 00:37 - 00074703 _____ () C:\Windows\SysWOW64\mfc45.dat
2014-07-20 00:37 - 2014-07-20 00:37 - 00000000 ____D () C:\iolo
2014-07-20 00:37 - 2014-07-16 08:30 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2014-07-20 00:36 - 2014-07-22 21:54 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-376113473-2297420903-2571305959-1002
2014-07-20 00:36 - 2014-07-20 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeDominator
2014-07-20 00:32 - 2014-07-20 00:33 - 02789154 _____ ( ) C:\Users\James\Downloads\TD90a_Setup.exe
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Roaming\ATI
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Local\CyberLink
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Local\ATI
2014-07-20 00:31 - 2014-07-20 00:31 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-20 00:30 - 2014-07-20 00:53 - 00000000 ____D () C:\Users\James\AppData\Local\Packages
2014-07-20 00:30 - 2014-07-20 00:30 - 00001449 _____ () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Roaming\Synaptics
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Roaming\Adobe
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Local\VirtualStore
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\ProgramData\Synaptics
2014-07-20 00:29 - 2014-07-21 08:00 - 00000000 ____D () C:\Users\James
2014-07-20 00:29 - 2014-07-20 00:29 - 00000020 ___SH () C:\Users\James\ntuser.ini
2014-07-20 00:29 - 2014-04-22 13:07 - 00000000 ___RD () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-20 00:29 - 2014-04-22 12:23 - 00000000 ___HD () C:\Users\James\Documents\hp.system.package.metadata
2014-07-20 00:29 - 2014-03-18 05:06 - 00000000 ___RD () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-20 00:29 - 2014-03-18 04:54 - 00000369 _____ () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-07-20 00:29 - 2014-03-18 04:54 - 00000369 _____ () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-07-20 00:29 - 2013-08-22 10:36 - 00000000 ___RD () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-20 00:29 - 2013-08-22 10:36 - 00000000 ____D () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-20 00:27 - 2014-07-20 10:33 - 00000000 ____D () C:\Users\James\AppData\Roaming\iolo
2014-07-20 00:27 - 2014-07-20 08:11 - 00000000 ____D () C:\ProgramData\iolo
2014-07-20 00:27 - 2014-07-20 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DraftDominator
2014-07-20 00:27 - 2006-03-08 09:27 - 01353360 _____ (FarPoint Technologies, Inc.) C:\Windows\SysWOW64\fpSpr60.ocx
2014-07-20 00:27 - 2004-12-07 13:03 - 00451760 _____ (FarPoint Technologies, Inc.) C:\Windows\SysWOW64\Tab32x30.ocx
2014-07-20 00:27 - 2002-12-20 15:02 - 01077336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-07-20 00:27 - 2001-03-13 15:49 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-07-20 00:27 - 2000-05-22 01:00 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-07-20 00:27 - 1999-01-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xl5en32.olb
2014-07-20 00:26 - 2014-07-20 00:49 - 00000000 ____D () C:\FBG
2014-07-20 00:25 - 2014-07-23 09:02 - 01498991 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 00:25 - 2014-07-20 00:26 - 00459696 _____ () C:\Users\James\Downloads\smpro_dm.exe
2014-07-20 00:22 - 2014-07-20 00:23 - 05477715 _____ ( ) C:\Users\James\Downloads\DD150c_Setup.exe
2014-07-19 07:46 - 2014-07-19 07:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-07-19 07:37 - 2014-07-19 07:37 - 00000000 ____D () C:\Users\James\AppData\Local\Macromedia
2014-07-19 06:56 - 2014-07-19 06:56 - 00000000 ____D () C:\Users\James\AppData\Roaming\hpqlog
2014-07-19 06:56 - 2014-07-19 06:56 - 00000000 ____D () C:\Users\James\AppData\Local\Hewlett-Packard
2014-07-19 06:48 - 2014-07-19 06:49 - 00001333 _____ () C:\install.log
2014-07-19 06:46 - 2014-07-19 06:46 - 00000000 ____D () C:\Users\James\AppData\Roaming\OpenOffice
2014-07-19 06:45 - 2014-07-23 08:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-19 06:45 - 2014-07-19 06:45 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-19 06:38 - 2014-07-19 06:38 - 00000000 ____D () C:\Users\Public\CyberLink
2014-07-19 06:10 - 2014-07-19 06:13 - 00000000 ____D () C:\Users\James\AppData\Roaming\Mozilla
2014-07-19 06:10 - 2014-07-19 06:13 - 00000000 ____D () C:\Users\James\AppData\Local\Mozilla
2014-07-19 06:10 - 2014-07-19 06:10 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 06:10 - 2014-07-19 06:10 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-19 06:09 - 2014-07-20 01:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-19 06:09 - 2014-07-19 06:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 06:09 - 2014-07-19 06:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-19 06:06 - 2014-06-27 13:50 - 00464160 _____ (Sendori) C:\Windows\system32\plsapp64.dll
2014-07-19 06:06 - 2014-06-27 13:50 - 00357664 _____ (Sendori) C:\Windows\SysWOW64\plsapp.dll
2014-07-19 06:05 - 2014-07-19 06:06 - 00000000 ____D () C:\ProgramData\PureLeads
2014-07-19 06:05 - 2014-07-19 06:05 - 00000000 ____D () C:\Program Files (x86)\PureLeads
2014-07-19 06:04 - 2014-07-19 06:12 - 00000000 ____D () C:\Users\James\AppData\Roaming\Systweak
2014-07-19 06:04 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-07-19 05:58 - 2014-07-19 05:58 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-07-19 05:58 - 2014-07-19 05:58 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-06-30 15:56 - 2014-06-30 15:56 - 03694016 _____ (PureLeads) C:\PureLeadsSetupx21715.exe
==================== One Month Modified Files and Folders =======
2014-07-23 09:08 - 2014-07-23 09:07 - 00016625 _____ () C:\Users\James\Downloads\FRST.txt
2014-07-23 09:08 - 2014-07-23 09:07 - 00000000 ____D () C:\FRST
2014-07-23 09:06 - 2014-07-23 09:06 - 02091520 _____ (Farbar) C:\Users\James\Downloads\FRST64.exe
2014-07-23 09:06 - 2014-07-23 09:06 - 01082368 _____ (Farbar) C:\Users\James\Downloads\FRST.exe
2014-07-23 09:04 - 2014-07-20 00:49 - 00000000 ____D () C:\ProgramData\ioloGovernor
2014-07-23 09:02 - 2014-07-20 00:25 - 01498991 _____ () C:\Windows\WindowsUpdate.log
2014-07-23 09:00 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-23 08:54 - 2014-07-19 06:45 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 08:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-23 08:48 - 2014-07-23 08:48 - 00000000 ____D () C:\Users\James\AppData\Roaming\Electronic Arts
2014-07-23 08:47 - 2014-07-23 08:46 - 09091423 _____ (Electronic Arts) C:\Users\James\Downloads\GameFaceBrowserPluginInstaller.1.8.0.0.exe
2014-07-23 08:44 - 2014-07-23 08:44 - 00000000 ____D () C:\Users\James\AppData\Local\Unity
2014-07-23 08:43 - 2014-07-23 08:43 - 01080480 _____ (Unity Technologies ApS) C:\Users\James\Downloads\UnityWebPlayer.exe
2014-07-23 08:40 - 2014-07-20 10:25 - 00000000 ____D () C:\Users\James\Documents\Food
2014-07-23 08:17 - 2014-07-20 12:22 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-23 08:14 - 2014-07-20 00:41 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F95BF861-9522-41E9-87DD-C49DDC66815A}
2014-07-23 03:25 - 2014-04-22 13:41 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2014-07-22 21:54 - 2014-07-20 00:36 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-376113473-2297420903-2571305959-1002
2014-07-22 20:02 - 2014-07-22 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-07-22 13:15 - 2013-08-22 10:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-22 06:14 - 2014-07-20 00:38 - 00000000 __RDO () C:\Users\James\OneDrive
2014-07-21 08:10 - 2014-03-18 04:53 - 00956412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-21 08:00 - 2014-07-20 00:29 - 00000000 ____D () C:\Users\James
2014-07-21 07:59 - 2013-08-22 09:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 23:17 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-20 17:50 - 2014-07-20 00:55 - 00000386 _____ () C:\Windows\system32\ioloBootDefrag.cfg
2014-07-20 17:50 - 2014-03-18 04:44 - 00045718 _____ () C:\Windows\PFRO.log
2014-07-20 17:45 - 2013-08-22 08:25 - 00000226 _____ () C:\Windows\win.ini
2014-07-20 12:22 - 2014-07-20 00:53 - 00000000 ____D () C:\Users\James\Desktop\Cleanup_Security
2014-07-20 12:20 - 2014-07-20 12:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 12:19 - 2014-07-20 12:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 12:18 - 2014-07-20 12:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\James\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 11:36 - 2014-07-20 11:36 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-20 11:35 - 2014-07-20 11:35 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-20 11:35 - 2014-04-22 12:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-07-20 10:33 - 2014-07-20 10:33 - 00000000 ____D () C:\Windows\system32\config\SM Registry Backup
2014-07-20 10:33 - 2014-07-20 10:33 - 00000000 ____D () C:\Windows\system32\config\Before Compact
2014-07-20 10:33 - 2014-07-20 00:27 - 00000000 ____D () C:\Users\James\AppData\Roaming\iolo
2014-07-20 08:12 - 2014-07-20 08:12 - 00021464 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-07-20 08:11 - 2014-07-20 00:27 - 00000000 ____D () C:\ProgramData\iolo
2014-07-20 01:04 - 2014-07-19 06:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-20 01:04 - 2014-04-02 05:25 - 00000000 ____D () C:\Windows\Panther
2014-07-20 01:04 - 2013-08-22 10:36 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-07-20 00:56 - 2014-07-20 00:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-07-20 00:54 - 2014-07-20 00:54 - 00004028 _____ () C:\Windows\System32\Tasks\HPGenoobeReminder
2014-07-20 00:53 - 2014-07-20 00:39 - 00000000 ____D () C:\Users\James\AppData\Roaming\Hewlett-Packard
2014-07-20 00:53 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Local\Packages
2014-07-20 00:52 - 2014-07-20 00:52 - 00000000 ____D () C:\Windows\system32\config\Original
2014-07-20 00:52 - 2014-07-20 00:52 - 00000000 ____D () C:\Users\James\Desktop\Fantasy Tools
2014-07-20 00:50 - 2014-07-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2014-07-20 00:50 - 2014-07-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LineupDominator
2014-07-20 00:50 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\system32\restore
2014-07-20 00:49 - 2014-07-20 00:49 - 00003118 _____ () C:\Windows\System32\Tasks\iolo Process Governor
2014-07-20 00:49 - 2014-07-20 00:49 - 00000000 ____D () C:\Users\James\AppData\Roaming\ioloGovernor
2014-07-20 00:49 - 2014-07-20 00:49 - 00000000 ____D () C:\Program Files (x86)\iolo
2014-07-20 00:49 - 2014-07-20 00:26 - 00000000 ____D () C:\FBG
2014-07-20 00:48 - 2014-07-20 00:47 - 05562242 _____ ( ) C:\Users\James\Downloads\LD90a_Setup.exe
2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 __SHD () C:\Users\James\AppData\Local\EmieUserList
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 __SHD () C:\Users\James\AppData\Local\EmieSiteList
2014-07-20 00:41 - 2014-07-20 00:41 - 00000000 ____D () C:\Users\James\AppData\Roaming\Macromedia
2014-07-20 00:41 - 2014-04-22 12:53 - 00000000 ___HD () C:\HP
2014-07-20 00:40 - 2014-07-20 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Projections Dominator
2014-07-20 00:39 - 2014-07-20 00:39 - 00459696 _____ () C:\Users\James\Downloads\sm_dm.exe
2014-07-20 00:39 - 2014-07-20 00:39 - 00000000 ____D () C:\Users\James\AppData\Local\AMD
2014-07-20 00:37 - 2014-07-20 00:37 - 03516556 _____ ( ) C:\Users\James\Downloads\PD90c_Setup.exe
2014-07-20 00:37 - 2014-07-20 00:37 - 00074703 _____ () C:\Windows\SysWOW64\mfc45.dat
2014-07-20 00:37 - 2014-07-20 00:37 - 00000000 ____D () C:\iolo
2014-07-20 00:36 - 2014-07-20 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TradeDominator
2014-07-20 00:33 - 2014-07-20 00:32 - 02789154 _____ ( ) C:\Users\James\Downloads\TD90a_Setup.exe
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Roaming\ATI
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Local\CyberLink
2014-07-20 00:32 - 2014-07-20 00:32 - 00000000 ____D () C:\Users\James\AppData\Local\ATI
2014-07-20 00:31 - 2014-07-20 00:31 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-20 00:30 - 2014-07-20 00:30 - 00001449 _____ () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Roaming\Synaptics
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Roaming\Adobe
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\Users\James\AppData\Local\VirtualStore
2014-07-20 00:30 - 2014-07-20 00:30 - 00000000 ____D () C:\ProgramData\Synaptics
2014-07-20 00:30 - 2014-04-22 12:39 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-07-20 00:30 - 2014-04-22 12:38 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-07-20 00:30 - 2014-04-22 12:29 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-07-20 00:30 - 2014-04-22 12:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-07-20 00:30 - 2014-03-31 20:07 - 00000000 ___HD () C:\SYSTEM.SAV
2014-07-20 00:29 - 2014-07-20 00:29 - 00000020 ___SH () C:\Users\James\ntuser.ini
2014-07-20 00:27 - 2014-07-20 00:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DraftDominator
2014-07-20 00:26 - 2014-07-20 00:25 - 00459696 _____ () C:\Users\James\Downloads\smpro_dm.exe
2014-07-20 00:23 - 2014-07-20 00:22 - 05477715 _____ ( ) C:\Users\James\Downloads\DD150c_Setup.exe
2014-07-20 00:21 - 2013-08-22 10:36 - 00000000 ____D () C:\Windows\rescache
2014-07-19 07:47 - 2013-08-22 09:46 - 00025744 _____ () C:\Windows\setupact.log
2014-07-19 07:46 - 2014-07-19 07:46 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-07-19 07:37 - 2014-07-19 07:37 - 00000000 ____D () C:\Users\James\AppData\Local\Macromedia
2014-07-19 06:56 - 2014-07-19 06:56 - 00000000 ____D () C:\Users\James\AppData\Roaming\hpqlog
2014-07-19 06:56 - 2014-07-19 06:56 - 00000000 ____D () C:\Users\James\AppData\Local\Hewlett-Packard
2014-07-19 06:51 - 2013-08-22 08:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-19 06:50 - 2013-08-22 09:44 - 00377712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-19 06:49 - 2014-07-19 06:48 - 00001333 _____ () C:\install.log
2014-07-19 06:46 - 2014-07-19 06:46 - 00000000 ____D () C:\Users\James\AppData\Roaming\OpenOffice
2014-07-19 06:45 - 2014-07-19 06:45 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-19 06:38 - 2014-07-19 06:38 - 00000000 ____D () C:\Users\Public\CyberLink
2014-07-19 06:13 - 2014-07-19 06:10 - 00000000 ____D () C:\Users\James\AppData\Roaming\Mozilla
2014-07-19 06:13 - 2014-07-19 06:10 - 00000000 ____D () C:\Users\James\AppData\Local\Mozilla
2014-07-19 06:12 - 2014-07-19 06:04 - 00000000 ____D () C:\Users\James\AppData\Roaming\Systweak
2014-07-19 06:10 - 2014-07-19 06:10 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-19 06:10 - 2014-07-19 06:10 - 00001166 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-19 06:10 - 2014-07-19 06:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-19 06:09 - 2014-07-19 06:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-19 06:06 - 2014-07-19 06:05 - 00000000 ____D () C:\ProgramData\PureLeads
2014-07-19 06:05 - 2014-07-19 06:05 - 00000000 ____D () C:\Program Files (x86)\PureLeads
2014-07-19 06:03 - 2014-04-22 13:59 - 00000000 ____D () C:\ProgramData\McAfee
2014-07-19 05:58 - 2014-07-19 05:58 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.0.lnk
2014-07-19 05:58 - 2014-07-19 05:58 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-07-16 08:30 - 2014-07-20 00:37 - 00032912 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rawdsk3.sys
2014-07-13 18:39 - 2014-07-20 00:48 - 43459232 _____ (iolo technologies, LLC ) C:\Users\James\Documents\SystemMechanic.exe
2014-07-13 13:53 - 2014-07-20 00:49 - 00057584 _____ (iolo technologies, LLC) C:\Windows\system32\iolobtdfg.exe
2014-07-13 13:53 - 2014-07-20 00:49 - 00026184 _____ (iolo technologies, LLC) C:\Windows\system32\smrgdf.exe
2014-07-13 13:36 - 2014-07-20 00:50 - 02155152 _____ (iolo technologies, LLC) C:\Windows\system32\Incinerator64.dll
2014-07-13 13:36 - 2014-07-20 00:50 - 02097984 _____ (iolo technologies, LLC) C:\Windows\SysWOW64\Incinerator32.dll
2014-07-13 13:31 - 2014-07-20 00:49 - 00082160 _____ (Raxco Software, Inc.) C:\Windows\system32\Drivers\PDFsFilter.sys
2014-06-30 15:56 - 2014-06-30 15:56 - 03694016 _____ (PureLeads) C:\PureLeadsSetupx21715.exe
2014-06-27 13:50 - 2014-07-19 06:06 - 00464160 _____ (Sendori) C:\Windows\system32\plsapp64.dll
2014-06-27 13:50 - 2014-07-19 06:06 - 00357664 _____ (Sendori) C:\Windows\SysWOW64\plsapp.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-19 21:26
==================== End Of Log ============================
Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2014 01
Ran by James at 2014-07-23 09:10:24
Running from C:\Users\James\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30925 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{301D3AA1-5DCC-FCFD-622E-3C7CBA87C80F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
AMD Start Now (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0925.0644.10236 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0925.645.10236 - Advanced Micro Devices, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.4.4824 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3912 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.6.3912 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.2.3302 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DraftDominator Version 15.0c (HKLM-x32\...\DraftDominator_is1) (Version: - )
Dragon Notes en-US (HKLM-x32\...\{C438C1D0-A46C-4BFA-AFCD-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{2C0CCB21-5ED3-4417-93D2-CC6BEEB3C7CF}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (x32 Version: 1.14.1420 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP SimplePass (Version: 8.00.54 - Hewlett-Packard) Hidden
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{7A75E042-0D30-43C2-BD2A-684F4BE38FF7}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 14.0.0 - iolo technologies, LLC)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LineupDominator Version 9.0a Full (HKLM-x32\...\LineupDominator_is1) (Version: - )
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 12.8.414 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Projections Dominator Version 9.0c (HKLM-x32\...\Projections Dominator_is1) (Version: - )
PureLeads (HKLM-x32\...\PureLeads) (Version: 2.0.18 - PureLeads)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TradeDominator version 9.0a (HKLM-x32\...\TradeDominator_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID entries: ==========================
CustomCLSID: HKU\S-1-5-21-376113473-2297420903-2571305959-1002_Classes\CLSID\{031E4825-7B94-4dc3-B131-E946B44C8DD5} -> Orphan?
CustomCLSID: HKU\S-1-5-21-376113473-2297420903-2571305959-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5} -> Orphan?
==================== Restore Points =========================
20-07-2014 18:09:10 HPSF Applying updates
==================== Hosts content: ==========================
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {062D3B8C-600B-4CB9-8EE3-CB3736078983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1FE3E7C6-C061-45FD-83EB-5345F6A2CFD7} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21199D4C-F9E7-4A63-8AFD-C469861365D8} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {22B71CD6-FEEE-43DA-B2B4-6E6E54F80998} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2013-10-05] ()
Task: {244A0FBB-42E7-49A7-8BF3-F6DA4E9E887E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {607A5E9C-5971-41F3-A678-672322FA0B41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {98292BAF-42C3-4FC1-9056-7EB1EE3B3C57} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9EABA8FA-C484-4699-B1A4-037BEA7D0425} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-07-13] (iolo technologies, LLC)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AE774EC5-B5A2-4296-A5AD-926DA9EFF8AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {C510B5F0-CF58-4E00-B795-06B13259B338} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {CBDA51B5-18F3-4C3F-BBAD-09E7E42FDD0E} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D15F360A-8493-4CF4-AB82-323228CD3982} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {D352DA66-6B83-46D8-9915-8E7B856C5978} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DEDF4EF9-A287-4E83-898F-411D44A80BE4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-19] (Adobe Systems Incorporated)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-26 13:26 - 2013-09-26 13:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 13:32 - 2013-09-26 13:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 13:28 - 2013-09-26 13:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 13:25 - 2013-09-26 13:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 13:39 - 2013-09-26 13:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 13:39 - 2013-09-26 13:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-09-25 08:49 - 2013-09-25 08:49 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-25 08:48 - 2013-09-25 08:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-26 13:34 - 2013-09-26 13:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2013-09-25 08:48 - 2013-09-25 08:48 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-25 08:49 - 2013-09-25 08:49 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2014-04-22 14:50 - 2014-04-22 14:50 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\fl_core.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_asr.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_base.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_pron.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_platform.dll
2014-04-22 14:05 - 2013-02-01 13:16 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\sdxg.dll
2014-04-22 14:05 - 2013-02-01 13:15 - 00027136 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\WASAPIResamplingStreamCOMServer.dll
2014-07-19 06:09 - 2014-06-05 23:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\James\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2014 09:10:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 09:05:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 09:00:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:55:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:50:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:45:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:40:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:35:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:30:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:25:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
System errors:
=============
Error: (07/23/2014 08:12:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlsvcV1 service.
Error: (07/23/2014 06:29:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/23/2014 00:12:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2014 07:43:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2014 03:18:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2014 11:15:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2014 06:18:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The PlsvcV2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (07/22/2014 06:15:04 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (07/22/2014 06:14:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcpltsvc service.
Error: (07/21/2014 08:04:51 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Microsoft Office Sessions:
=========================
Error: (07/23/2014 09:10:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 09:05:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 09:00:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:55:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:50:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:45:50 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:40:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:35:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:30:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
Error: (07/23/2014 08:25:49 AM) (Source: PureLeads) (EventID: 99) (User: )
Description: TV ERRORUnable to connect to the remote server
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 3554.07 MB
Available physical RAM: 1717.16 MB
Total Pagefile: 4898.07 MB
Available Pagefile: 2630.89 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:445.12 GB) (Free:410.61 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:19.62 GB) (Free:1.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: A9A16C4F)
Partition: GPT Partition Type.
==================== End Of Log ============================
Asw.txt
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-23 09:18:23
-----------------------------
09:18:23.761 OS Version: Windows x64 6.2.9200
09:18:23.761 Number of processors: 2 586 0x1
09:18:23.777 ComputerName: THOMPSONPC UserName: James
09:18:25.605 Initialize success
09:18:25.605 VM: initialized successfully
09:18:25.621 VM: Amd CPU BiosDisabled
09:18:27.214 VM: supported disk I/O storport.sys
09:18:34.261 AVAST engine download error: 0
09:18:39.355 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002a
09:18:39.355 Disk 0 Vendor: ST500LT012-1DG142 1002YAM1 Size: 476940MB BusType: 11
09:18:39.511 Disk 0 MBR read successfully
09:18:39.511 Disk 0 MBR scan
09:18:39.527 Disk 0 unknown MBR code
09:18:39.543 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
09:18:39.621 Disk 0 scanning C:\Windows\system32\drivers
09:18:47.855 Service scanning
09:19:15.699 Modules scanning
09:19:15.730 Disk 0 trace - called modules:
09:19:16.262
09:19:16.277 Scan finished successfully
09:19:43.402 Disk 0 MBR has been saved successfully to "C:\Users\James\Desktop\MBR.dat"
09:19:43.418 The log file has been saved successfully to "C:\Users\James\Desktop\asw.txt"