Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2013 Ran by SYSTEM on 08-05-2013 11:01:19 Running from F:\ Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 [b]ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.[/b] ==================== Registry (Whitelisted) ================== HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation) HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4767304 2013-03-06] (AVAST Software) HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey [2387088 2013-04-10] (Microsoft Corp.) HKU\fogelfamily\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.) HKU\fogelfamily\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19662744 2013-04-16] (Google) HKU\fogelfamily\...\Run: [Google Update] "C:\Users\fogelfamily\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-03-23] (Google Inc.) HKU\fogelfamily\...\Run: [googletalk] C:\Users\fogelfamily\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart [3739648 2007-01-01] (Google) Startup: C:\ProgramData\Start Menu\Programs\Startup\LenovoEMC Storage Manager.lnk ShortcutTarget: LenovoEMC Storage Manager.lnk -> C:\Program Files (x86)\LenovoEMC Storage Manager\LenovoEMCStorageManager.exe (LenovoEMC) Startup: C:\ProgramData\Start Menu\Programs\Startup\Twonky Tray Control.lnk ShortcutTarget: Twonky Tray Control.lnk -> C:\Program Files (x86)\TwonkyMedia\twonkymediaserverconfig.exe (No File) ==================== Services (Whitelisted) ================= S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () S2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.) S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.06\AsusFanControlService.exe [1475200 2012-05-02] (ASUSTeK Computer Inc.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-06] (AVAST Software) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [168592 2013-04-10] (Microsoft Corp.) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation) S2 PCloudd; C:\Program Files (x86)\LenovoEMC Storage Manager\pCloudd.exe [221536 2013-03-26] (LenovoEMC Ltd.) S2 Realtek11nSU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) ==================== Drivers (Whitelisted) ==================== S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] () S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] () S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-03-06] (AVAST Software) S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [70992 2013-03-06] (AVAST Software) S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] () S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-03-06] (AVAST Software) S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [377920 2013-03-06] (AVAST Software) S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [68920 2013-03-06] (AVAST Software) S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] () S3 vNICdrv; C:\Windows\System32\DRIVERS\vNICdrv.sys [20048 2012-09-08] (Iomega Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-08 11:00 - 2013-05-08 11:00 - 00000000 ____D C:\FRST 2013-05-07 10:40 - 2013-05-07 10:40 - 00000000 ____D C:\Program Files\Common Files\Intel 2013-05-04 11:13 - 2013-05-04 11:13 - 00848912 ____A C:\Windows\Minidump\050413-11512-01.dmp 2013-05-03 22:18 - 2013-05-03 23:32 - 00000143 ____A C:\Users\fogelfamily\Documents\SyncToy.vbs 2013-05-01 07:35 - 2013-05-01 07:35 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\Mozilla 2013-05-01 03:35 - 2013-05-01 03:36 - 00822520 ____A C:\Windows\Minidump\050113-15756-01.dmp 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-04-30 08:47 - 2013-04-30 08:47 - 00000016 ____H C:\Users\fogelfamily\Downloads\SyncToy_4b4e6b55-3f02-47ba-837d-504a69f79e8b.dat 2013-04-30 08:46 - 2013-04-30 08:46 - 00000016 ____H C:\Users\fogelfamily\Documents\SyncToy_8dee775a-b2db-413a-8be8-1a72d609f4a4.dat 2013-04-30 08:41 - 2013-05-03 22:20 - 00000000 ____D C:\Program Files\SyncToy 2.1 2013-04-30 08:41 - 2013-04-30 08:41 - 00000000 ____D C:\Program Files\Microsoft Sync Framework 2013-04-28 12:31 - 2013-04-28 12:32 - 00844768 ____A C:\Windows\Minidump\042813-10592-01.dmp 2013-04-27 09:09 - 2013-04-27 09:09 - 00842720 ____A C:\Windows\Minidump\042713-11746-01.dmp 2013-04-26 11:17 - 2013-04-26 11:18 - 00844768 ____A C:\Windows\Minidump\042613-16645-01.dmp 2013-04-26 08:34 - 2013-04-26 08:34 - 00001201 ____A C:\Users\Public\Desktop\LenovoEMC Storage Manager.lnk 2013-04-26 08:34 - 2013-04-26 08:34 - 00000000 ____D C:\Users\fogelfamily\AppData\Local\LenovoEMCStorageManager 2013-04-26 08:34 - 2013-04-26 08:34 - 00000000 ____D C:\ProgramData\LenovoEMCStorageManager 2013-04-26 08:31 - 2013-04-26 08:34 - 00000000 ____D C:\Program Files (x86)\LenovoEMC Storage Manager 2013-04-26 08:17 - 2013-04-26 08:17 - 00001087 ____A C:\Users\fogelfamily\Desktop\Music - Shortcut.lnk 2013-04-26 07:19 - 2013-04-26 07:19 - 03539005 ____A C:\Users\fogelfamily\Downloads\____ __ __ __ __ _____ _____.ppsx 2013-04-26 07:05 - 2013-04-26 07:06 - 06957807 ____A C:\Users\fogelfamily\Downloads\Train d'atterrissage en panne Landing gear failure 0313 (1).wmv 2013-04-26 07:05 - 2013-04-26 07:05 - 06957807 ____A C:\Users\fogelfamily\Downloads\Train d'atterrissage en panne Landing gear failure 0313.wmv 2013-04-25 08:00 - 2013-04-25 08:00 - 00001066 ____A C:\Users\Public\Desktop\VLC media player.lnk 2013-04-24 10:05 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-22 23:25 - 2013-04-22 23:25 - 00001361 ____A C:\Users\fogelfamily\Desktop\Auslogics Duplicate File Finder.lnk 2013-04-22 23:25 - 2013-04-22 23:25 - 00000000 ____D C:\Program Files (x86)\Auslogics 2013-04-22 23:23 - 2013-04-22 23:23 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\ASCOMP Software 2013-04-20 02:48 - 2013-04-04 08:05 - 00072956 ____A C:\Users\fogelfamily\Documents\Le programme iconographique des portes de Sainte-Sabine.txt 2013-04-20 02:48 - 2012-12-19 12:19 - 00095232 ____A C:\Users\fogelfamily\Documents\Blood Pressure.xlr 2013-04-20 02:48 - 2012-12-19 12:19 - 00047616 ____A C:\Users\fogelfamily\Documents\blp1.xlr 2013-04-20 02:48 - 2012-12-19 12:18 - 00026499 ____A C:\Users\fogelfamily\Documents\blp1.xlr.xlsx 2013-04-20 02:48 - 2012-12-19 02:58 - 00033373 ____A C:\Users\fogelfamily\Documents\Blood Pressure.xlr.xlsx 2013-04-20 02:48 - 2012-04-24 07:01 - 02938880 ____A C:\Users\fogelfamily\Documents\UBF Tracing Form for ICTS.wps 2013-04-20 02:48 - 2012-01-17 06:22 - 00020480 ____A C:\Users\fogelfamily\Documents\MCIS recruitment Admin tool - Proposal.wps 2013-04-20 02:48 - 2012-01-17 06:05 - 00031185 ____A C:\Users\fogelfamily\Documents\MCIS recruitment Admin tool - Proposal.docm 2013-04-20 02:48 - 2011-09-10 06:39 - 00048772 ____A C:\Users\fogelfamily\Documents\RFP.docm 2013-04-20 02:48 - 2011-09-02 07:33 - 00031184 ____A C:\Users\fogelfamily\Documents\MCIS Navision Technical.docm 2013-04-20 02:48 - 2011-08-15 06:35 - 00000140 ____A C:\Users\fogelfamily\Documents\tunein-station(2).pls 2013-04-20 02:48 - 2010-11-12 01:59 - 00009728 ____A C:\Users\fogelfamily\Documents\df.wps 2013-04-19 03:57 - 2013-04-19 03:57 - 00018986 ____A C:\Users\fogelfamily\Documents\a.xspf 2013-04-17 08:35 - 2013-04-17 08:35 - 00848912 ____A C:\Windows\Minidump\041713-11762-01.dmp 2013-04-16 09:40 - 2013-04-16 09:40 - 00848912 ____A C:\Windows\Minidump\041613-9750-01.dmp 2013-04-15 11:05 - 2013-04-15 11:05 - 00844768 ____A C:\Windows\Minidump\041513-10982-01.dmp 2013-04-14 10:57 - 2013-04-14 10:57 - 00842720 ____A C:\Windows\Minidump\041413-13743-01.dmp 2013-04-13 08:49 - 2013-04-13 08:49 - 00091750 ____A C:\Users\fogelfamily\Documents\Julius Ceaser - alexndrn.txt 2013-04-12 08:12 - 2013-04-12 08:12 - 00000000 ____D C:\Windows\System32\appmgmt 2013-04-12 08:07 - 2013-04-22 23:22 - 00000000 ____D C:\Windows\Downloaded Installations 2013-04-12 07:24 - 2013-04-12 07:24 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf 2013-04-12 07:24 - 2013-04-12 07:24 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center 2013-04-12 07:19 - 2013-04-12 07:19 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf 2013-04-12 07:13 - 2013-04-12 07:58 - 00000101 ____A C:\upnp_list.txt 2013-04-12 07:12 - 2013-04-26 22:40 - 00000000 ____D C:\ProgramData\twonkyserver 2013-04-12 07:12 - 2013-04-12 07:12 - 00000000 ____D C:\Program Files\Iomega 2013-04-12 07:11 - 2013-04-12 07:11 - 00000011 ____A C:\ProgramData\.tv6 2013-04-11 20:43 - 2013-04-11 20:43 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-04-10 04:39 - 2013-02-21 02:30 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-04-10 04:39 - 2013-02-21 02:30 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 04:39 - 2013-02-21 02:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-04-10 04:39 - 2013-02-21 02:15 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-04-10 04:39 - 2013-02-21 02:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-04-10 04:39 - 2013-02-21 02:14 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-04-10 04:39 - 2013-02-21 02:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-04-10 04:39 - 2013-02-19 04:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 04:39 - 2013-02-19 03:42 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-04-10 04:39 - 2013-02-19 03:10 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-04-10 04:39 - 2013-02-19 02:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-04-10 03:14 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-04-10 03:14 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-04-10 03:14 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-10 03:14 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-10 03:14 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-04-10 03:14 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-04-10 03:14 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-04-10 03:14 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys ==================== One Month Modified Files and Folders ======= 2013-05-08 11:00 - 2013-05-08 11:00 - 00000000 ____D C:\FRST 2013-05-08 10:42 - 2013-04-05 08:17 - 00000000 ____D C:\Program Files\Intel 2013-05-08 10:42 - 2013-04-05 08:09 - 00000000 ____D C:\Windows\SysWOW64\Drivers\MFDLL 2013-05-08 10:42 - 2013-04-05 08:09 - 00000000 ____D C:\Program Files (x86)\ASUS 2013-05-08 10:42 - 2013-03-23 04:25 - 00000000 ___SD C:\Users\fogelfamily\Google Drive 2013-05-08 10:42 - 2013-03-23 04:14 - 00000000 ____D C:\Program Files (x86)\Intel 2013-05-08 10:42 - 2013-03-23 03:45 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\Skype 2013-05-08 10:42 - 2013-03-23 03:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-05-08 10:42 - 2013-03-23 03:23 - 00000000 ____D C:\users\fogelfamily 2013-05-08 10:42 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\security 2013-05-08 10:42 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-05-08 10:42 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2013-05-07 10:41 - 2013-04-05 08:17 - 00000000 ____D C:\ProgramData\Intel 2013-05-07 10:40 - 2013-05-07 10:40 - 00000000 ____D C:\Program Files\Common Files\Intel 2013-05-07 10:40 - 2013-03-23 04:14 - 00000000 ____D C:\Intel 2013-05-07 08:32 - 2013-03-23 03:23 - 01436097 ____A C:\Windows\WindowsUpdate.log 2013-05-07 08:29 - 2013-04-05 08:28 - 00000000 ____A C:\Windows\Path.idx 2013-05-07 08:29 - 2013-04-05 08:21 - 04260144 ____A C:\Windows\PE_Rom.dll 2013-05-07 08:28 - 2013-03-23 04:04 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-07 08:27 - 2013-03-23 04:16 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs 2013-05-07 08:27 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-07 08:27 - 2009-07-13 20:51 - 00042914 ____A C:\Windows\setupact.log 2013-05-06 11:14 - 2013-03-23 04:38 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-05-06 11:09 - 2013-03-23 04:04 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-06 10:39 - 2013-03-23 04:34 - 00000932 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350188195-3064044745-2320044920-1000UA.job 2013-05-06 08:02 - 2009-07-13 20:45 - 00026768 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-06 08:02 - 2009-07-13 20:45 - 00026768 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-05 09:27 - 2013-03-23 04:31 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\vlc 2013-05-04 11:13 - 2013-05-04 11:13 - 00848912 ____A C:\Windows\Minidump\050413-11512-01.dmp 2013-05-04 11:13 - 2013-03-23 10:56 - 426611517 ____A C:\Windows\MEMORY.DMP 2013-05-04 11:13 - 2013-03-23 10:56 - 00000000 ____D C:\Windows\Minidump 2013-05-04 03:39 - 2013-03-23 04:34 - 00000880 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-350188195-3064044745-2320044920-1000Core.job 2013-05-03 23:32 - 2013-05-03 22:18 - 00000143 ____A C:\Users\fogelfamily\Documents\SyncToy.vbs 2013-05-03 22:20 - 2013-04-30 08:41 - 00000000 ____D C:\Program Files\SyncToy 2.1 2013-05-01 15:06 - 2010-11-20 19:27 - 00278800 ____A (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2013-05-01 07:35 - 2013-05-01 07:35 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\Mozilla 2013-05-01 03:36 - 2013-05-01 03:35 - 00822520 ____A C:\Windows\Minidump\050113-15756-01.dmp 2013-05-01 03:35 - 2010-11-20 19:47 - 00006458 ____A C:\Windows\PFRO.log 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default\AppData\LocalGoogle 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default User\AppData\LocalGoogle 2013-05-01 00:12 - 2013-05-01 00:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2013-04-30 08:48 - 2012-11-24 07:00 - 00000000 ____D C:\Users\fogelfamily\Documents\New folder 2013-04-30 08:48 - 2012-11-24 07:00 - 00000000 ____D C:\Users\fogelfamily\Documents\ASUS WebStorage 2013-04-30 08:47 - 2013-04-30 08:47 - 00000016 ____H C:\Users\fogelfamily\Downloads\SyncToy_4b4e6b55-3f02-47ba-837d-504a69f79e8b.dat 2013-04-30 08:46 - 2013-04-30 08:46 - 00000016 ____H C:\Users\fogelfamily\Documents\SyncToy_8dee775a-b2db-413a-8be8-1a72d609f4a4.dat 2013-04-30 08:41 - 2013-04-30 08:41 - 00000000 ____D C:\Program Files\Microsoft Sync Framework 2013-04-30 08:18 - 2013-04-06 01:45 - 00000893 ____A C:\Users\Public\Desktop\µTorrent.lnk 2013-04-30 08:18 - 2013-04-06 01:44 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\uTorrent 2013-04-28 12:32 - 2013-04-28 12:31 - 00844768 ____A C:\Windows\Minidump\042813-10592-01.dmp 2013-04-27 09:09 - 2013-04-27 09:09 - 00842720 ____A C:\Windows\Minidump\042713-11746-01.dmp 2013-04-26 22:40 - 2013-04-12 07:12 - 00000000 ____D C:\ProgramData\twonkyserver 2013-04-26 11:18 - 2013-04-26 11:17 - 00844768 ____A C:\Windows\Minidump\042613-16645-01.dmp 2013-04-26 08:34 - 2013-04-26 08:34 - 00001201 ____A C:\Users\Public\Desktop\LenovoEMC Storage Manager.lnk 2013-04-26 08:34 - 2013-04-26 08:34 - 00000000 ____D C:\Users\fogelfamily\AppData\Local\LenovoEMCStorageManager 2013-04-26 08:34 - 2013-04-26 08:34 - 00000000 ____D C:\ProgramData\LenovoEMCStorageManager 2013-04-26 08:34 - 2013-04-26 08:31 - 00000000 ____D C:\Program Files (x86)\LenovoEMC Storage Manager 2013-04-26 08:17 - 2013-04-26 08:17 - 00001087 ____A C:\Users\fogelfamily\Desktop\Music - Shortcut.lnk 2013-04-26 07:19 - 2013-04-26 07:19 - 03539005 ____A C:\Users\fogelfamily\Downloads\____ __ __ __ __ _____ _____.ppsx 2013-04-26 07:06 - 2013-04-26 07:05 - 06957807 ____A C:\Users\fogelfamily\Downloads\Train d'atterrissage en panne Landing gear failure 0313 (1).wmv 2013-04-26 07:05 - 2013-04-26 07:05 - 06957807 ____A C:\Users\fogelfamily\Downloads\Train d'atterrissage en panne Landing gear failure 0313.wmv 2013-04-25 08:00 - 2013-04-25 08:00 - 00001066 ____A C:\Users\Public\Desktop\VLC media player.lnk 2013-04-24 10:09 - 2009-07-13 21:13 - 00781298 ____A C:\Windows\System32\PerfStringBackup.INI 2013-04-22 23:25 - 2013-04-22 23:25 - 00001361 ____A C:\Users\fogelfamily\Desktop\Auslogics Duplicate File Finder.lnk 2013-04-22 23:25 - 2013-04-22 23:25 - 00000000 ____D C:\Program Files (x86)\Auslogics 2013-04-22 23:23 - 2013-04-22 23:23 - 00000000 ____D C:\Users\fogelfamily\AppData\Roaming\ASCOMP Software 2013-04-22 23:22 - 2013-04-12 08:07 - 00000000 ____D C:\Windows\Downloaded Installations 2013-04-20 05:10 - 2012-11-23 21:11 - 00000000 ____D C:\Users\fogelfamily\Documents\EBI 2013-04-19 03:57 - 2013-04-19 03:57 - 00018986 ____A C:\Users\fogelfamily\Documents\a.xspf 2013-04-17 08:35 - 2013-04-17 08:35 - 00848912 ____A C:\Windows\Minidump\041713-11762-01.dmp 2013-04-16 09:40 - 2013-04-16 09:40 - 00848912 ____A C:\Windows\Minidump\041613-9750-01.dmp 2013-04-15 11:05 - 2013-04-15 11:05 - 00844768 ____A C:\Windows\Minidump\041513-10982-01.dmp 2013-04-14 10:57 - 2013-04-14 10:57 - 00842720 ____A C:\Windows\Minidump\041413-13743-01.dmp 2013-04-13 08:49 - 2013-04-13 08:49 - 00091750 ____A C:\Users\fogelfamily\Documents\Julius Ceaser - alexndrn.txt 2013-04-12 08:12 - 2013-04-12 08:12 - 00000000 ____D C:\Windows\System32\appmgmt 2013-04-12 07:58 - 2013-04-12 07:13 - 00000101 ____A C:\upnp_list.txt 2013-04-12 07:58 - 2013-03-23 04:04 - 00109688 ____A C:\Users\fogelfamily\AppData\Local\GDIPFONTCACHEV1.DAT 2013-04-12 07:57 - 2009-07-13 20:45 - 00414736 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-12 07:24 - 2013-04-12 07:24 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_point64_01011.Wdf 2013-04-12 07:24 - 2013-04-12 07:24 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center 2013-04-12 07:19 - 2013-04-12 07:19 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf 2013-04-12 07:12 - 2013-04-12 07:12 - 00000000 ____D C:\Program Files\Iomega 2013-04-12 07:11 - 2013-04-12 07:11 - 00000011 ____A C:\ProgramData\.tv6 2013-04-12 06:45 - 2013-04-24 10:05 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-12 03:38 - 2013-03-23 04:38 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-04-12 03:38 - 2013-03-23 04:38 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-04-11 20:43 - 2013-04-11 20:43 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-04-10 04:40 - 2013-04-05 06:14 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-04-10 04:40 - 2013-02-15 20:20 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 03:10 - 2013-03-23 04:08 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-04-24 11:13:56 Restore point made on: 2013-04-30 08:20:54 Restore point made on: 2013-04-30 08:41:49 Restore point made on: 2013-05-07 08:32:04 Restore point made on: 2013-05-07 10:41:59 Restore point made on: 2013-05-07 10:42:50 Restore point made on: 2013-05-07 10:43:05 Restore point made on: 2013-05-07 10:43:34 Restore point made on: 2013-05-07 10:43:48 Restore point made on: 2013-05-07 10:44:17 Restore point made on: 2013-05-07 10:44:34 Restore point made on: 2013-05-07 10:44:49 Restore point made on: 2013-05-07 10:45:13 Restore point made on: 2013-05-07 10:45:30 Restore point made on: 2013-05-07 10:45:46 Restore point made on: 2013-05-07 10:46:17 Restore point made on: 2013-05-07 10:46:45 Restore point made on: 2013-05-07 10:47:09 Restore point made on: 2013-05-07 10:47:25 Restore point made on: 2013-05-07 10:47:57 Restore point made on: 2013-05-07 10:55:03 ==================== Memory info =========================== Percentage of memory in use: 15% Total physical RAM: 3779.4 MB Available physical RAM: 3194.54 MB Total Pagefile: 3777.6 MB Available Pagefile: 3182.38 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:364.14 GB) NTFS (Disk=0 Partition=2) Drive e: (Win7Ult-SP1-x64-en-US) (CDROM) (Total:4.11 GB) (Free:0 GB) UDF Drive f: () (Removable) (Total:29.8 GB) (Free:8.21 GB) FAT32 (Disk=1 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ==================================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 000E6F8C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ==================================================================== Disk: 1 (Size: 30 GB) (Disk ID: 00000000) Partition 1: (Not Active) - (Size=30 GB) - (Type=0C) Last Boot: 2013-05-03 23:12 ==================== End Of Log ============================