Scan result of Farbar Recovery Scan Tool (x64) Version: 05-09-2012
Ran by SYSTEM at 07-09-2012 20:38:10
Running from D:\
Windows Vista Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe [272896 2008-09-03] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe [3863040 2008-11-20] (Dell Inc.)
HKLM\...\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe [2037328 2008-08-20] (Dell Inc.)
HKLM\...\Run: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [178712 2008-05-07] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray64.exe [462336 2008-12-14] (IDT, Inc.)
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2012-06-08] (LogMeIn, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 [446635 2008-06-03] (Creative Technology Ltd.)
HKLM-x32\...\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe [2042208 2011-10-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Microsoft Works Update Detection] C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [28738 2001-08-16] (Microsoft® Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKU\Rick\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-01-21] (Google Inc.)
HKU\Rick\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Rick\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\Rick\...\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [26192168 2010-05-13] (Skype Technologies S.A.)
HKU\Rick\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\RunOnce: [OTL] "C:\Users\Rick\Desktop\OTL.exe" [598528 2012-08-29] (OldTimer Tools)
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
AppInit_DLLs: avgrssta.dll
IMEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
Startup: C:\Users\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (Microsoft® Corporation)
Startup: C:\Users\Default\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rick\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Rick\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
ShortcutTarget: Picture Motion Browser Media Check Tool.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
==================== Services ====================
2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\AESTSr64.exe [88576 2008-12-14] (Andrea Electronics Corporation)
2 avg8emc; C:\PROGRA~2\AVG\AVG8\avgemc.exe [908056 2009-08-29] (AVG Technologies CZ, s.r.o.)
2 avg8wd; C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe [297752 2009-08-29] (AVG Technologies CZ, s.r.o.)
2 gupdate1c9a572192110f0; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [133104 2009-03-15] (Google Inc.)
2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375208 2012-07-05] (LogMeIn, Inc.)
2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147368 2012-07-05] (LogMeIn, Inc.)
2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2012-06-08] (LogMeIn, Inc.)
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_cce24a4c\STacSV64.exe [281600 2008-12-14] (IDT, Inc.)
2 wltrysvc; C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe [2930688 2008-11-20] (Dell Inc.)
2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [x]
==================== Drivers =================================
1 AvgLdx64; C:\Windows\System32\Drivers\AvgLdx64.sys [427016 2009-08-29] (AVG Technologies CZ, s.r.o.)
1 AvgMfx64; C:\Windows\System32\Drivers\AvgMfx64.sys [33416 2009-08-29] (AVG Technologies CZ, s.r.o.)
1 AvgTdiA; C:\Windows\System32\Drivers\AvgTdiA.sys [133640 2009-05-06] (AVG Technologies CZ, s.r.o.)
2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2012-06-08] (LogMeIn, Inc.)
3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2012-06-08] (LogMeIn, Inc.)
2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2012-06-08] (LogMeIn, Inc.)
3 OA009Ufd; C:\Windows\System32\Drivers\OA009Ufd.sys [168864 2008-09-03] (Creative Technology Ltd.)
3 OA009Vid; C:\Windows\System32\Drivers\OA009Vid.sys [307456 2008-09-03] (Creative Technology Ltd.)
0 PxHelp20; C:\Windows\SysWow64\Drivers\PxHelp20.sys [36624 2006-11-02] (Sonic Solutions)
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
4 LMIRfsClientNP; [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) =================
==================== One Month Created Files and Folders ======================
2012-09-07 06:27 - 2012-09-07 06:27 - 00001532 ____A C:\Windows\PFRO.log
2012-09-01 02:56 - 2012-09-01 02:56 - 00000000 ____D C:\ComboFix
2012-08-31 15:29 - 2012-08-31 15:29 - 00002096 ____A C:\Users\Rick\Desktop\aswMBR.txt
2012-08-31 15:29 - 2012-08-31 15:29 - 00000512 ____A C:\Users\Rick\Desktop\MBR.dat
2012-08-31 14:31 - 2012-08-31 14:31 - 00000000 ____D C:\users\LogMeInRemoteUser.Rick-PC
2012-08-31 14:31 - 2011-01-29 13:19 - 00000000 ____D C:\Users\LogMeInRemoteUser.Rick-PC\AppData\Roaming\Mozilla
2012-08-31 14:23 - 2012-08-31 14:24 - 00000000 ____D C:\Users\Rick\AppData\Local\{0E8EFDA9-DFDC-479B-B2C1-BDD88F5CAEEC}
2012-08-30 16:21 - 2012-08-30 16:21 - 00000000 ____D C:\Users\Rick\AppData\Local\{338B037F-01A0-4AF2-B94D-4BBA156EBD39}
2012-08-30 15:26 - 2012-08-30 15:26 - 00000000 ____D C:\_OTL
2012-08-30 12:43 - 2012-08-30 12:43 - 00000000 ____D C:\Users\Rick\AppData\Local\{506D863F-68E4-4206-ACD1-CF01112837D9}
2012-08-29 17:12 - 2012-08-29 17:12 - 00044724 ____A C:\Users\Rick\Desktop\Extras.Txt
2012-08-29 17:10 - 2012-08-30 15:22 - 00084566 ____A C:\Users\Rick\Desktop\OTL.Txt
2012-08-29 16:57 - 2012-08-29 16:57 - 00598528 ____A (OldTimer Tools) C:\Users\Rick\Desktop\OTL.exe
2012-08-29 16:15 - 2012-09-07 10:41 - 00000000 ___SD C:\32788R22FWJFW
2012-08-29 16:15 - 2012-09-07 10:41 - 00000000 ____D C:\Windows\erdnt
2012-08-29 16:15 - 2012-09-07 10:41 - 00000000 ____D C:\Qoobox
2012-08-29 16:11 - 2012-08-29 16:12 - 04740381 ___RA (Swearware) C:\Users\Rick\Desktop\ComboFix.exe
2012-08-29 15:50 - 2012-08-29 15:50 - 00000020 __ASH C:\Users\LogMeInRemoteUser\ntuser.ini
2012-08-29 15:50 - 2011-01-29 13:19 - 00000000 ____D C:\Users\LogMeInRemoteUser\AppData\Roaming\Mozilla
2012-08-29 15:50 - 2009-12-08 19:35 - 00000000 ____D C:\Users\LogMeInRemoteUser\AppData\Roaming\Macromedia
2012-08-29 15:49 - 2012-09-07 10:41 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2012-08-29 15:49 - 2012-09-01 02:41 - 00000000 ____D C:\Users\All Users\LogMeIn
2012-08-29 15:49 - 2012-08-31 14:29 - 00001024 ____A C:\.rnd
2012-08-29 15:49 - 2012-08-29 15:49 - 00000000 ____D C:\Users\Rick\AppData\Local\LogMeIn
2012-08-29 15:49 - 2012-07-05 14:11 - 00087488 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
2012-08-29 15:49 - 2012-07-05 14:10 - 00080800 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
2012-08-29 15:49 - 2012-07-05 14:10 - 00034720 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
2012-08-29 15:49 - 2012-06-08 08:06 - 00072216 ____A (LogMeIn, Inc.) C:\Windows\System32\Drivers\LMIRfsDriver.sys
2012-08-29 15:29 - 2012-08-29 15:30 - 00000000 ____D C:\Users\Rick\AppData\Local\{06407AD3-52D6-4795-AD4B-529B6C515579}
2012-08-21 02:49 - 2012-08-29 02:59 - 00000000 ____D C:\Users\Rick\AppData\Local\{AAFF3BD8-3794-4FA7-B9F5-CE58D54E4FC2}
2012-08-15 23:27 - 2012-08-19 01:40 - 00000000 ____D C:\Users\Rick\AppData\Local\{B4146E86-D208-439D-AD0F-F17B2CE10A2C}
2012-08-15 23:27 - 2012-08-15 23:28 - 00000000 ____D C:\Users\Rick\AppData\Local\{F8741D5E-B7E8-42D4-B2D8-925386D13C9F}
2012-08-15 23:04 - 2012-07-04 06:33 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-08-15 23:04 - 2012-06-27 20:10 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-15 23:04 - 2012-06-27 19:39 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-15 23:04 - 2012-06-27 19:28 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-15 23:04 - 2012-06-27 19:22 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-15 23:04 - 2012-06-27 19:21 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-15 23:04 - 2012-06-27 19:20 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-15 23:04 - 2012-06-27 19:19 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-15 23:04 - 2012-06-27 19:17 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-15 23:04 - 2012-06-27 19:16 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-15 23:04 - 2012-06-27 19:16 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-15 23:04 - 2012-06-27 19:14 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-15 23:04 - 2012-06-27 19:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-15 23:04 - 2012-06-27 19:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-15 23:04 - 2012-06-27 19:08 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-15 23:04 - 2012-06-27 16:50 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-15 23:04 - 2012-06-27 16:28 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-15 23:04 - 2012-06-27 16:27 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-08-15 23:04 - 2012-06-27 16:19 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-08-15 23:04 - 2012-06-27 16:18 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-15 23:04 - 2012-06-27 16:18 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-15 23:04 - 2012-06-27 16:16 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-15 23:04 - 2012-06-27 16:13 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-15 23:04 - 2012-06-27 16:12 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-08-15 23:04 - 2012-06-27 16:10 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-08-15 23:04 - 2012-06-27 16:08 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-15 23:04 - 2012-06-27 16:08 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-15 23:04 - 2012-06-27 16:07 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-15 23:04 - 2012-06-27 16:04 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-15 16:20 - 2012-06-29 08:20 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-08-15 16:20 - 2012-06-29 08:01 - 00467968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-08-15 16:20 - 2012-05-11 08:34 - 00788480 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2012-08-15 16:20 - 2012-05-11 07:57 - 00623616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
==================== 3 Months Modified Files ================================
2012-09-07 16:18 - 2012-04-17 15:21 - 425923147 ____A C:\Windows\MEMORY.DMP
2012-09-07 10:42 - 2006-11-02 04:33 - 83623936 ____A C:\Windows\System32\config\software_previous
2012-09-07 10:42 - 2006-11-02 04:33 - 16515072 ____A C:\Windows\System32\config\system_previous
2012-09-07 10:28 - 2006-11-02 04:33 - 58458112 ____A C:\Windows\System32\config\components_previous
2012-09-07 10:28 - 2006-11-02 04:33 - 00262144 ____A C:\Windows\System32\config\sam_previous
2012-09-07 06:27 - 2012-09-07 06:27 - 00001532 ____A C:\Windows\PFRO.log
2012-09-01 07:14 - 2006-11-02 04:33 - 04194304 ____A C:\Windows\System32\config\default_previous
2012-09-01 07:14 - 2006-11-02 04:33 - 00262144 ____A C:\Windows\System32\config\security_previous
2012-08-31 22:23 - 2009-01-20 18:14 - 01205725 ____A C:\Windows\WindowsUpdate.log
2012-08-31 15:29 - 2012-08-31 15:29 - 00002096 ____A C:\Users\Rick\Desktop\aswMBR.txt
2012-08-31 15:29 - 2012-08-31 15:29 - 00000512 ____A C:\Users\Rick\Desktop\MBR.dat
2012-08-31 14:29 - 2012-08-29 15:49 - 00001024 ____A C:\.rnd
2012-08-30 16:20 - 2009-06-14 05:18 - 00000680 ____A C:\Users\Rick\AppData\Local\d3d9caps.dat
2012-08-30 15:22 - 2012-08-29 17:10 - 00084566 ____A C:\Users\Rick\Desktop\OTL.Txt
2012-08-30 14:56 - 2012-05-02 16:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-30 14:40 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-30 14:40 - 2006-11-02 07:22 - 00003616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-30 14:30 - 2009-07-12 16:23 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-30 12:40 - 2009-07-12 16:23 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-30 12:40 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-29 20:45 - 2006-11-02 07:42 - 00032590 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-29 17:12 - 2012-08-29 17:12 - 00044724 ____A C:\Users\Rick\Desktop\Extras.Txt
2012-08-29 16:57 - 2012-08-29 16:57 - 00598528 ____A (OldTimer Tools) C:\Users\Rick\Desktop\OTL.exe
2012-08-29 16:12 - 2012-08-29 16:11 - 04740381 ___RA (Swearware) C:\Users\Rick\Desktop\ComboFix.exe
2012-08-29 15:50 - 2012-08-29 15:50 - 00000020 __ASH C:\Users\LogMeInRemoteUser\ntuser.ini
2012-08-29 15:29 - 2009-06-14 04:40 - 00000880 ____A C:\Windows\Tasks\Google Software Updater.job
2012-08-29 03:01 - 2009-04-17 14:56 - 00002027 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2012-08-18 13:43 - 2006-11-02 04:46 - 00703516 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-15 23:23 - 2006-11-02 07:21 - 00404352 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-15 23:00 - 2006-11-02 04:35 - 62134624 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-08-15 16:13 - 2012-05-02 16:31 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-15 16:13 - 2011-06-13 08:19 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-13 07:55 - 2009-03-01 11:39 - 00000398 ____A C:\Windows\Tasks\EasyShare Registration Task.job
2012-07-23 09:26 - 2009-02-18 18:32 - 00001600 ____A C:\Users\Rick\AppData\Roaming\wklnhst.dat
2012-07-05 14:11 - 2012-08-29 15:49 - 00087488 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIRfsClientNP.dll
2012-07-05 14:10 - 2012-08-29 15:49 - 00080800 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIinit.dll
2012-07-05 14:10 - 2012-08-29 15:49 - 00034720 ____A (LogMeIn, Inc.) C:\Windows\System32\LMIport.dll
2012-07-04 06:33 - 2012-08-15 23:04 - 02769408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-29 08:20 - 2012-08-15 16:20 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll
2012-06-29 08:01 - 2012-08-15 16:20 - 00467968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2012-06-27 20:10 - 2012-08-15 23:04 - 17809920 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-27 19:39 - 2012-08-15 23:04 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-27 19:28 - 2012-08-15 23:04 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-27 19:22 - 2012-08-15 23:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-27 19:21 - 2012-08-15 23:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-27 19:20 - 2012-08-15 23:04 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-27 19:19 - 2012-08-15 23:04 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-27 19:17 - 2012-08-15 23:04 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-27 19:16 - 2012-08-15 23:04 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-27 19:16 - 2012-08-15 23:04 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-27 19:14 - 2012-08-15 23:04 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-27 19:13 - 2012-08-15 23:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-27 19:12 - 2012-08-15 23:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-27 19:08 - 2012-08-15 23:04 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-27 16:50 - 2012-08-15 23:04 - 12317184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-27 16:28 - 2012-08-15 23:04 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-27 16:27 - 2012-08-15 23:04 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-27 16:19 - 2012-08-15 23:04 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-27 16:18 - 2012-08-15 23:04 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-27 16:18 - 2012-08-15 23:04 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-27 16:16 - 2012-08-15 23:04 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-27 16:13 - 2012-08-15 23:04 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-27 16:12 - 2012-08-15 23:04 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-27 16:10 - 2012-08-15 23:04 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-27 16:08 - 2012-08-15 23:04 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-27 16:08 - 2012-08-15 23:04 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-27 16:07 - 2012-08-15 23:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-27 16:04 - 2012-08-15 23:04 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-18 08:30 - 2012-06-18 08:09 - 05827983 ____A C:\Users\Rick\Documents\instructor guide.xps
2012-06-18 08:27 - 2012-06-18 08:26 - 05827983 ____A C:\Users\Rick\Documents\insturctor guide.xps
2012-06-18 05:36 - 2012-06-18 05:36 - 00001696 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-06-18 05:28 - 2012-06-18 05:28 - 00001758 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-06-18 05:26 - 2012-05-02 14:12 - 00001866 ____A C:\Users\Public\Desktop\Safari.lnk
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-06-22 13:16:00
Restore point made on: 2012-06-22 13:16:42
Restore point made on: 2012-06-22 13:17:46
Restore point made on: 2012-06-22 13:18:51
Restore point made on: 2012-06-24 07:09:08
Restore point made on: 2012-06-26 15:51:05
Restore point made on: 2012-07-02 18:32:27
Restore point made on: 2012-07-08 04:29:41
Restore point made on: 2012-07-11 06:19:57
Restore point made on: 2012-07-11 23:00:45
Restore point made on: 2012-07-15 12:27:02
Restore point made on: 2012-07-23 09:30:25
Restore point made on: 2012-07-23 09:38:30
Restore point made on: 2012-07-26 14:18:01
Restore point made on: 2012-07-26 14:19:21
Restore point made on: 2012-07-26 14:20:00
Restore point made on: 2012-07-30 13:11:28
Restore point made on: 2012-08-02 17:39:26
Restore point made on: 2012-08-04 05:25:18
Restore point made on: 2012-08-04 05:27:41
Restore point made on: 2012-08-09 18:00:12
Restore point made on: 2012-08-15 16:15:10
Restore point made on: 2012-08-15 23:00:31
Restore point made on: 2012-08-18 13:40:45
Restore point made on: 2012-08-29 15:48:51
Restore point made on: 2012-08-30 15:26:58
Restore point made on: 2012-08-31 14:28:55
==================== Memory info ===========================
Percentage of memory in use: 10%
Total physical RAM: 4057.45 MB
Available physical RAM: 3627.53 MB
Total Pagefile: 3931.09 MB
Available Pagefile: 3601.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Partitions ============================
1 Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:190.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: () (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT32
8 Drive x: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:7.93 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 1910 MB 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 32 KB
Partition 2 Primary 15 GB 40 MB
Partition 3 Primary 283 GB 15 GB
==================================================================================
Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 FAT Partition 39 MB Healthy Hidden
==================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 X RECOVERY NTFS Partition 15 GB Healthy Boot
==================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 283 GB Healthy
==================================================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1909 MB 1024 KB
==================================================================================
Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 D FAT32 Removable 1909 MB Healthy
==================================================================================
Last Boot: 2012-08-31 15:02
==================== End Of Log =============================