Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

HP Pavilion dv7 slow

Started by Rabell , Jan 09 2014 09:22 AM

Please log in to reply

#1
Rabell

Posted 09 January 2014 - 09:22 AM

Member

Member
29 posts

HI,

I has a HP Pavilion dv7 running windows 7 Extremely slow or lock up? I have ran avg2014 and Malware both come back up?

Help..

thank you

#2
RKinner

Posted 09 January 2014 - 11:09 PM

Malware Expert

Expert
24,625 posts

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!) Download, Save and Install it. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Attach the file to your next post.

#3
Rabell

Posted 10 January 2014 - 12:56 PM

Member

Topic Starter
Member
29 posts

Rkinner thank you very much I have done all scanned here are the logs:

AdwCleaner[R0].txt:

# AdwCleaner v3.016 - Report created 10/01/2014 at 12:35:23
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : BAMM - BAMM-HP
# Running from : C:\Users\BAMM\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : BackupStack

***** [ Files / Folders ] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\Extensions\[email protected]
File Found : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\searchplugins\safeguard-secure-search.xml
File Found : C:\Users\BAMM\Desktop\HDVidCodec.lnk
File Found : C:\Users\BAMM\Desktop\jZip.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\System32\Tasks\LaunchApp
Folder Found : C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Folder Found C:\Program Files (x86)\HDvidCodec.com
Folder Found C:\Program Files (x86)\jZip
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Found C:\Users\BAMM\AppData\Local\jZip
Folder Found C:\Users\BAMM\AppData\Local\Temp\AirInstaller
Folder Found C:\Users\BAMM\AppData\Local\Temp\jZip
Folder Found C:\Users\BAMM\AppData\LocalLow\AVG Security Toolbar
Folder Found C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\jZip.file
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Found : HKLM\Software\jZip
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v5.0 (en-US)

[ File : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\prefs.js ]

-\\ Google Chrome v32.0.1700.72

[ File : C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7471 octets] - [10/01/2014 12:35:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7531 octets] ##########

AdwCleaner[So].txt

# AdwCleaner v3.016 - Report created 10/01/2014 at 12:39:29
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : BAMM - BAMM-HP
# Running from : C:\Users\BAMM\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Users\BAMM\AppData\Local\jZip
Folder Deleted : C:\Users\BAMM\AppData\Local\Temp\AirInstaller
Folder Deleted : C:\Users\BAMM\AppData\Local\Temp\jZip
Folder Deleted : C:\Users\BAMM\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
File Deleted : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\Extensions\[email protected]
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\BAMM\Desktop\HDVidCodec.lnk
File Deleted : C:\Users\BAMM\Desktop\jZip.lnk
File Deleted : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Windows\System32\Tasks\LaunchApp

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kpkbnefaikfaeadgidhpoanckoiaheli
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v5.0 (en-US)

[ File : C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\prefs.js ]

-\\ Google Chrome v32.0.1700.72

[ File : C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7687 octets] - [10/01/2014 12:35:23]
AdwCleaner[S0].txt - [7233 octets] - [10/01/2014 12:39:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7293 octets] ##########

Junkware-removal-Tool:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by BAMM on Fri 01/10/2014 at 12:59:29.75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RoboTaskBarIcon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RoboTaskBarIcon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\RoboTaskBarIcon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\RoboTaskBarIcon_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6014F15D-8560-478B-ACE7-7E2BC17F09A5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C6EE1C15-5F7A-4353-BD54-C902DD994D35}

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{115349CE-2CC1-45BE-B7C3-C1F370593C8F}
Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{35DF835E-4090-4A03-9B19-EB2FC7E8EE7A}
Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{4D01D3DA-7845-4248-B9A6-27461A227CB3}
Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{6AAC61A8-BD7E-4C2F-A3DD-8AD4BFF9A1B5}
Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{7EB91BF1-24D1-42A1-8F4E-B5D6A6287B1B}
Successfully deleted: [Empty Folder] C:\Users\BAMM\appdata\local\{EB7FC7E8-5379-43C2-B13D-D7919533DAD7}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/10/2014 at 13:13:45.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-01-2014
Ran by BAMM (administrator) on BAMM-HP on 10-01-2014 13:15:59
Running from C:\Users\BAMM\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Certiport, Inc.) C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(ZipCloud.com) C:\Program Files (x86)\ZipCloud\ZipCloud.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intuit Inc. All rights reserved.) C:\Users\BAMM\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-09-14] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [825560 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2778424 2013-03-14] (Intuit Inc. All rights reserved.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [83713E6C43CE78DFE0F544CB3543BD09D6E0F74B._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584 2014-01-06] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [109784 2013-11-09] (Siber Systems)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-24] (Google Inc.)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\BAMM\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=d180da1a5fd047d6babb3163c476837c-b76fbd914a7e8829e7939fb2dc6457643400cf30 /CMPID=1213b
MountPoints2: {1f11776c-e894-11e0-b11b-ba7a057de85d} - F:\LaunchU3.exe -a
MountPoints2: {3dabed71-6705-11e1-aaa5-984be1989c0e} - F:\LaunchU3.exe -a
MountPoints2: {a23fe1f4-76d6-11e1-8225-005056c00008} - G:\WIN\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZipCloud.lnk
ShortcutTarget: ZipCloud.lnk -> C:\Program Files (x86)\ZipCloud\ZipCloud.exe (ZipCloud.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.roboform.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://g.msn.com/HPNOT/1
http://www.google.com/
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Show Naturalreader Bar - {127AD70F-B2B7-4f6a-ACD9-C7B1FE48C8C0} - C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} http://184.18.229.133/RemoteWeb.cab
DPF: HKLM-x32 {64003D84-EC2E-4EFC-B494-4CBB51102657} https://certprep.cer...serLockdown.exe
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1058
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 208.38.252.3 184.170.172.131

FireFox:
========
FF ProfilePath: C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default
FF Homepage: hxxp://start.roboform.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: NetDvr_Plugins - C:\Program Files (x86)\NetDvr\Plugins\npDvr.dll (DVR)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\Extensions\[email protected]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome:
=======
CHR RestoreOnStartup: "translate_blocked_languages": [ "en"
CHR Extension: (RoboForm Lite) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\4.6.9_0
CHR Extension: (Skype Click to Call) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Google Wallet) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-09-21] (CyberLink)
R2 CPExamService; C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe [32256 2011-01-25] (Certiport, Inc.)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1072664 2013-05-29] (iolo technologies, LLC)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 CbFs; C:\Windows\system32\drivers\cbfs64.sys [191960 2010-09-22] (EldoS Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-12-06] (EldoS Corporation)
S1 FileDisk; No ImagePath
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2010-08-30] (Research in Motion Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [x]
S3 swmsflt; system32\DRIVERS\swmsflt.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-10 13:15 - 2014-01-10 13:17 - 00019944 _____ C:\Users\BAMM\Desktop\FRST.txt
2014-01-10 13:15 - 2014-01-10 13:15 - 00000000 ____D C:\FRST
2014-01-10 13:15 - 2014-01-10 12:57 - 01932166 _____ (Farbar) C:\Users\BAMM\Desktop\FRST64.exe
2014-01-10 13:13 - 2014-01-10 13:13 - 00002090 _____ C:\Users\BAMM\Desktop\JRT.txt
2014-01-10 12:59 - 2014-01-10 12:59 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 12:59 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Desktop\JRT.exe
2014-01-10 12:57 - 2014-01-10 12:57 - 01932166 _____ (Farbar) C:\Users\BAMM\Downloads\FRST64.exe
2014-01-10 12:56 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Downloads\JRT.exe
2014-01-10 12:35 - 2014-01-10 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:30 - 2014-01-10 12:30 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Downloads\SpeedyComputer.exe
2014-01-10 12:28 - 2014-01-10 12:28 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\BAMM\Downloads\procexp.exe
2014-01-10 12:25 - 2014-01-10 12:25 - 01233962 _____ C:\Users\BAMM\Downloads\AdwCleaner.exe
2014-01-09 11:00 - 2014-01-09 11:00 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-09 10:59 - 2014-01-09 10:59 - 01402880 _____ C:\Users\BAMM\Downloads\HiJackThis.msi
2014-01-09 10:49 - 2014-01-09 11:00 - 00002971 _____ C:\Users\BAMM\Desktop\HiJackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00002097 _____ C:\Users\Administrator\Desktop\HijackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-07 03:13 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-07 03:13 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-07 03:13 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-07 03:13 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-07 03:12 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-07 03:12 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-07 03:12 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-07 03:12 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-07 03:12 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-07 03:12 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-07 03:12 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-07 03:12 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-07 03:12 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-07 03:12 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-07 03:12 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-07 03:12 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-07 03:12 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-07 03:12 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-07 03:12 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-07 03:12 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-07 03:12 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-07 03:12 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-07 03:12 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-07 03:12 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-07 03:12 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-07 03:12 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-07 03:12 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 03:11 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-07 03:10 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-07 03:10 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-07 03:10 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-06 18:23 - 2014-01-06 18:23 - 00000000 ____D C:\Users\BAMM\Pass4sure
2014-01-06 18:22 - 2014-01-06 18:22 - 00001273 _____ C:\Users\Public\Desktop\Pass4sure Apple 9L0-010 Demo.lnk
2014-01-06 18:22 - 2014-01-06 18:22 - 00000000 ____D C:\Program Files (x86)\Pass4sure Test Environment
2014-01-06 18:21 - 2014-01-06 18:21 - 03248954 _____ C:\Users\BAMM\Downloads\9L0-010qa-demo.zip
2014-01-06 18:21 - 2014-01-06 18:21 - 00000000 ____D C:\Users\BAMM\Documents\pass4sure
2014-01-06 17:00 - 2014-01-06 17:00 - 00002018 _____ C:\Users\Public\Desktop\Pass Certification.lnk
2014-01-06 17:00 - 2014-01-06 17:00 - 00000000 ____D C:\Program Files (x86)\PassCertification
2014-01-06 16:58 - 2014-01-06 16:58 - 00000000 ____D C:\Users\BAMM\Documents\acmt
2014-01-06 16:56 - 2014-01-06 16:56 - 06842145 _____ C:\Users\BAMM\Downloads\9L0-010-Demo.zip
2014-01-06 13:49 - 2014-01-06 13:49 - 00008041 _____ C:\Users\BAMM\Downloads\History (3).qfx
2014-01-06 09:59 - 2014-01-10 12:24 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1DC5ABEB-77B3-423C-AC27-B6C7FA15A15B}
2014-01-06 08:16 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-06 08:12 - 2014-01-06 08:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-03 07:52 - 2014-01-03 08:23 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Prodiance
2014-01-03 07:52 - 2014-01-03 08:01 - 00036037 _____ C:\Users\Public\Documents\laptop turnin 122012.xlsx
2014-01-03 07:52 - 2014-01-03 07:52 - 00093386 _____ C:\Users\Public\Documents\laptop inventory 1-3-13.xlsx
2014-01-02 18:25 - 2014-01-02 18:25 - 00002824 _____ C:\Users\BAMM\Desktop\Outlook 2013.lnk
2014-01-02 15:44 - 2014-01-02 15:44 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-02 15:39 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-02 14:41 - 2014-01-02 15:41 - 00000000 ____D C:\Windows\SHELLNEW
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-02 13:49 - 2014-01-02 13:49 - 00000000 ____D C:\IUware Online
2014-01-02 11:39 - 2014-01-02 12:05 - 733482472 _____ C:\Users\BAMM\Downloads\OfficeProfessionalPlus201364bit.exe
2013-12-30 10:23 - 2013-12-30 10:23 - 00005363 _____ C:\Users\BAMM\Downloads\History (2).qfx
2013-12-28 12:50 - 2013-12-28 13:45 - 00000000 ____D C:\a56214fbe93dcefb309a391364af
2013-12-28 12:48 - 2013-12-28 14:45 - 00000134 _____ C:\Users\BAMM\Desktop\Internet Explorer Troubleshooting.url
2013-12-23 13:43 - 2013-12-18 09:05 - 73043495 _____ C:\Users\BAMM\Desktop\Lead Kahuna.exe
2013-12-23 13:42 - 2013-12-23 13:43 - 68340094 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.99_win.zip
2013-12-16 13:01 - 2013-12-16 13:01 - 00000000 ____D C:\Users\BAMM\AppData\Local\Ofi Labs
2013-12-16 13:00 - 2014-01-02 18:27 - 00056304 _____ C:\Users\BAMM\GooglePageSource_Testing.html
2013-12-16 12:56 - 2013-12-16 12:56 - 00000000 ____D C:\Users\BAMM\Lead Kahuna
2013-12-16 12:52 - 2013-12-16 12:54 - 68333374 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.98_win.zip
2013-12-13 14:28 - 2013-12-13 14:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BAMM\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-13 14:23 - 2013-12-13 14:23 - 04436944 _____ (AVG Technologies) C:\Users\BAMM\Downloads\avg_free_stb_all_2014_4259_cnet.exe
2013-12-13 09:16 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:16 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:16 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:16 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 11:30 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 11:30 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 11:30 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 11:30 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 11:30 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 11:30 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 11:30 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 11:30 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 11:30 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 11:30 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 11:30 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 11:30 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 11:30 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 11:30 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 11:30 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 11:30 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 11:30 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 11:30 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 11:30 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 11:21 - 2014-01-06 08:16 - 00062773 _____ C:\Windows\IE11_main.log

==================== One Month Modified Files and Folders =======

2014-01-10 13:29 - 2012-04-03 13:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 13:17 - 2014-01-10 13:15 - 00019944 _____ C:\Users\BAMM\Desktop\FRST.txt
2014-01-10 13:15 - 2014-01-10 13:15 - 00000000 ____D C:\FRST
2014-01-10 13:13 - 2014-01-10 13:13 - 00002090 _____ C:\Users\BAMM\Desktop\JRT.txt
2014-01-10 13:08 - 2011-07-19 12:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-10 12:59 - 2014-01-10 12:59 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 12:57 - 2014-01-10 13:15 - 01932166 _____ (Farbar) C:\Users\BAMM\Desktop\FRST64.exe
2014-01-10 12:57 - 2014-01-10 12:57 - 01932166 _____ (Farbar) C:\Users\BAMM\Downloads\FRST64.exe
2014-01-10 12:56 - 2014-01-10 12:59 - 01037068 _____ (Thisisu) C:\Users\BAMM\Desktop\JRT.exe
2014-01-10 12:56 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Downloads\JRT.exe
2014-01-10 12:52 - 2009-07-13 23:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:52 - 2009-07-13 23:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-10 12:49 - 2011-01-19 03:50 - 01065953 _____ C:\Windows\WindowsUpdate.log
2014-01-10 12:46 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-10 12:44 - 2011-07-19 12:42 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-10 12:43 - 2011-01-19 04:04 - 00612060 _____ C:\Windows\PFRO.log
2014-01-10 12:43 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-10 12:43 - 2009-07-13 23:51 - 00126208 _____ C:\Windows\setupact.log
2014-01-10 12:39 - 2014-01-10 12:35 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:30 - 2014-01-10 12:30 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Downloads\SpeedyComputer.exe
2014-01-10 12:28 - 2014-01-10 12:28 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\BAMM\Downloads\procexp.exe
2014-01-10 12:25 - 2014-01-10 12:25 - 01233962 _____ C:\Users\BAMM\Downloads\AdwCleaner.exe
2014-01-10 12:24 - 2014-01-06 09:59 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1DC5ABEB-77B3-423C-AC27-B6C7FA15A15B}
2014-01-10 10:35 - 2011-11-03 13:26 - 00000000 ____D C:\Users\BAMM\Documents\quickbooks data
2014-01-10 08:41 - 2011-04-18 10:27 - 00000000 ____D C:\ProgramData\MFAData
2014-01-10 08:11 - 2011-02-13 10:33 - 00000000 ____D C:\Users\BAMM\AppData\Local\Adobe
2014-01-09 20:05 - 2011-02-12 16:24 - 00000000 ____D C:\Users\BAMM\AppData\Local\CrashDumps
2014-01-09 11:00 - 2014-01-09 11:00 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-09 11:00 - 2014-01-09 10:49 - 00002971 _____ C:\Users\BAMM\Desktop\HiJackThis.lnk
2014-01-09 10:59 - 2014-01-09 10:59 - 01402880 _____ C:\Users\BAMM\Downloads\HiJackThis.msi
2014-01-09 10:49 - 2014-01-09 10:49 - 00002097 _____ C:\Users\Administrator\Desktop\HijackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-09 10:49 - 2009-07-14 00:13 - 00803974 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 10:33 - 2013-06-06 13:22 - 00000000 ____D C:\ProgramData\NaturalReaders
2014-01-08 09:26 - 2012-12-11 07:58 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBAMM-HP$
2014-01-08 09:26 - 2012-12-11 07:58 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForBAMM-HP$.job
2014-01-08 08:21 - 2013-06-21 10:11 - 00000458 ____H C:\Windows\Tasks\B & A Mobile Marketing llc 1371827452.job
2014-01-07 11:29 - 2013-11-25 07:36 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBAMM
2014-01-07 11:29 - 2013-11-25 07:36 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForBAMM.job
2014-01-07 04:33 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-06 18:23 - 2014-01-06 18:23 - 00000000 ____D C:\Users\BAMM\Pass4sure
2014-01-06 18:23 - 2011-02-12 15:01 - 00000000 ____D C:\Users\BAMM
2014-01-06 18:22 - 2014-01-06 18:22 - 00001273 _____ C:\Users\Public\Desktop\Pass4sure Apple 9L0-010 Demo.lnk
2014-01-06 18:22 - 2014-01-06 18:22 - 00000000 ____D C:\Program Files (x86)\Pass4sure Test Environment
2014-01-06 18:21 - 2014-01-06 18:21 - 03248954 _____ C:\Users\BAMM\Downloads\9L0-010qa-demo.zip
2014-01-06 18:21 - 2014-01-06 18:21 - 00000000 ____D C:\Users\BAMM\Documents\pass4sure
2014-01-06 17:00 - 2014-01-06 17:00 - 00002018 _____ C:\Users\Public\Desktop\Pass Certification.lnk
2014-01-06 17:00 - 2014-01-06 17:00 - 00000000 ____D C:\Program Files (x86)\PassCertification
2014-01-06 16:58 - 2014-01-06 16:58 - 00000000 ____D C:\Users\BAMM\Documents\acmt
2014-01-06 16:56 - 2014-01-06 16:56 - 06842145 _____ C:\Users\BAMM\Downloads\9L0-010-Demo.zip
2014-01-06 13:49 - 2014-01-06 13:49 - 00008041 _____ C:\Users\BAMM\Downloads\History (3).qfx
2014-01-06 09:54 - 2011-02-13 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-06 08:49 - 2011-02-12 15:22 - 00001417 _____ C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-06 08:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-06 08:16 - 2013-12-11 11:21 - 00062773 _____ C:\Windows\IE11_main.log
2014-01-06 08:12 - 2014-01-06 08:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-06 08:01 - 2012-02-13 14:16 - 00000436 ____H C:\Windows\Tasks\Wabash Wireless 1329160591.job
2014-01-03 08:23 - 2014-01-03 07:52 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Prodiance
2014-01-03 08:01 - 2014-01-03 07:52 - 00036037 _____ C:\Users\Public\Documents\laptop turnin 122012.xlsx
2014-01-03 07:52 - 2014-01-03 07:52 - 00093386 _____ C:\Users\Public\Documents\laptop inventory 1-3-13.xlsx
2014-01-03 07:46 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2014-01-03 07:35 - 2011-07-06 10:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 21:15 - 2009-07-13 23:45 - 05115504 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-02 19:19 - 2011-06-30 09:42 - 00000000 ____D C:\Program Files (x86)\Sharp
2014-01-02 19:18 - 2011-06-30 10:00 - 00000000 ____D C:\Windows\SysWOW64\SCDRV
2014-01-02 19:07 - 2011-04-07 07:47 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Blio
2014-01-02 18:27 - 2013-12-16 13:00 - 00056304 _____ C:\Users\BAMM\GooglePageSource_Testing.html
2014-01-02 18:25 - 2014-01-02 18:25 - 00002824 _____ C:\Users\BAMM\Desktop\Outlook 2013.lnk
2014-01-02 16:38 - 2011-02-12 15:07 - 00134456 _____ C:\Users\BAMM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 15:44 - 2014-01-02 15:44 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-02 15:41 - 2014-01-02 14:41 - 00000000 ____D C:\Windows\SHELLNEW
2014-01-02 15:41 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-02 15:40 - 2014-01-02 15:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-02 15:39 - 2011-02-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-02 14:54 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-02 14:40 - 2010-10-23 12:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-02 14:08 - 2011-02-13 17:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-02 14:07 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-02 14:04 - 2011-02-12 15:22 - 00000000 ___RD C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-02 13:49 - 2014-01-02 13:49 - 00000000 ____D C:\IUware Online
2014-01-02 12:05 - 2014-01-02 11:39 - 733482472 _____ C:\Users\BAMM\Downloads\OfficeProfessionalPlus201364bit.exe
2013-12-31 13:42 - 2012-04-03 13:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 13:42 - 2012-04-03 13:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 13:42 - 2011-06-07 07:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 13:38 - 2011-07-30 11:25 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\ZumoDrive
2013-12-30 10:23 - 2013-12-30 10:23 - 00005363 _____ C:\Users\BAMM\Downloads\History (2).qfx
2013-12-30 10:21 - 2013-03-17 09:11 - 00000031 _____ C:\Windows\QUICKEN.INI
2013-12-30 09:27 - 2011-11-20 16:15 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-30 09:27 - 2011-02-14 15:24 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-28 18:00 - 2009-07-14 00:08 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-28 14:49 - 2011-12-07 10:06 - 00796588 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-28 14:45 - 2013-12-28 12:48 - 00000134 _____ C:\Users\BAMM\Desktop\Internet Explorer Troubleshooting.url
2013-12-28 14:44 - 2013-08-18 02:29 - 00000000 ____D C:\Windows\system32\MRT
2013-12-28 13:45 - 2013-12-28 12:50 - 00000000 ____D C:\a56214fbe93dcefb309a391364af
2013-12-26 10:36 - 2011-02-13 18:45 - 00000000 ____D C:\Users\BAMM\Documents\BA_Clients
2013-12-23 13:43 - 2013-12-23 13:42 - 68340094 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.99_win.zip
2013-12-22 11:39 - 2013-07-22 11:20 - 00000000 ____D C:\Users\Administrator
2013-12-18 09:05 - 2013-12-23 13:43 - 73043495 _____ C:\Users\BAMM\Desktop\Lead Kahuna.exe
2013-12-16 13:01 - 2013-12-16 13:01 - 00000000 ____D C:\Users\BAMM\AppData\Local\Ofi Labs
2013-12-16 12:56 - 2013-12-16 12:56 - 00000000 ____D C:\Users\BAMM\Lead Kahuna
2013-12-16 12:54 - 2013-12-16 12:52 - 68333374 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.98_win.zip
2013-12-13 14:28 - 2013-12-13 14:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BAMM\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-13 14:23 - 2013-12-13 14:23 - 04436944 _____ (AVG Technologies) C:\Users\BAMM\Downloads\avg_free_stb_all_2014_4259_cnet.exe
2013-12-13 13:47 - 2012-06-16 20:50 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\PrimoPDF
2013-12-13 09:32 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 13:21 - 2013-04-05 20:00 - 00000000 ____D C:\Users\BAMM\SyncFolder
2013-12-11 11:23 - 2011-02-12 15:22 - 00000000 ___RD C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-11 11:22 - 2011-11-04 11:36 - 00002127 _____ C:\Users\Public\Desktop\eZ Account Import by ZSI.lnk

Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ShutdownMe.exe
C:\Users\BAMM\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-09 13:38

==================== End Of Log ============================

Process explorer:

Process PID CPU Working Set Description Company Name Virtual Size Verified Signer
System Idle Process 0 87.65 24 K 0 K
procexp64.exe 1436 7.10 57,696 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com 259,020 K (Verified) Sysinternals
ZipCloud.exe 2376 1.26 65,664 K ZipCloud ZipCloud.com 698,600 K (Verified) JDI BACKUP LIMITED
csrss.exe 700 1.07 14,128 K Client Server Runtime Process Microsoft Corporation 186,572 K (Verified) Microsoft Windows
Interrupts n/a 1.02 0 K Hardware Interrupts and DPCs 0 K
System 4 0.57 304 K 138,232 K
ipoint.exe 1120 0.40 23,244 K IPoint.exe Microsoft Corporation 140,296 K (Verified) Microsoft Corporation
explorer.exe 5888 0.23 111,932 K Windows Explorer Microsoft Corporation 909,860 K (Verified) Microsoft Windows
robotaskbaricon.exe 1000 0.19 46,772 K RoboForm TaskBar Icon Siber Systems 316,744 K (Verified) Siber Systems Inc
svchost.exe 1304 0.11 15,284 K Host Process for Windows Services Microsoft Corporation 143,348 K (Verified) Microsoft Windows
SearchIndexer.exe 3532 0.09 30,124 K Microsoft Windows Search Indexer Microsoft Corporation 218,872 K (Verified) Microsoft Windows
QBCFMonitorService.exe 2796 0.08 12,852 K QuickBooks Company File Monitoring Service Intuit 133,780 K (Unable to verify) Intuit
sttray64.exe 1176 0.06 16,916 K IDT PC Audio IDT, Inc. 104,740 K (Verified) Microsoft Windows Hardware Compatibility Publisher
IntuitSyncManager.exe 1672 0.05 42,896 K IntuitSyncManager Intuit Inc. All rights reserved. 269,852 K (Verified) Intuit
svchost.exe 916 0.02 53,404 K Host Process for Windows Services Microsoft Corporation 418,844 K (Verified) Microsoft Windows
svchost.exe 780 0.02 22,640 K Host Process for Windows Services Microsoft Corporation 122,256 K (Verified) Microsoft Windows
iPodService.exe 3180 0.02 6,972 K iPodService Module (64-bit) Apple Inc. 46,756 K (Verified) Apple Inc.
avgwdsvc.exe 2140 0.01 18,744 K AVG Watchdog Service AVG Technologies CZ, s.r.o. 125,716 K (Verified) AVG Technologies CZ
svchost.exe 900 0.01 10,088 K Host Process for Windows Services Microsoft Corporation 54,368 K (Verified) Microsoft Windows
AppleMobileDeviceService.exe 1352 0.01 9,324 K MobileDeviceService Apple Inc. 90,428 K (Verified) Apple Inc.
svchost.exe 1700 0.01 17,244 K Host Process for Windows Services Microsoft Corporation 72,768 K (Verified) Microsoft Windows
YCMMirage.exe 2556 0.01 1,036 K YouCam Mirage CyberLink 83,956 K (Verified) CyberLink
taskhost.exe 2016 < 0.01 15,224 K Host Process for Windows Tasks Microsoft Corporation 171,724 K (Verified) Microsoft Windows
csrss.exe 592 < 0.01 4,528 K Client Server Runtime Process Microsoft Corporation 48,128 K (Verified) Microsoft Windows
wmpnetwk.exe 5448 < 0.01 12,448 K Windows Media Player Network Sharing Service Microsoft Corporation 152,340 K (Verified) Microsoft Windows
HPMSGSVC.exe 3312 < 0.01 13,036 K HP Message Service Hewlett-Packard Development Company, L.P. 95,820 K (Verified) Hewlett-Packard Company
svchost.exe 2496 < 0.01 16,692 K Host Process for Windows Services Microsoft Corporation 100,228 K (Verified) Microsoft Windows
svchost.exe 1332 < 0.01 16,348 K Host Process for Windows Services Microsoft Corporation 139,104 K (Verified) Microsoft Windows
HPSA_Service.exe 5068 < 0.01 22,432 K HP Support Assistant Service Hewlett-Packard Company 534,048 K (Unable to verify) Hewlett-Packard Company
vcsFPService.exe 1248 < 0.01 8,348 K Validity Sensors Fingerprint Service Validity Sensors, Inc. 156,228 K (Verified) Validity Sensors
svchost.exe 612 < 0.01 182,584 K Host Process for Windows Services Microsoft Corporation 301,668 K (Verified) Microsoft Windows
iTunesHelper.exe 3284 < 0.01 12,260 K iTunesHelper Apple Inc. 119,848 K (Verified) Apple Inc.
avgui.exe 3148 < 0.01 12,464 K AVG User Interface AVG Technologies CZ, s.r.o. 154,744 K (Verified) AVG Technologies CZ
SynTPEnh.exe 1080 < 0.01 13,780 K Synaptics TouchPad Enhancements Synaptics Incorporated 96,744 K (Verified) Microsoft Windows Hardware Compatibility Publisher
WUDFHost.exe 4584 6,056 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation 42,692 K (Verified) Microsoft Windows
WmiPrvSE.exe 2676 17,020 K WMI Provider Host Microsoft Corporation 64,396 K (Verified) Microsoft Windows
WmiPrvSE.exe 5332 7,824 K WMI Provider Host Microsoft Corporation 38,136 K (Verified) Microsoft Windows
wlanext.exe 1464 5,240 K Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation 35,352 K (Verified) Microsoft Windows
winlogon.exe 744 7,612 K Windows Logon Application Microsoft Corporation 57,604 K (Verified) Microsoft Windows
wininit.exe 684 4,612 K Windows Start-Up Application Microsoft Corporation 48,664 K (Verified) Microsoft Windows
taskeng.exe 2444 7,088 K Task Scheduler Engine Microsoft Corporation 56,680 K (Verified) Microsoft Windows
SynTPHelper.exe 3384 5,624 K Synaptics Pointing Device Helper Synaptics Incorporated 51,820 K (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 988 9,760 K Host Process for Windows Services Microsoft Corporation 42,256 K (Verified) Microsoft Windows
svchost.exe 552 25,116 K Host Process for Windows Services Microsoft Corporation 128,400 K (Verified) Microsoft Windows
svchost.exe 4388 6,068 K Host Process for Windows Services Microsoft Corporation 35,224 K (Verified) Microsoft Windows
svchost.exe 2748 3,492 K Host Process for Windows Services Microsoft Corporation 25,608 K (Verified) Microsoft Windows
svchost.exe 5612 5,132 K Host Process for Windows Services Microsoft Corporation 30,540 K (Verified) Microsoft Windows
svchost.exe 3656 5,528 K Host Process for Windows Services Microsoft Corporation 33,180 K (Verified) Microsoft Windows
spoolsv.exe 1564 18,148 K Spooler SubSystem App Microsoft Corporation 107,572 K (Verified) Microsoft Windows
smss.exe 240 1,156 K Windows Session Manager Microsoft Corporation 4,024 K (Verified) Microsoft Windows
services.exe 792 9,804 K Services and Controller app Microsoft Corporation 42,968 K (Verified) Microsoft Windows
QBIDPService.exe 3164 11,852 K QBIDPService Intuit Inc. 146,560 K (Unable to verify) Intuit Inc.
procexp.exe 3208 7,456 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com 81,860 K (Verified) Microsoft Corporation
OSE.EXE 496 3,136 K Office Source Engine Microsoft Corporation 16,120 K (Verified) Microsoft Corporation
lsm.exe 808 4,516 K Local Session Manager Service Microsoft Corporation 22,852 K (Verified) Microsoft Windows
lsass.exe 800 16,720 K Local Security Authority Process Microsoft Corporation 59,428 K (Verified) Microsoft Windows
ioloServiceManager.exe 2604 29,572 K iolo System component iolo technologies, LLC 126,844 K (Verified) iolo technologies
HPWMISVC.exe 2544 4,912 K HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P. 66,112 K (Verified) Hewlett-Packard Company
HPWA_Service.exe 2716 33,596 K HPPA_Service Hewlett-Packard Company 561,236 K (Verified) Hewlett-Packard Company
hpqWmiEx.exe 5220 6,380 K HP Software Framework WMI Service Hewlett-Packard Company 56,888 K (Verified) Hewlett-Packard Company
dwm.exe 556 8,352 K Desktop Window Manager Microsoft Corporation 72,064 K (Verified) Microsoft Windows
DpHostW.exe 1608 22,636 K DigitalPersona Local Host DigitalPersona, Inc. 111,196 K (Verified) DigitalPersona
DPAgent.exe 1244 13,776 K DigitalPersona Local Agent DigitalPersona, Inc. 96,380 K (Verified) DigitalPersona
DpAgent.exe 2336 3,916 K DigitalPersona 64-bit Helper Process DigitalPersona, Inc. 47,024 K (Verified) DigitalPersona
dllhost.exe 4084 7,340 K COM Surrogate Microsoft Corporation 56,176 K (Verified) Microsoft Windows
CPExamSvc.exe 2252 15,012 K Certiport Desktop Exam Service Certiport, Inc. 490,236 K (Unable to verify) Certiport, Inc.
conhost.exe 1476 2,736 K Console Window Host Microsoft Corporation 25,688 K (Verified) Microsoft Windows
btwdins.exe 2172 5,812 K Bluetooth Support Server Broadcom Corporation. 57,076 K (Verified) Broadcom Corporation
armsvc.exe 1800 3,888 K Adobe Acrobat Update Service Adobe Systems Incorporated 42,520 K (Verified) Adobe Systems
acrotray.exe 3240 5,784 K AcroTray Adobe Systems Inc. 71,524 K (Verified) Adobe Systems

Speccy log:

Summary
Operating System
Windows 7 Home Premium 64-bit SP1
CPU
AMD Phenom II P860 44 °C
Caspian 45nm Technology
RAM
8.00GB Dual-Channel DDR3 @ 532MHz (7-8-8-20)
Motherboard
Hewlett-Packard 1641 (Socket S1G4) 43 °C
Graphics
Generic PnP Monitor (1600x900@60Hz)
ATI AMD M880G with ATI Mobility Radeon HD 4250 (HP)
ATI Mobility Radeon HD 6370 (HP) 41 °C
CrossFire Disabled
Storage
698GB TOSHIBA MK7559GSXP ATA Device (SATA) 40 °C
7GB SanDisk Cruzer USB Device (USB)
Optical Drives
hp DVDWBD TS-LB23L ATA Device
Audio
IDT High Definition Audio CODEC
Operating System
Windows 7 Home Premium 64-bit SP1
Computer type: Notebook
Installation Date: 2/12/2011 3:00:42 AM

Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Download Automatically and Install at Set Scheduled time
Schedule Frequency Every Day
Schedule Time 3:00 AM
Windows Defender
Windows Defender Disabled
Antivirus
Antivirus Disabled
Display Name AVG AntiVirus Free Edition 2014
Virus Signature Database Up to date
.NET Frameworks installed
v4.5 Full
v4.5 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 11.0.9600.16476
PowerShell
Version 2.0
Java
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre6\bin\java.exe
Version 6.0
Update 30
Build 12
Java Runtime Environment
Path C:\Program Files\Java\jre6\bin\java.exe
Version 6.0
Update 21
Build 07
Java Runtime Environment
Path C:\Program Files (x86)\Java\jre7\bin\java.exe
Version 7.0
Update 15
Build 03
Environment Variables
USERPROFILE C:\Users\BAMM
SystemRoot C:\Windows
User Variables
HuluDesktopPath %LOCALAPPDATA%\HuluDesktop\instances\0.9.13.1\HuluDesktop.exe
TEMP C:\Users\BAMM\AppData\Local\Temp
TMP C:\Users\BAMM\AppData\Local\Temp
Machine Variables
asl.log Destination=file
CLASSPATH .;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
ComSpec C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 3
OnlineServices Online Services
OPENSSL_CONF C:\OpenSSL-Win64\bin\openssl.cfg
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Windows\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\Windows Live\Shared
c:\Program Files (x86)\Common Files\Ulead Systems\MPEG
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files\Broadcom\Broadcom 802.11\Driver
C:\Program Files\WIDCOMM\Bluetooth Software
C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared
C:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared
C:\Program Files (x86)\jZip
C:\Program Files (x86)\QuickTime\QTSystem
C:\Program Files (x86)\Common Files\Intuit\QBPOSSDKRuntime
C:\Program Files (x86)\QuickTime\QTSystem\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND Pavilion
Platform MCD
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
PROCESSOR_LEVEL 16
PROCESSOR_REVISION 0503
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
QTJAVA C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
Battery
AC Line Online
Battery Charge % 100 %
Battery State High
Remaining Battery Time Unknown
Power Profile
Active power scheme HP Recommended
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 15 min
Turn Off Hard Disk after: (On Battery Power) 3 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 10 min
Screen saver Enabled
Uptime
Current Session
Current Time 1/10/2014 1:44:45 PM
Current Uptime 3,808 sec (0 d, 01 h, 03 m, 28 s)
Last Boot Time 1/10/2014 12:41:17 PM
Services
Running Adobe Acrobat Update Service
Running Apple Mobile Device
Running Application Experience
Running Authentication Service
Running AVG WatchDog
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bluetooth Service
Running Certiport Exam Service
Running CNG Key Isolation
Running COM+ Event System
Running Computer Browser
Running Credential Manager
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running Encrypting File System (EFS)
Running Extensible Authentication Protocol
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Group Policy Client
Running HomeGroup Listener
Running HomeGroup Provider
Running HP Software Framework Service
Running HP Support Assistant Service
Running HP Wireless Assistant Service
Running HPWMISVC
Running IKE and AuthIP IPsec Keying Modules
Running iolo System Service
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Office 64 Source Engine
Running Office Software Protection Platform
Running Peer Name Resolution Protocol
Running Peer Networking Grouping
Running Peer Networking Identity Manager
Running Plug and Play
Running Pml Driver HPZ12
Running Portable Device Enumerator Service
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running QBCFMonitorService
Running QBIDPService
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running Superfetch
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Themes
Running UPnP Device Host
Running User Profile Service
Running Validity VCS Fingerprint Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connect Now - Config Registrar
Running Windows Driver Foundation - User-mode Driver Framework
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Search
Running Windows Update
Running WLAN AutoConfig
Running WMI Performance Adapter
Running Workstation
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Flash Player Update Service
Stopped Adobe SwitchBoard
Stopped AMD External Events Utility
Stopped Andrea ST Filters Service
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped ASP.NET State Service
Stopped Audio Service
Stopped AVGIDSAgent
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Bonjour Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped CyberLink Product - 2011/01/19 01:07:03
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Fax
Stopped GameConsoleService
Stopped Google Software Updater
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped Health Key and Certificate Management
Stopped HP Client Services
Stopped HP Service
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Internet Explorer ETW Collector Service
Stopped Intuit QuickBooks FCS
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft .NET Framework NGEN v4.0.30319_X86
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Protexis Licensing V2
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Access Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped RoxioNow Service
Stopped Secure Socket Tunneling Protocol Service
Stopped Skype C2C Service
Stopped Skype Updater
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped SPP Notification Service
Stopped Tablet PC Input Service
Stopped Telephony
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Defender
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Live Family Safety Service
Stopped Windows Live ID Sign-in Assistant
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Modules Installer
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WWAN AutoConfig
TimeZone
TimeZone GMT -5:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format M/d/yyyy
Time Format h:mm:ss tt
Scheduler
1/10/2014 2:07 PM; GoogleUpdateTaskMachineUA
1/10/2014 2:29 PM; Adobe Flash Player Updater
1/11/2014 2:00 AM; AdobeAAMUpdater-1.0-BAMM-HP-BAMM
1/11/2014 12:07 PM; GoogleUpdateTaskMachineCore
2/10/2014 11:29 AM; HPCeeScheduleForBAMM
3/9/2014 9:26 AM; HPCeeScheduleForBAMM-HP$
Go to RoboForm Install page
Open URL by RoboForm
Run RoboForm TaskBar Icon
SidebarExecute
System Folders
Application Data C:\ProgramData
Cookies C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\BAMM\Desktop
Documents C:\Users\Public\Documents
Fonts C:\Windows\Fonts
Global Favorites C:\Users\BAMM\Favorites
Internet History C:\Users\BAMM\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\BAMM\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\BAMM\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\BAMM\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\BAMM\AppData\Local\Microsoft\Windows\Temporary Internet Files
User Favorites C:\Users\BAMM\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Process List
acrotray.exe
Process ID 3240
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
Memory Usage 5.65 MB
Peak Memory Usage 5.71 MB
AppleMobileDeviceService.exe
Process ID 1352
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 9.11 MB
Peak Memory Usage 9.11 MB
armsvc.exe
Process ID 1800
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 3.80 MB
Peak Memory Usage 3.85 MB
audiodg.exe
Process ID 2024
User LOCAL SERVICE
Domain NT AUTHORITY
Memory Usage 15 MB
Peak Memory Usage 16 MB
avgui.exe
Process ID 3148
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\AVG\AVG2014\avgui.exe
Memory Usage 12 MB
Peak Memory Usage 21 MB
avgwdsvc.exe
Process ID 2140
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
btwdins.exe
Process ID 2172
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
Memory Usage 5.68 MB
Peak Memory Usage 6.23 MB
conhost.exe
Process ID 1476
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\conhost.exe
Memory Usage 2.67 MB
Peak Memory Usage 2.67 MB
CPExamSvc.exe
Process ID 2252
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
csrss.exe
Process ID 592
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 4.46 MB
Peak Memory Usage 4.46 MB
csrss.exe
Process ID 700
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 13 MB
Peak Memory Usage 16 MB
dllhost.exe
Process ID 2820
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\DllHost.exe
Memory Usage 8.22 MB
Peak Memory Usage 8.22 MB
dllhost.exe
Process ID 6040
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\DllHost.exe
Memory Usage 7.28 MB
Peak Memory Usage 7.83 MB
dllhost.exe
Process ID 4084
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\DllHost.exe
Memory Usage 7.17 MB
Peak Memory Usage 7.31 MB
DPAgent.exe
Process ID 1244
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
Memory Usage 14 MB
Peak Memory Usage 17 MB
DpAgent.exe
Process ID 2336
User BAMM
Domain BAMM-HP
Path C:\Program Files\DigitalPersona\Bin\DPAgent.exe
Memory Usage 3.82 MB
Peak Memory Usage 3.82 MB
DpHostW.exe
Process ID 1608
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\DigitalPersona\Bin\DpHostW.exe
Memory Usage 22 MB
Peak Memory Usage 23 MB
dwm.exe
Process ID 556
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\Dwm.exe
Memory Usage 8.16 MB
Peak Memory Usage 18 MB
explorer.exe
Process ID 2364
User BAMM
Domain BAMM-HP
Path C:\Windows\explorer.exe
Memory Usage 82 MB
Peak Memory Usage 82 MB
HPMSGSVC.exe
Process ID 3312
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
hpqWmiEx.exe
Process ID 5220
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
Memory Usage 6.20 MB
Peak Memory Usage 6.33 MB
HPSA_Service.exe
Process ID 5068
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Memory Usage 22 MB
Peak Memory Usage 22 MB
HPWA_Service.exe
Process ID 2716
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
Memory Usage 32 MB
Peak Memory Usage 38 MB
HPWMISVC.exe
Process ID 2544
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
Memory Usage 4.80 MB
Peak Memory Usage 4.88 MB
iexplore.exe
Process ID 2508
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Memory Usage 73 MB
Peak Memory Usage 77 MB
iexplore.exe
Process ID 3300
User BAMM
Domain BAMM-HP
Path C:\Program Files\Internet Explorer\iexplore.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
IntuitSyncManager.exe
Process ID 1672
User BAMM
Domain BAMM-HP
Path C:\Users\BAMM\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
Memory Usage 42 MB
Peak Memory Usage 42 MB
ioloServiceManager.exe
Process ID 2604
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
Memory Usage 29 MB
Peak Memory Usage 34 MB
iPodService.exe
Process ID 3180
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 6.81 MB
Peak Memory Usage 6.82 MB
ipoint.exe
Process ID 1120
User BAMM
Domain BAMM-HP
Path C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Memory Usage 23 MB
Peak Memory Usage 23 MB
iTunesHelper.exe
Process ID 3284
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\iTunes\iTunesHelper.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
lsass.exe
Process ID 800
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
lsm.exe
Process ID 808
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 4.45 MB
Peak Memory Usage 4.46 MB
OSE.EXE
Process ID 496
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
Memory Usage 3.06 MB
Peak Memory Usage 3.09 MB
OSPPSVC.EXE
Process ID 2244
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
Memory Usage 11 MB
Peak Memory Usage 11 MB
PrintIsolationHost.exe
Process ID 3852
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\PrintIsolationHost.exe
Memory Usage 5.41 MB
Peak Memory Usage 5.41 MB
QBCFMonitorService.exe
Process ID 2796
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
QBIDPService.exe
Process ID 3164
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
robotaskbaricon.exe
Process ID 1000
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
Memory Usage 46 MB
Peak Memory Usage 46 MB
SearchFilterHost.exe
Process ID 1172
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 8.25 MB
Peak Memory Usage 8.30 MB
SearchIndexer.exe
Process ID 3532
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 31 MB
Peak Memory Usage 32 MB
SearchProtocolHost.exe
Process ID 2652
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
SearchProtocolHost.exe
Process ID 4060
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 7.43 MB
Peak Memory Usage 7.43 MB
services.exe
Process ID 792
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 9.66 MB
Peak Memory Usage 11 MB
smss.exe
Process ID 240
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 1.13 MB
Peak Memory Usage 1.16 MB
Speccy64.exe
Process ID 2068
User BAMM
Domain BAMM-HP
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 30 MB
Peak Memory Usage 30 MB
spoolsv.exe
Process ID 1564
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 18 MB
Peak Memory Usage 19 MB
sttray64.exe
Process ID 1176
User BAMM
Domain BAMM-HP
Path C:\Program Files\IDT\WDM\sttray64.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 612
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 171 MB
Peak Memory Usage 187 MB
svchost.exe
Process ID 780
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 23 MB
Peak Memory Usage 23 MB
svchost.exe
Process ID 916
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 54 MB
Peak Memory Usage 688 MB
svchost.exe
Process ID 3656
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.40 MB
Peak Memory Usage 5.45 MB
svchost.exe
Process ID 2748
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.41 MB
Peak Memory Usage 3.43 MB
svchost.exe
Process ID 4388
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.90 MB
Peak Memory Usage 6.25 MB
svchost.exe
Process ID 1304
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 2496
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 1700
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 69 MB
svchost.exe
Process ID 900
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 988
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 10.00 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 552
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 25 MB
Peak Memory Usage 25 MB
svchost.exe
Process ID 1332
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 17 MB
SynTPEnh.exe
Process ID 1080
User BAMM
Domain BAMM-HP
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
SynTPHelper.exe
Process ID 3384
User BAMM
Domain BAMM-HP
Path C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
Memory Usage 5.49 MB
Peak Memory Usage 5.50 MB
System
Process ID 4
Memory Usage 304 KB
Peak Memory Usage 132 MB
System Idle Process
Process ID 0
taskeng.exe
Process ID 2444
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\taskeng.exe
Memory Usage 6.92 MB
Peak Memory Usage 7.00 MB
taskhost.exe
Process ID 2016
User BAMM
Domain BAMM-HP
Path C:\Windows\system32\taskhost.exe
Memory Usage 39 MB
Peak Memory Usage 43 MB
vcsFPService.exe
Process ID 1248
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\vcsFPService.exe
Memory Usage 8.15 MB
Peak Memory Usage 9.99 MB
wininit.exe
Process ID 684
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 4.50 MB
Peak Memory Usage 4.58 MB
winlogon.exe
Process ID 744
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 7.42 MB
Peak Memory Usage 8.35 MB
wlanext.exe
Process ID 1464
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\WLANExt.exe
Memory Usage 5.11 MB
Peak Memory Usage 5.13 MB
WmiApSrv.exe
Process ID 2892
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\WmiApSrv.exe
Memory Usage 5.89 MB
Peak Memory Usage 5.89 MB
WmiPrvSE.exe
Process ID 2676
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 23 MB
Peak Memory Usage 24 MB
WmiPrvSE.exe
Process ID 5332
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 21 MB
Peak Memory Usage 22 MB
wmpnetwk.exe
Process ID 5448
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 7.06 MB
Peak Memory Usage 29 MB
WUDFHost.exe
Process ID 4584
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 5.91 MB
Peak Memory Usage 5.91 MB
YCMMirage.exe
Process ID 2556
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
Memory Usage 1.08 MB
Peak Memory Usage 6.66 MB
ZipCloud.exe
Process ID 2376
User BAMM
Domain BAMM-HP
Path C:\Program Files (x86)\ZipCloud\ZipCloud.exe
Memory Usage 64 MB
Peak Memory Usage 65 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Disabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fixed Feature Button
ACPI Lid
ACPI Power Button
ACPI Thermal Zone
AMD Phenom II P860 Triple-Core Processor
AMD Phenom II P860 Triple-Core Processor
AMD Phenom II P860 Triple-Core Processor
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Microsoft Windows Management Interface for ACPI
AMD PCI Express (3GIO) Filter Driver
ATI I/O Communications Processor PCI Bus Controller
ATI I/O Communications Processor SMBus Controller
High precision event timer
HP Mobile Data Protection Sensor
Motherboard resources
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard PCI-to-PCI bridge
AMD M880G with ATI Mobility Radeon HD 4250
PCI standard PCI-to-PCI bridge
ATI Mobility Radeon HD 6370
Generic PnP Monitor
High Definition Audio Controller
ATI High Definition Audio Device
PCI standard PCI-to-PCI bridge
Broadcom 4313 802.11b/g/n
Microsoft Virtual WiFi Miniport Adapter
PCI standard PCI-to-PCI bridge
Realtek PCIe GBE Family Controller
Standard AHCI 1.0 Serial ATA Controller
ATA Channel 3
ATA Channel 0
TOSHIBA MK7559GSXP ATA Device
ATA Channel 1
hp DVDWBD TS-LB23L ATA Device
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Composite Device
HP Webcam
Standard OpenHCD USB Host Controller
USB Root Hub
USB Composite Device
USB Input Device
HID-compliant mouse
USB Input Device
HID-compliant device
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Mass Storage Device
SanDisk Cruzer USB Device
High Definition Audio Controller
IDT High Definition Audio CODEC
PCI standard ISA bridge
Direct memory access controller
Microsoft ACPI-Compliant Embedded Controller
Motherboard resources
Numeric data processor
Programmable interrupt controller
Standard PS/2 Keyboard
Synaptics PS/2 Port TouchPad
System board
System CMOS/real time clock
System speaker
System timer
Standard OpenHCD USB Host Controller
USB Root Hub
Validity Sensor
Standard OpenHCD USB Host Controller
USB Root Hub
Broadcom 2070 Bluetooth
Standard Enhanced PCI to USB Host Controller
USB Root Hub
CPU
AMD Phenom II P860
Cores 3
Threads 3
Name AMD Phenom II P860
Code Name Caspian
Package Socket S1 (638)
Technology 45nm
Specification AMD Phenom II P860 Triple-Core Processor
Family F
Extended Family 10
Model 5
Extended Model 5
Stepping 3
Revision BL-C3
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64, NX, VMX
Virtualization Supported, Enabled
Hyperthreading Not supported
Bus Speed 199.5 MHz
Rated Bus Speed 1795.5 MHz
Stock Core Speed 2000 MHz
Stock Bus Speed 200 MHz
Average Temperature 44 °C
Caches
L1 Data Cache Size 3 x 64 KBytes
L1 Instructions Cache Size 3 x 64 KBytes
L2 Unified Cache Size 3 x 512 KBytes
Core 0
Core Speed 798.0 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 1795.5 MHz
Temperature 44 °C
Thread 1
APIC ID 0
Core 1
Core Speed 798.0 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 1795.5 MHz
Temperature 44 °C
Thread 1
APIC ID 1
Core 2
Core Speed 798.0 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 1795.5 MHz
Temperature 44 °C
Thread 1
APIC ID 2
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 8192 MBytes
Channels # Dual
DRAM Frequency 532.0 MHz
CAS# Latency (CL) 7 clocks
RAS# to CAS# Delay (tRCD) 8 clocks
RAS# Precharge (tRP) 8 clocks
Cycle Time (tRAS) 20 clocks
Bank Cycle Time (tRC) 27 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 27 %
Total Physical 7.75 GB
Available Physical 5.64 GB
Total Virtual 15 GB
Available Virtual 13 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Unknown
Max Bandwidth PC3-10700 (667 MHz)
Serial Number FFFFFFFF
Week/year 06 / 12
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 38
Voltage 1.280 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 25
tRC 34
Voltage 1.280 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 22
tRC 31
Voltage 1.280 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 20
tRC 27
Voltage 1.280 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 17
tRC 23
Voltage 1.280 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 14
tRC 19
Voltage 1.280 V
Slot #2
Type DDR3
Size 4096 MBytes
Manufacturer Unknown
Max Bandwidth PC3-10700 (667 MHz)
Serial Number FFFFFFFF
Week/year 06 / 12
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 38
Voltage 1.280 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 25
tRC 34
Voltage 1.280 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 22
tRC 31
Voltage 1.280 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 20
tRC 27
Voltage 1.280 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 17
tRC 23
Voltage 1.280 V
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 14
tRC 19
Voltage 1.280 V
Motherboard
Manufacturer Hewlett-Packard
Model 1641 (Socket S1G4)
Version 0583120000242B20000620100
Chipset Vendor AMD
Chipset Model 785GX
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model SB800
Southbridge Revision 40
System Temperature 43 °C
BIOS
Brand Hewlett-Packard
Version F.29
Date 2/25/2013
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Data lanes x16
Slot Designation PCI Express Slot 1
Characteristics 3.3V, PME
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Data lanes x1
Slot Designation PCI Express Slot 2
Characteristics 5V, 3.3V
Slot Number 1
Slot PCI
Slot Type PCI
Slot Usage Available
Data lanes x1
Slot Designation PCI Express Slot 3
Characteristics 5V, 3.3V, PME
Slot Number 2
Graphics
Monitor
Name Generic PnP Monitor on ATI Mobility Radeon HD 6370
Current Resolution 1600x900 pixels
Work Resolution 1600x860 pixels
State Enabled, Primary
Monitor Width 1600
Monitor Height 900
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY3\Monitor0
ATI AMD M880G with ATI Mobility Radeon HD 4250
Manufacturer ATI
Model AMD M880G with ATI Mobility Radeon HD 4250
GPU RS880M
Device ID 1002-9712
Subvendor HP (103C)
Current Performance Level Level 0
Voltage 0.900 V
Die Size 73 mm²
Release Date Sep 10, 2009
DirectX Support 10.1
DirectX Shader Model 4.1
OpenGL Support 3.3
GPU Clock 500.0 MHz
Crossfire Disabled
Bios Core Clock 500.00
Bios Mem Clock 533.00
Driver version 8.770.2.2000
ROPs 4
Shaders 40 unified
Pixel Fillrate 2.0 GPixels/s
Count of performance levels : 1
Level 1
ATI Mobility Radeon HD 6370
Manufacturer ATI
Model Mobility Radeon HD 6370
GPU Park
Device ID 1002-68E4
Subvendor HP (103C)
Current Performance Level Level 0
Voltage 0.900 V
Die Size 59 mm²
Release Date Nov 26, 2010
DirectX Support 11.0
DirectX Shader Model 5.0
OpenGL Support 4.1
GPU Clock 750.0 MHz
Temperature 41 °C
Core Voltage 0.900 V
Crossfire Disabled
Bios Core Clock 500.00
Bios Mem Clock 533.00
Driver version 8.770.2.2000
BIOS Version BR38059.016
ROPs 4
Shaders 80 unified
Pixel Fillrate 3.0 GPixels/s
Texture Fillrate 6.0 GTexels/s
Count of performance levels : 3
Level 1
GPU Clock 405 MHz
Memory Clock 800 MHz
Level 2
GPU Clock 405 MHz
Memory Clock 800 MHz
Level 3
GPU Clock 750 MHz
Memory Clock 800 MHz
Storage
Hard drives
TOSHIBA MK7559GSXP ATA Device
Manufacturer TOSHIBA
Heads 16
Cylinders 91,201
Tracks 23,256,255
Sectors 1,465,144,065
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number Y0MCP01QT
LBA Size 48-bit LBA
Power On Count 4272 times
Power On Time 230.5 days
Speed 5400 RPM
Features S.M.A.R.T., APM, NCQ
Transfer Mode SATA II
Interface SATA
Capacity 698 GB
Real size 750,156,374,016 bytes
RAID Type None
S.M.A.R.T
Status Warning
Temperature 40 °C
Temperature Range OK (less than 50 °C)
01 Read Error Rate 100 (100) Data 0000000000
02 Throughput Performance 100 (100) Data 0000000000
03 Spin-Up Time 100 (100) Data 0000000837
04 Start/Stop Count 100 (100) Data 00000010C8
05 Reallocated Sectors Count 100 (100) Data 0000000010
07 Seek Error Rate 100 (100) Data 0000000000
08 Seek Time Performance 100 (100) Data 0000000000
09 Power-On Hours (POH) 087 (087) Data 000000159B
0A Spin Retry Count 185 (100) Data 0000000000
0C Device Power Cycle Count 100 (100) Data 00000010B0
B7 SATA Downshift Error Count 100 (100) Data 0000000000
B8 End-to-End error / IOEDC 100 (100) Data 0000000000
B9 Head Stability 100 (100) Data 000000FFFF
BB Reported Uncorrectable Errors 001 (001) Data 000000FFFF
BC Command Timeout 100 (099) Data 000000001C
BD High Fly Writes (WDC) 100 (100) Data 0000000000
BE Temperature Difference from 100 060 (038) Data 002A150028
BF G-sense error rate 100 (100) Data 0000000471
C0 Power-off Retract Count 100 (100) Data 0000470047
C1 Load/Unload Cycle Count 096 (096) Data 000000A17D
C4 Reallocation Event Count 100 (100) Data 0000000002
C5 Current Pending Sector Count 100 (100) Data 0000000010
C7 UltraDMA CRC Error Count 200 (200) Data 0000000000
Partition 0
Partition ID Disk #0, Partition #0
Size 199 MB
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 8AFE366F
Size 674 GB
Used Space 162 GB (25%)
Free Space 511 GB (75%)
Partition 2
Partition ID Disk #0, Partition #2
Disk Letter D:
File System NTFS
Volume Serial Number 62210EEB
Size 24.3 GB
Used Space 20.7 GB (86%)
Free Space 3.54 GB (14%)
Partition 3
Partition ID Disk #0, Partition #3
Disk Letter F:
File System FAT32
Volume Serial Number FAB72694
Size 98 MB
Used Space 9.94 MB (11%)
Free Space 88 MB (89%)
Flash drives
SanDisk Cruzer USB Device
Manufacturer SanDisk
Interface USB
Capacity 7.45 GB
Real size 8,004,304,896 bytes
RAID Type None
S.M.A.R.T
S.M.A.R.T not supported
Partition 0
Partition ID Disk #1, Partition #0
Disk Letter G:
File System FAT32
Volume Serial Number B89938C8
Size 7.44 GB
Used Space 520 MB (7%)
Free Space 6.93 GB (93%)
Optical Drives
hp DVDWBD TS-LB23L ATA Device
Media Type BD Reader
Name hp DVDWBD TS-LB23L ATA Device
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL, BD-R, BD-ROM, BD-RE
Write capabilities CD-R, CD-RW, DVD-RAM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 1
SCSI Target Id 0
Status OK
Audio
Sound Cards
ATI High Definition Audio Device
IDT High Definition Audio CODEC
Playback Devices
Speakers and Headphones (IDT High Definition Audio CODEC) (default)
Independent Headphones (IDT High Definition Audio CODEC)
Recording Devices
External Mic (IDT High Definition Audio CODEC)
Integrated Microphone Array (IDT High Definition Audio CODEC)
Stereo Mix (IDT High Definition Audio CODEC) (default)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\mouhid.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Synaptics PS/2 Port TouchPad
Device Kind Mouse
Device Name Synaptics PS/2 Port TouchPad
Vendor Synaptics
Location plugged into PS/2 mouse port
Driver
Date 10-13-2011
Version 15.3.29.0
File C:\Windows\system32\DRIVERS\SynTP.sys
File C:\Windows\system32\SynTPAPI.dll
File C:\Windows\system32\SynCOM.dll
File C:\Windows\system32\SynCtrl.dll
File C:\Windows\system32\syndata.bin
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
File C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\StaticImg.html
File C:\Program Files\Synaptics\SynTP\StaticImg.png
File C:\Program Files\Synaptics\SynTP\SynSysDetect.js
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FFlickVNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSmartSenseNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDownNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRightNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentum.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrained.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynTapping.wmv
File C:\Program Files\Synaptics\SynTP\SynButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDragging.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeed.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressure.wmv
File C:\Program Files\Synaptics\SynTP\SynNoButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZones.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerRightClickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickLRNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPressNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynButtonsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGestureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDraggingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoomNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivityNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheckNB.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrainedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTappingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.html
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.html
File C:\Program Files\Synaptics\SynTP\SynMomentum.html
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.html
File C:\Program Files\Synaptics\SynTP\SynRotating.html
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.html
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.html
File C:\Program Files\Synaptics\SynTP\SynAccessibility.html
File C:\Program Files\Synaptics\SynTP\SynSmartSense.html
File C:\Program Files\Synaptics\SynTP\SynButtons.html
File C:\Program Files\Synaptics\SynTP\SynClicking.html
File C:\Program Files\Synaptics\SynTP\SynMultiFingerGestures.html
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.html
File C:\Program Files\Synaptics\SynTP\SynPointing.html
File C:\Program Files\Synaptics\SynTP\SynScrolling.html
File C:\Program Files\Synaptics\SynTP\SynSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynTapping.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynScrollingVertical.html
File C:\Program Files\Synaptics\SynTP\SynScrollingHorizontal.html
File C:\Program Files\Synaptics\SynTP\SynScrollingChiral.html
File C:\Program Files\Synaptics\SynTP\SynLinearVScroll.mpg
File C:\Program Files\Synaptics\SynTP\Ckp2FingerScrolling.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerDown.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\CkpChiralMotion.mpg
File C:\Program Files\Synaptics\SynTP\CkpClickDrag.mpg
File C:\Program Files\Synaptics\SynTP\CkpLinearScroll.mpg
File C:\Program Files\Synaptics\SynTP\CkpLRClick.mpg
File C:\Program Files\Synaptics\SynTP\CkpMomentum.mpg
File C:\Program Files\Synaptics\SynTP\CkpPinch.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate2.mpg
File C:\Program Files\Synaptics\SynTP\CkpTouchpadDisable.mpg
File C:\Windows\SysWOW64\SynCOM.dll
File C:\Windows\SysWOW64\SynCtrl.dll
File C:\Windows\SysWOW64\SynTPCOM.dll
File C:\Windows\SysWOW64\SynTPEnhPS.dll
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
File C:\Windows\system32\SynTPCo9.dll
File C:\Windows\system32\WdfCoInstaller01009.dll
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Realtek Semiconductor Corp
Comment HP Webcam
Location USB Composite Device
Driver
Date 6-21-2006
Version 6.1.7601.18208
File C:\Windows\system32\drivers\usbvideo.sys
Cruzer
Device Kind Portable Device
Device Name Cruzer
Vendor SANDISK
Comment G:\
Location UMBus Enumerator
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\WUDFRd.sys
Printers
\\BATMA\Lexmark Universal (Default Printer)
Share Name Batma_232
Printer Port LPT1:
Print Processor LMUD064C
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status Unknown
Driver
Driver Name Lexmark Universal (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
ABS PDF Driver v400
Printer Port NUL:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Amyuni Document Converter 400 (v0.64)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\acpdf400.dll
Adobe PDF
Printer Port Documents\*.pdf
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 1200 * 1200 dpi Color
Status Unknown
Driver
Driver Name Adobe PDF Converter (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
Canon Inkjet iP1600
Share Name Canon Inkjet iP1600
Printer Port USB001
Print Processor BJ Print Processor3
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Canon Inkjet iP1600 (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Canon Inkjet MP470 series
Share Name Canon Inkjet MP470 series
Printer Port USB002
Print Processor BJ Print Processor4
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Canon Inkjet MP470 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
HP LaserJet 2430 PCL 5
Printer Port DOT4_001
Print Processor hpzpplhn
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet 2430 PCL 5 (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
HP LaserJet 2430 PCL 5 (Copy 1)
Printer Port DOT4_002
Print Processor hpzpplhn
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet 2430 PCL 5 (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
HP LaserJet P1006
Share Name HP LaserJet P1006
Printer Port USB003
Print Processor HP1006PrintProc
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet P1006 (v0.03)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\HP1006SD.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
PrimoPDF
Printer Port PrimoPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name PrimoPDF (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\pscript5.dll
QuickBooks PDF Converter
Printer Port NUL:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 300 dpi Color
Status Unknown
Driver
Driver Name Amyuni Document Converter 300 (v0.64)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\acpdf300.dll
Send To OneNote 2013
Printer Port NUL:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send to Microsoft OneNote 15 Driver (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Network
You are connected to the internet
Connected through Broadcom 4313 802.11b/g/n
IP Address 192.168.1.112
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
Preferred DNS server 208.38.252.3
Alternate DNS server 184.170.172.131
DHCP Enabled
DHCP server 192.168.1.1
External IP Address 162.221.216.122
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 Bps
Computer Name
NetBIOS Name BAMM-HP
DNS Name BAMM-HP
Membership Part of workgroup
Workgroup MSHOME
Remote Desktop
Disabled
Console
State Active
Domain BAMM-HP
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 2
Wi-Fi (RBA)
SSID RBA
Name RBA
Signal Strength/Quality 100
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network WEP cipher algorithm with a cipher key of any length
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (Frontier2490)
SSID Frontier2490
Name Frontier2490
Signal Strength/Quality 16
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Enabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Microsoft Virtual WiFi Miniport Adapter
Connection Name Wireless Network Connection 2
DHCP enabled Yes
MAC Address E0-2A-82-A2-1D-0E
Broadcom 4313 802.11b/g/n
Connection-specific DNS Suffix wbshinaa.metronetinc.net
Connection Name Wireless Network Connection
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address E0-2A-82-A2-1D-0E
IP Address 192.168.1.112
Subnet mask 255.255.255.0
Gateway server 192.168.1.1
DHCP 192.168.1.1
DNS Server 208.38.252.3
184.170.172.131
Realtek PCIe GBE Family Controller
Connection-specific DNS Suffix msdwc.k12.in.us
Connection Name Local Area Connection
DHCP enabled Yes
MAC Address 98-4B-E1-B0-13-6B
Network Shares
Users C:\Users
HP LaserJet P1006 HP LaserJet P1006,LocalsplOnly
Canon Inkjet MP470 series Canon Inkjet MP470 series,LocalsplOnly
Canon Inkjet iP1600 Canon Inkjet iP1600,LocalsplOnly
Current TCP Connections
AppleMobileDeviceService.exe (1352)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:49162 (Querying... )
C:\Program Files (x86)\iTunes\iTunesHelper.exe (3284)
Local 127.0.0.1:49162 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
C:\Program Files (x86)\ZipCloud\ZipCloud.exe (2376)
Local 192.168.1.112:50042 ESTABLISHED Remote 54.241.191.236:80 (Querying... ) (HTTP)
lsass.exe (800)
Local 0.0.0.0:49155 LISTEN
QBCFMonitorService.exe (2796)
Local 0.0.0.0:8019 LISTEN
services.exe (792)
Local 0.0.0.0:49169 LISTEN
spoolsv.exe (1564)
Local 0.0.0.0:49156 LISTEN
svchost.exe (552)
Local 0.0.0.0:49153 LISTEN
svchost.exe (916)
Local 0.0.0.0:49154 LISTEN
Local 192.168.1.112:50043 CLOSING Remote 192.168.1.1:2869 (Querying... )
Local 192.168.1.112:50045 CLOSING Remote 192.168.1.1:2869 (Querying... )
svchost.exe (988)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 192.168.1.112:49896 TIME-WAIT Remote 74.125.225.58:80 (Querying... ) (HTTP)
Local 192.168.1.112:49898 TIME-WAIT Remote 74.125.225.45:80 (Querying... ) (HTTP)
Local 192.168.1.112:49899 TIME-WAIT Remote 74.125.225.45:80 (Querying... ) (HTTP)
Local 192.168.1.112:49900 TIME-WAIT Remote 74.125.225.45:80 (Querying... ) (HTTP)
Local 192.168.1.112:49901 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49902 TIME-WAIT Remote 74.125.225.47:80 (Querying... ) (HTTP)
Local 192.168.1.112:49906 TIME-WAIT Remote 74.125.225.43:80 (Querying... ) (HTTP)
Local 192.168.1.112:49880 TIME-WAIT Remote 74.125.142.121:80 (Querying... ) (HTTP)
Local 192.168.1.112:49925 TIME-WAIT Remote 74.125.225.47:80 (Querying... ) (HTTP)
Local 192.168.1.112:49926 TIME-WAIT Remote 74.125.225.47:80 (Querying... ) (HTTP)
Local 192.168.1.112:49931 TIME-WAIT Remote 23.204.175.139:80 (Querying... ) (HTTP)
Local 192.168.1.112:49932 TIME-WAIT Remote 74.125.225.38:443 (Querying... ) (HTTPS)
Local 192.168.1.112:49933 TIME-WAIT Remote 74.125.225.38:443 (Querying... ) (HTTPS)
Local 192.168.1.112:49947 TIME-WAIT Remote 74.125.225.44:443 (Querying... ) (HTTPS)
Local 192.168.1.112:49973 TIME-WAIT Remote 54.241.191.233:80 (Querying... ) (HTTP)
Local 192.168.1.112:49974 TIME-WAIT Remote 74.125.225.47:80 (Querying... ) (HTTP)
Local 192.168.1.112:50004 TIME-WAIT Remote 54.241.191.233:80 (Querying... ) (HTTP)
Local 192.168.1.112:49857 TIME-WAIT Remote 74.125.142.121:80 (Querying... ) (HTTP)
Local 192.168.1.112:49858 TIME-WAIT Remote 74.125.225.42:80 (Querying... ) (HTTP)
Local 192.168.1.112:49860 TIME-WAIT Remote 74.125.142.155:80 (Querying... ) (HTTP)
Local 192.168.1.112:49862 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49865 TIME-WAIT Remote 23.62.111.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49866 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49871 TIME-WAIT Remote 74.125.225.58:80 (Querying... ) (HTTP)
Local 192.168.1.112:49873 TIME-WAIT Remote 74.125.142.141:80 (Querying... ) (HTTP)
Local 192.168.1.112:49875 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49876 TIME-WAIT Remote 74.125.225.43:80 (Querying... ) (HTTP)
Local 192.168.1.112:49877 TIME-WAIT Remote 74.125.225.43:80 (Querying... ) (HTTP)
Local 192.168.1.112:49936 TIME-WAIT Remote 74.125.142.84:443 (Querying... ) (HTTPS)
Local 192.168.1.112:49881 TIME-WAIT Remote 74.125.225.42:80 (Querying... ) (HTTP)
Local 192.168.1.112:49886 TIME-WAIT Remote 74.125.142.155:80 (Querying... ) (HTTP)
Local 192.168.1.112:49887 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49890 TIME-WAIT Remote 74.125.225.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49893 TIME-WAIT Remote 23.62.111.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49894 TIME-WAIT Remote 23.62.111.57:80 (Querying... ) (HTTP)
Local 192.168.1.112:49895 TIME-WAIT Remote 74.125.142.141:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:2869 LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:10243 LISTEN
Local 192.168.1.112:139 (NetBIOS session service) LISTEN
wininit.exe (684)
Local 0.0.0.0:49152 LISTEN
wmpnetwk.exe (5448)
Local 0.0.0.0:554 LISTEN
Generated with Speccy v1.24.632

Hope this help..

#4
RKinner

Posted 10 January 2014 - 01:43 PM

Malware Expert

Expert
24,625 posts

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that then REBOOT! Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

Download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . Close Chrome/Firefox. Hit Optimize. You can run it any time that Chrome/Firefox seems slow.

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 6.0 Update 30
Java 6.0 Update 21
Java 7.0 Update 15

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it. Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.

(If you also want the 64 bit version then use the 64 bit version of IE to get it.)

I'm seeing so relocated sectors on the hard drive so let's run a drive check:

1. Double-click My Computer, and then right-click the hard disk that you want to check. C:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You will receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check, but don't restart yet.

Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot. The disk check will run and will probably take an hour or more to finish.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc /scannow

(SPACE after sfc. This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply. Close nOtepad. Close the Command Window.

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

How is it running now?

#5
Rabell

Posted 12 January 2014 - 08:02 AM

Member

Topic Starter
Member
29 posts

Here is the log from the latest:

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-01-2014 03
Ran by BAMM at 2014-01-11 09:48:24 Run:1
Running from C:\Users\BAMM\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {a23fe1f4-76d6-11e1-8225-005056c00008} - G:\WIN\setup.exe
Startup: C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZipCloud.lnk
ShortcutTarget: ZipCloud.lnk -> C:\Program Files (x86)\ZipCloud\ZipCloud.exe (ZipCloud.com)
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll File Not found ()
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1072664 2013-05-29] (iolo technologies, LLC)
S1 FileDisk; No ImagePath
S3 PCTINDIS5X64; \??\C:\Windows\system32\PCTINDIS5X64.SYS [x]
S3 swmsflt; system32\DRIVERS\swmsflt.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]
C:\Users\Administrator\AppData\Local\Temp\ShutdownMe.exe
C:\Users\BAMM\AppData\Local\Temp\Quarantine.exe
cmd: netsh winsock reset
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a23fe1f4-76d6-11e1-8225-005056c00008} => Key deleted successfully.
HKCR\CLSID\{a23fe1f4-76d6-11e1-8225-005056c00008} => Key not found.
C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZipCloud.lnk => Moved successfully.
C:\Program Files (x86)\ZipCloud\ZipCloud.exe => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
HKCR\PROTOCOLS\Handler\belarc => Key deleted successfully.
HKCR\CLSID\{6318E0AB-2E93-11D1-B8ED-00608CC9A71F} => Key not found.
HKCR\PROTOCOLS\Handler\intu-help-qb6 => Key deleted successfully.
HKCR\CLSID\{6898B29B-BF49-43cb-A0B1-D0B9496AF491} => Key not found.
HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
HKCR\PROTOCOLS\Handler\qbwc => Key deleted successfully.
HKCR\CLSID\{FC598A64-626C-4447-85B8-53150405FD57} => Key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key not found.
HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key not found.
Winsock: Catalog entry 000000000012 => Deleted successfully.
Winsock: Catalog entry 000000000013 => Deleted successfully.
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} not found.
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} not found.
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} not found.
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} not found.
ioloSystemService => Service deleted successfully.
FileDisk => Service deleted successfully.
PCTINDIS5X64 => Service deleted successfully.
swmsflt => Service deleted successfully.
VMnetAdapter => Service deleted successfully.
C:\Users\Administrator\AppData\Local\Temp\ShutdownMe.exe => Moved successfully.
"C:\Users\BAMM\AppData\Local\Temp\Quarantine.exe" => File/Directory not found.

========= netsh winsock reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 10107

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

The system needs a manual reboot.

==== End of Fixlog ====

FRST.TXT:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 03
Ran by BAMM (administrator) on BAMM-HP on 11-01-2014 10:14:58
Running from C:\Users\BAMM\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Certiport, Inc.) C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intuit Inc. All rights reserved.) C:\Users\BAMM\AppData\Local\Intuit\SyncManager\Current\IntuitSyncManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-09-14] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe [825560 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [2778424 2013-03-14] (Intuit Inc. All rights reserved.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKCU\...\Run: [83713E6C43CE78DFE0F544CB3543BD09D6E0F74B._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584 2014-01-06] (Google Inc.)
HKCU\...\Run: [RoboForm] - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [109784 2013-11-09] (Siber Systems)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-11-24] (Google Inc.)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\BAMM\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=d180da1a5fd047d6babb3163c476837c-b76fbd914a7e8829e7939fb2dc6457643400cf30 /CMPID=1213b
MountPoints2: {1f11776c-e894-11e0-b11b-ba7a057de85d} - F:\LaunchU3.exe -a
MountPoints2: {3dabed71-6705-11e1-aaa5-984be1989c0e} - F:\LaunchU3.exe -a
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.roboform.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://g.msn.com/HPNOT/1
http://www.google.com/
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
SearchScopes: HKLM-x32 - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = http://rover.ebay.co...}&mfe=Notebooks
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Show Naturalreader Bar - {127AD70F-B2B7-4f6a-ACD9-C7B1FE48C8C0} - C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {46D8BEE7-0B27-4466-ABA2-A5F1E157971C} http://184.18.229.133/RemoteWeb.cab
DPF: HKLM-x32 {64003D84-EC2E-4EFC-B494-4CBB51102657} https://certprep.cer...serLockdown.exe
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...rl.cab?lmi=1058
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 208.38.252.3 184.170.172.131

FireFox:
========
FF ProfilePath: C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default
FF Homepage: hxxp://start.roboform.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: NetDvr_Plugins - C:\Program Files (x86)\NetDvr\Plugins\npDvr.dll (DVR)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\BAMM\AppData\Roaming\Mozilla\Firefox\Profiles\bf39wg1d.default\Extensions\[email protected] [2011-07-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-06-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-07-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2011-12-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-04-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011-02-16]

Chrome:
=======
CHR RestoreOnStartup: "translate_blocked_languages": [ "en"
CHR Extension: (RoboForm Lite) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\4.6.9_0
CHR Extension: (Skype Click to Call) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0
CHR Extension: (Google Wallet) - C:\Users\BAMM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-09-21] (CyberLink)
R2 CPExamService; C:\Program Files (x86)\Certiport\Certiport Exam Service\CPExamSvc.exe [32256 2011-01-25] (Certiport, Inc.)

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 CbFs; C:\Windows\system32\drivers\cbfs64.sys [191960 2010-09-22] (EldoS Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-12-06] (EldoS Corporation)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2010-08-30] (Research in Motion Ltd)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-11 10:14 - 2014-01-11 10:16 - 00018689 _____ C:\Users\BAMM\Desktop\FRST.txt
2014-01-11 09:59 - 2014-01-11 10:00 - 00000000 ____D C:\Users\BAMM\Desktop\geeks to go
2014-01-11 09:46 - 2014-01-11 09:46 - 00000000 ____D C:\Users\BAMM\Desktop\FRST-OlderVersion
2014-01-10 13:43 - 2014-01-10 13:43 - 00000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-10 13:43 - 2014-01-10 13:43 - 00000000 ____D C:\Program Files\Speccy
2014-01-10 13:43 - 2014-01-10 13:42 - 04779896 _____ (Piriform Ltd) C:\Users\BAMM\Desktop\spsetup124.exe
2014-01-10 13:42 - 2014-01-10 13:42 - 04779896 _____ (Piriform Ltd) C:\Users\BAMM\Downloads\spsetup124.exe
2014-01-10 13:37 - 2014-01-10 13:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-10 13:37 - 2014-01-10 13:37 - 00000000 ____D C:\Users\BAMM\Documents\SpeedyComputer
2014-01-10 13:37 - 2014-01-10 13:37 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\SpeedyComputer
2014-01-10 13:36 - 2014-01-10 12:30 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Desktop\SpeedyComputer.exe
2014-01-10 13:35 - 2014-01-10 13:35 - 00008283 _____ C:\Users\BAMM\Desktop\System Idle Process.txt
2014-01-10 13:30 - 2014-01-10 13:31 - 00045046 _____ C:\Users\BAMM\Desktop\Addition.txt
2014-01-10 13:15 - 2014-01-11 09:48 - 00000000 ____D C:\FRST
2014-01-10 13:15 - 2014-01-11 09:46 - 02076160 _____ (Farbar) C:\Users\BAMM\Desktop\FRST64.exe
2014-01-10 12:59 - 2014-01-10 12:59 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 12:59 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Desktop\JRT.exe
2014-01-10 12:57 - 2014-01-10 12:57 - 01932166 _____ (Farbar) C:\Users\BAMM\Downloads\FRST64.exe
2014-01-10 12:56 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Downloads\JRT.exe
2014-01-10 12:35 - 2014-01-10 12:39 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:30 - 2014-01-10 12:30 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Downloads\SpeedyComputer.exe
2014-01-10 12:28 - 2014-01-10 12:28 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\BAMM\Downloads\procexp.exe
2014-01-10 12:25 - 2014-01-10 12:25 - 01233962 _____ C:\Users\BAMM\Downloads\AdwCleaner.exe
2014-01-09 11:00 - 2014-01-09 11:00 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-09 10:59 - 2014-01-09 10:59 - 01402880 _____ C:\Users\BAMM\Downloads\HiJackThis.msi
2014-01-09 10:49 - 2014-01-09 11:00 - 00002971 _____ C:\Users\BAMM\Desktop\HiJackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00002097 _____ C:\Users\Administrator\Desktop\HijackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-07 03:13 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-07 03:13 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-07 03:13 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-01-07 03:13 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-07 03:12 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-07 03:12 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-07 03:12 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-07 03:12 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-07 03:12 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-07 03:12 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-07 03:12 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-07 03:12 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-07 03:12 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-07 03:12 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-07 03:12 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-01-07 03:12 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-01-07 03:12 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-01-07 03:12 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-01-07 03:12 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-07 03:12 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-07 03:12 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-01-07 03:12 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-07 03:12 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-07 03:12 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-07 03:12 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-01-07 03:12 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-01-07 03:12 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-01-07 03:11 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-01-07 03:10 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-01-07 03:10 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-07 03:10 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-01-06 18:23 - 2014-01-06 18:23 - 00000000 ____D C:\Users\BAMM\Pass4sure
2014-01-06 18:22 - 2014-01-06 18:22 - 00001273 _____ C:\Users\Public\Desktop\Pass4sure Apple 9L0-010 Demo.lnk
2014-01-06 18:22 - 2014-01-06 18:22 - 00000000 ____D C:\Program Files (x86)\Pass4sure Test Environment
2014-01-06 18:21 - 2014-01-06 18:21 - 03248954 _____ C:\Users\BAMM\Downloads\9L0-010qa-demo.zip
2014-01-06 18:21 - 2014-01-06 18:21 - 00000000 ____D C:\Users\BAMM\Documents\pass4sure
2014-01-06 17:00 - 2014-01-06 17:00 - 00002018 _____ C:\Users\Public\Desktop\Pass Certification.lnk
2014-01-06 17:00 - 2014-01-06 17:00 - 00000000 ____D C:\Program Files (x86)\PassCertification
2014-01-06 16:58 - 2014-01-06 16:58 - 00000000 ____D C:\Users\BAMM\Documents\acmt
2014-01-06 16:56 - 2014-01-06 16:56 - 06842145 _____ C:\Users\BAMM\Downloads\9L0-010-Demo.zip
2014-01-06 13:49 - 2014-01-06 13:49 - 00008041 _____ C:\Users\BAMM\Downloads\History (3).qfx
2014-01-06 09:59 - 2014-01-10 12:24 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1DC5ABEB-77B3-423C-AC27-B6C7FA15A15B}
2014-01-06 08:16 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-01-06 08:12 - 2014-01-06 08:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-03 07:52 - 2014-01-03 08:23 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Prodiance
2014-01-03 07:52 - 2014-01-03 08:01 - 00036037 _____ C:\Users\Public\Documents\laptop turnin 122012.xlsx
2014-01-03 07:52 - 2014-01-03 07:52 - 00093386 _____ C:\Users\Public\Documents\laptop inventory 1-3-13.xlsx
2014-01-02 18:25 - 2014-01-02 18:25 - 00002824 _____ C:\Users\BAMM\Desktop\Outlook 2013.lnk
2014-01-02 15:44 - 2014-01-02 15:44 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-02 15:39 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-02 14:41 - 2014-01-02 15:41 - 00000000 ____D C:\Windows\SHELLNEW
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-02 13:49 - 2014-01-02 13:49 - 00000000 ____D C:\IUware Online
2014-01-02 11:39 - 2014-01-02 12:05 - 733482472 _____ C:\Users\BAMM\Downloads\OfficeProfessionalPlus201364bit.exe
2013-12-30 10:23 - 2013-12-30 10:23 - 00005363 _____ C:\Users\BAMM\Downloads\History (2).qfx
2013-12-28 12:50 - 2013-12-28 13:45 - 00000000 ____D C:\a56214fbe93dcefb309a391364af
2013-12-28 12:48 - 2013-12-28 14:45 - 00000134 _____ C:\Users\BAMM\Desktop\Internet Explorer Troubleshooting.url
2013-12-23 13:43 - 2013-12-18 09:05 - 73043495 _____ C:\Users\BAMM\Desktop\Lead Kahuna.exe
2013-12-23 13:42 - 2013-12-23 13:43 - 68340094 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.99_win.zip
2013-12-16 13:01 - 2013-12-16 13:01 - 00000000 ____D C:\Users\BAMM\AppData\Local\Ofi Labs
2013-12-16 13:00 - 2014-01-02 18:27 - 00056304 _____ C:\Users\BAMM\GooglePageSource_Testing.html
2013-12-16 12:56 - 2013-12-16 12:56 - 00000000 ____D C:\Users\BAMM\Lead Kahuna
2013-12-16 12:52 - 2013-12-16 12:54 - 68333374 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.98_win.zip
2013-12-13 14:28 - 2013-12-13 14:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BAMM\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-13 14:23 - 2013-12-13 14:23 - 04436944 _____ (AVG Technologies) C:\Users\BAMM\Downloads\avg_free_stb_all_2014_4259_cnet.exe
2013-12-13 09:16 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-13 09:16 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-13 09:16 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-13 09:16 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

==================== One Month Modified Files and Folders =======

2014-01-11 10:16 - 2014-01-11 10:14 - 00018689 _____ C:\Users\BAMM\Desktop\FRST.txt
2014-01-11 10:07 - 2011-07-19 12:42 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-11 10:02 - 2009-07-13 23:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-11 10:02 - 2009-07-13 23:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-11 10:00 - 2014-01-11 09:59 - 00000000 ____D C:\Users\BAMM\Desktop\geeks to go
2014-01-11 09:57 - 2011-01-19 03:50 - 01098651 _____ C:\Windows\WindowsUpdate.log
2014-01-11 09:56 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2014-01-11 09:53 - 2011-07-19 12:42 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-11 09:52 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-11 09:52 - 2009-07-13 23:51 - 00126320 _____ C:\Windows\setupact.log
2014-01-11 09:48 - 2014-01-10 13:15 - 00000000 ____D C:\FRST
2014-01-11 09:48 - 2013-04-05 19:59 - 00000000 ____D C:\Program Files (x86)\ZipCloud
2014-01-11 09:48 - 2011-02-12 15:22 - 00000000 ___RD C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-11 09:46 - 2014-01-11 09:46 - 00000000 ____D C:\Users\BAMM\Desktop\FRST-OlderVersion
2014-01-11 09:46 - 2014-01-10 13:15 - 02076160 _____ (Farbar) C:\Users\BAMM\Desktop\FRST64.exe
2014-01-11 09:46 - 2011-04-18 10:27 - 00000000 ____D C:\ProgramData\MFAData
2014-01-11 09:45 - 2011-02-13 10:33 - 00000000 ____D C:\Users\BAMM\AppData\Local\Adobe
2014-01-11 09:39 - 2009-07-14 00:13 - 00803974 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-11 09:35 - 2012-04-03 13:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-10 19:48 - 2011-01-19 04:04 - 00613566 _____ C:\Windows\PFRO.log
2014-01-10 13:43 - 2014-01-10 13:43 - 00000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2014-01-10 13:43 - 2014-01-10 13:43 - 00000000 ____D C:\Program Files\Speccy
2014-01-10 13:42 - 2014-01-10 13:43 - 04779896 _____ (Piriform Ltd) C:\Users\BAMM\Desktop\spsetup124.exe
2014-01-10 13:42 - 2014-01-10 13:42 - 04779896 _____ (Piriform Ltd) C:\Users\BAMM\Downloads\spsetup124.exe
2014-01-10 13:39 - 2014-01-10 13:37 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2014-01-10 13:37 - 2014-01-10 13:37 - 00000000 ____D C:\Users\BAMM\Documents\SpeedyComputer
2014-01-10 13:37 - 2014-01-10 13:37 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\SpeedyComputer
2014-01-10 13:35 - 2014-01-10 13:35 - 00008283 _____ C:\Users\BAMM\Desktop\System Idle Process.txt
2014-01-10 13:31 - 2014-01-10 13:30 - 00045046 _____ C:\Users\BAMM\Desktop\Addition.txt
2014-01-10 12:59 - 2014-01-10 12:59 - 00000000 ____D C:\Windows\ERUNT
2014-01-10 12:57 - 2014-01-10 12:57 - 01932166 _____ (Farbar) C:\Users\BAMM\Downloads\FRST64.exe
2014-01-10 12:56 - 2014-01-10 12:59 - 01037068 _____ (Thisisu) C:\Users\BAMM\Desktop\JRT.exe
2014-01-10 12:56 - 2014-01-10 12:56 - 01037068 _____ (Thisisu) C:\Users\BAMM\Downloads\JRT.exe
2014-01-10 12:39 - 2014-01-10 12:35 - 00000000 ____D C:\AdwCleaner
2014-01-10 12:30 - 2014-01-10 13:36 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Desktop\SpeedyComputer.exe
2014-01-10 12:30 - 2014-01-10 12:30 - 03897824 _____ (SpeedyComputer ) C:\Users\BAMM\Downloads\SpeedyComputer.exe
2014-01-10 12:28 - 2014-01-10 12:28 - 02799296 _____ (Sysinternals - www.sysinternals.com) C:\Users\BAMM\Downloads\procexp.exe
2014-01-10 12:25 - 2014-01-10 12:25 - 01233962 _____ C:\Users\BAMM\Downloads\AdwCleaner.exe
2014-01-10 12:24 - 2014-01-06 09:59 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1DC5ABEB-77B3-423C-AC27-B6C7FA15A15B}
2014-01-10 10:35 - 2011-11-03 13:26 - 00000000 ____D C:\Users\BAMM\Documents\quickbooks data
2014-01-09 20:05 - 2011-02-12 16:24 - 00000000 ____D C:\Users\BAMM\AppData\Local\CrashDumps
2014-01-09 11:00 - 2014-01-09 11:00 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-01-09 11:00 - 2014-01-09 10:49 - 00002971 _____ C:\Users\BAMM\Desktop\HiJackThis.lnk
2014-01-09 10:59 - 2014-01-09 10:59 - 01402880 _____ C:\Users\BAMM\Downloads\HiJackThis.msi
2014-01-09 10:49 - 2014-01-09 10:49 - 00002097 _____ C:\Users\Administrator\Desktop\HijackThis.lnk
2014-01-09 10:49 - 2014-01-09 10:49 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2014-01-09 10:33 - 2013-06-06 13:22 - 00000000 ____D C:\ProgramData\NaturalReaders
2014-01-08 09:26 - 2012-12-11 07:58 - 00003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBAMM-HP$
2014-01-08 09:26 - 2012-12-11 07:58 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForBAMM-HP$.job
2014-01-08 08:21 - 2013-06-21 10:11 - 00000458 ____H C:\Windows\Tasks\B & A Mobile Marketing llc 1371827452.job
2014-01-07 11:29 - 2013-11-25 07:36 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBAMM
2014-01-07 11:29 - 2013-11-25 07:36 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForBAMM.job
2014-01-07 04:33 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-06 18:23 - 2014-01-06 18:23 - 00000000 ____D C:\Users\BAMM\Pass4sure
2014-01-06 18:23 - 2011-02-12 15:01 - 00000000 ____D C:\Users\BAMM
2014-01-06 18:22 - 2014-01-06 18:22 - 00001273 _____ C:\Users\Public\Desktop\Pass4sure Apple 9L0-010 Demo.lnk
2014-01-06 18:22 - 2014-01-06 18:22 - 00000000 ____D C:\Program Files (x86)\Pass4sure Test Environment
2014-01-06 18:21 - 2014-01-06 18:21 - 03248954 _____ C:\Users\BAMM\Downloads\9L0-010qa-demo.zip
2014-01-06 18:21 - 2014-01-06 18:21 - 00000000 ____D C:\Users\BAMM\Documents\pass4sure
2014-01-06 17:00 - 2014-01-06 17:00 - 00002018 _____ C:\Users\Public\Desktop\Pass Certification.lnk
2014-01-06 17:00 - 2014-01-06 17:00 - 00000000 ____D C:\Program Files (x86)\PassCertification
2014-01-06 16:58 - 2014-01-06 16:58 - 00000000 ____D C:\Users\BAMM\Documents\acmt
2014-01-06 16:56 - 2014-01-06 16:56 - 06842145 _____ C:\Users\BAMM\Downloads\9L0-010-Demo.zip
2014-01-06 13:49 - 2014-01-06 13:49 - 00008041 _____ C:\Users\BAMM\Downloads\History (3).qfx
2014-01-06 09:54 - 2011-02-13 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-06 08:49 - 2011-02-12 15:22 - 00001417 _____ C:\Users\BAMM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-06 08:35 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2014-01-06 08:16 - 2013-12-11 11:21 - 00062773 _____ C:\Windows\IE11_main.log
2014-01-06 08:12 - 2014-01-06 08:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-06 08:12 - 2014-01-06 08:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-01-06 08:12 - 2014-01-06 08:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-01-06 08:12 - 2014-01-06 08:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-01-06 08:12 - 2014-01-06 08:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-06 08:12 - 2014-01-06 08:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-01-06 08:01 - 2012-02-13 14:16 - 00000436 ____H C:\Windows\Tasks\Wabash Wireless 1329160591.job
2014-01-03 08:23 - 2014-01-03 07:52 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Prodiance
2014-01-03 08:01 - 2014-01-03 07:52 - 00036037 _____ C:\Users\Public\Documents\laptop turnin 122012.xlsx
2014-01-03 07:52 - 2014-01-03 07:52 - 00093386 _____ C:\Users\Public\Documents\laptop inventory 1-3-13.xlsx
2014-01-03 07:46 - 2009-07-13 21:34 - 00000478 _____ C:\Windows\win.ini
2014-01-03 07:35 - 2011-07-06 10:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 21:15 - 2009-07-13 23:45 - 05115504 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-02 19:19 - 2011-06-30 09:42 - 00000000 ____D C:\Program Files (x86)\Sharp
2014-01-02 19:18 - 2011-06-30 10:00 - 00000000 ____D C:\Windows\SysWOW64\SCDRV
2014-01-02 19:07 - 2011-04-07 07:47 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\Blio
2014-01-02 18:27 - 2013-12-16 13:00 - 00056304 _____ C:\Users\BAMM\GooglePageSource_Testing.html
2014-01-02 18:25 - 2014-01-02 18:25 - 00002824 _____ C:\Users\BAMM\Desktop\Outlook 2013.lnk
2014-01-02 16:38 - 2011-02-12 15:07 - 00134456 _____ C:\Users\BAMM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-02 15:44 - 2014-01-02 15:44 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-02 15:41 - 2014-01-02 14:41 - 00000000 ____D C:\Windows\SHELLNEW
2014-01-02 15:41 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2014-01-02 15:40 - 2014-01-02 15:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2014-01-02 15:40 - 2014-01-02 15:39 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2014-01-02 15:39 - 2011-02-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-02 14:54 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2014-01-02 14:40 - 2014-01-02 14:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2014-01-02 14:40 - 2010-10-23 12:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2014-01-02 14:08 - 2011-02-13 17:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-02 14:07 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2014-01-02 13:49 - 2014-01-02 13:49 - 00000000 ____D C:\IUware Online
2014-01-02 12:05 - 2014-01-02 11:39 - 733482472 _____ C:\Users\BAMM\Downloads\OfficeProfessionalPlus201364bit.exe
2013-12-31 13:42 - 2012-04-03 13:02 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-31 13:42 - 2012-04-03 13:02 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-31 13:42 - 2011-06-07 07:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-31 13:38 - 2011-07-30 11:25 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\ZumoDrive
2013-12-30 10:23 - 2013-12-30 10:23 - 00005363 _____ C:\Users\BAMM\Downloads\History (2).qfx
2013-12-30 10:21 - 2013-03-17 09:11 - 00000031 _____ C:\Windows\QUICKEN.INI
2013-12-30 09:27 - 2011-11-20 16:15 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-30 09:27 - 2011-02-14 15:24 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-12-28 18:00 - 2009-07-14 00:08 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-28 14:49 - 2011-12-07 10:06 - 00796588 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-12-28 14:45 - 2013-12-28 12:48 - 00000134 _____ C:\Users\BAMM\Desktop\Internet Explorer Troubleshooting.url
2013-12-28 14:44 - 2013-08-18 02:29 - 00000000 ____D C:\Windows\system32\MRT
2013-12-28 13:45 - 2013-12-28 12:50 - 00000000 ____D C:\a56214fbe93dcefb309a391364af
2013-12-26 10:36 - 2011-02-13 18:45 - 00000000 ____D C:\Users\BAMM\Documents\BA_Clients
2013-12-23 13:43 - 2013-12-23 13:42 - 68340094 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.99_win.zip
2013-12-22 11:39 - 2013-07-22 11:20 - 00000000 ____D C:\Users\Administrator
2013-12-18 09:05 - 2013-12-23 13:43 - 73043495 _____ C:\Users\BAMM\Desktop\Lead Kahuna.exe
2013-12-16 13:01 - 2013-12-16 13:01 - 00000000 ____D C:\Users\BAMM\AppData\Local\Ofi Labs
2013-12-16 12:56 - 2013-12-16 12:56 - 00000000 ____D C:\Users\BAMM\Lead Kahuna
2013-12-16 12:54 - 2013-12-16 12:52 - 68333374 _____ C:\Users\BAMM\Downloads\lead_kahuna_1.98_win.zip
2013-12-13 14:28 - 2013-12-13 14:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\BAMM\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-13 14:23 - 2013-12-13 14:23 - 04436944 _____ (AVG Technologies) C:\Users\BAMM\Downloads\avg_free_stb_all_2014_4259_cnet.exe
2013-12-13 13:47 - 2012-06-16 20:50 - 00000000 ____D C:\Users\BAMM\AppData\Roaming\PrimoPDF
2013-12-13 09:32 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-12 13:21 - 2013-04-05 20:00 - 00000000 ____D C:\Users\BAMM\SyncFolder

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-09 13:38

==================== End Of Log ============================

Addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 03
Ran by BAMM at 2014-01-11 10:26:21
Running from C:\Users\BAMM\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft)
Adobe Acrobat X Pro - English, Français, Deutsch (x32 Version: 10.1.6 - Adobe Systems)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe CS6 Design and Web Premium (x32 Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop 7.0.1 (x32 Version: 7.0.1 - Adobe Systems, Inc.)
Adobe Reader X (10.1.3) (x32 Version: 10.1.3 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.8.612 - Adobe Systems, Inc)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Widget Browser (x32 Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.790.0 - ATI Technologies, Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belarc Advisor 8.2 (x32 Version: 8.2.6.0 - Belarc Inc.)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0929.2212.37971 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help English (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help French (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help German (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0929.2211.37971 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0929.2212.37971 - ATI) Hidden
ccc-utility64 (Version: 2010.0929.2212.37971 - ATI) Hidden
Certiport Browser Lockdown 2 (x32 Version: 2.0.115 - Certiport)
Certiport Exam Service (x32 Version: 1.2.9 - Certiport)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ClientTamer (x32 Version: 1.0.1 - Infomastery, LLC)
ClientTamer (x32 Version: 1.0.1 - Infomastery, LLC) Hidden
Contents (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
ConverterLite 1.0.0 (x32 Version: 1.0.0 - ConverterLite)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.252 - Corel Corporation)
Corel VideoStudio Pro X3 (x32 Version: 1.6.0.294 - Corel Corporation)
CyberLink DVD Suite (x32 Version: 7.0.3320 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3320 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version: - Microsoft)
Dell Driver Download Manager (HKCU Version: 2.1.0.0 - Dell Inc.)
DeviceIO (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVRCMS (x32 Version: 1.0.0 - KongTop)
Energy Star Digital Logo (x32 Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (x32 Version: 1.0.0 - Hewlett-Packard)
eZ Account Import (x32 Version: 2.3.0.5 - Zachary Systems Inc)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fences Pro (Version: 1.0.1.312 - Stardock Corporation) Hidden
Fences Pro (x32 Version: 1.0.1.312.19219 - Stardock Corporation)
Fidelity Active Trader Pro® (x32 Version: 10.0.1212.0 - Fidelity Investments)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
GoMobile Leads Machine (x32 Version: 3.0 - Viper Consulting, LLC)
GoMobile Leads Machine (x32 Version: 3.0 - Viper Consulting, LLC) Hidden
Google Chrome (x32 Version: 32.0.1700.72 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToMeeting 5.5.0.1132 (HKCU Version: 5.5.0.1132 - CitrixOnline)
GSM SIM Utility 5.15 (x32 Version: 5.15.0000 - GSM SIM Utility)
Heather (x32 Version: 1.00.0000 - Naturalsoft)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiJackThis (x32 Version: 1.0.0 - Trend Micro)
HijackThis 2.0.2 (x32 Version: 2.0.2 - TrendMicro)
HP 3D DriveGuard (Version: 4.0.10.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP CloudDrive (x32 Version: - Zecter Inc.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.1.3.1 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (x32 Version: 8.0.64.43 - )
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (x32 Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (x32 Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4521 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (Version: 1.0.1.2 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4604 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4604 - Hewlett-Packard) Hidden
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (Version: 3.1.2.2 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (x32 Version: 4.2.3303 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.2.3303 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.9.0 - Hewlett-Packard)
HP MovieStore (x32 Version: 1.0.023 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.0.2 - Hewlett-Packard)
HP Photo Creations (x32 Version: 1.0.0.4042 - HP Photo Creations Powered by RocketLife)
HP Power Manager (x32 Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.4.4 - Hewlett-Packard Company)
HP Setup (x32 Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP SimplePass Identity Protection (Version: 5.20.205 - DigitalPersona, Inc.)
HP Software Framework (x32 Version: 4.1.6.1 - Hewlett-Packard Company)
HP Wireless Assistant (Version: 4.0.10.0 - Hewlett-Packard Company)
Hulu Desktop (HKCU Version: 0.9.13 - Hulu LLC)
ICA (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
iCloud (Version: 2.1.2.8 - Apple Inc.)
IDAutomation Word Excel Addin 2007 (x32 Version: 1.0.2010 - IDAutomation.com, Inc.)
IDT Audio (x32 Version: 1.0.6292.0 - IDT)
iolo technologies' System Mechanic Professional (x32 Version: 11.7.1 - iolo technologies, LLC)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
iSEEK AnswerWorks English Runtime (x32 Version: 010.000.0101 - Vantage Linguistics)
iTunes (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 15 (x32 Version: 7.0.150 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 21 (64-bit) (Version: 6.0.210 - Oracle)
Java™ 6 Update 30 (x32 Version: 6.0.300 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KateVoice (x32 Version: 1.00.0000 - naturalsoft)
LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3220 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MEET MANAGER 4.0 for Swimming (x32 Version: 1.00.0002 - HY-TEK Sports Software part of the Active Network)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Expression Blend 2 (x32 Version: 2.0.1523.0 - Microsoft Corporation)
Microsoft Expression Blend 2 (x32 Version: 2.0.1523.0 - Microsoft Corporation) Hidden
Microsoft Expression Design 2 (x32 Version: 5.0.1379.0 - Microsoft Corporation)
Microsoft Expression Design 2 (x32 Version: 5.0.1379.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 2 (x32 Version: 2.0.1406.0 - Microsoft Corporation)
Microsoft Expression Encoder 2 (x32 Version: 2.0.1406.0 - Microsoft Corporation) Hidden
Microsoft Expression Media 2 SP2 (x32 Version: 2.0.2096.0 - Microsoft Corporation)
Microsoft Expression Studio 2 (x32 Version: 2.0.133.0 - Microsoft Corporation)
Microsoft Expression Studio 2 (x32 Version: 2.0.133.0 - Microsoft Corporation) Hidden
Microsoft Expression Web (x32 Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Expression Web (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Expression Web 2 (x32 Version: 12.0.4518.1084 - Microsoft Corporation)
Microsoft Expression Web 2 (x32 Version: 12.0.4518.1084 - Microsoft Corporation) Hidden
Microsoft Expression Web 2 MUI (English) (x32 Version: 12.0.4518.1084 - Microsoft Corporation) Hidden
Microsoft Expression Web MUI (English) (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Expression Web Service Pack 1 (SP1) (x32 Version: - Microsoft)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.0 (Version: 8.01.249.0 - Microsoft)
Microsoft Lync MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Mozilla Firefox 5.0 (x86 en-US) (x32 Version: 5.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
NaturalReader11.8 (x32 Version: 11.8 - NaturalSoft)
NetDvrPlugin 1.0 (x32 Version: 1.0 - )
OpenSSL 1.0.0e Light (64-bit) (Version: - OpenSSL Win64 Installer Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pass Certification Software (x32 Version: 1.0.0 - www.passcertification.com)
Pass4sure Questions and Answers for Apple 9L0-010 Demo (x32 Version: 4.0.13309 - Pass4sure)
PaulVoice (x32 Version: 1.00.0000 - naturalsoft)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (x32 Version: 3.5.0.33 - Hewlett-Packard Company)
PL-2303 USB-to-Serial (x32 Version: 1.2.10 - Prolific Technology INC)
placemat (x32 Version: 1.0.19 - Infomastery, LLC)
placemat (x32 Version: 1.0.19 - Infomastery, LLC) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4419 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3320 - CyberLink Corp.) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (x32 Version: 5 - Nitro PDF Software)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
QuickBooks (x32 Version: 23.0.4006.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (x32 Version: 23.0.4005.2305 - Intuit Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.23.623.2010 - Realtek)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3223 - CyberLink Corp.) Hidden
RoboForm 7-9-2-5 (All Users) (x32 Version: 7-9-2-5 - Siber Systems)
RoxioNow Player (x32 Version: 1.9.5.101 - RoxioNow)
RSS Builder (x32 Version: 2.1.8 - B!Soft)
Ryan (x32 Version: 1.00.0000 - Naturalsoft)
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
Setup (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.252 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.294 - Corel Corporation) Hidden
Skype Click to Call (x32 Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.5 (x32 Version: 6.5.158 - Skype Technologies S.A.)
Social Graphics Genie (x32 Version: 2.1.0 - Infomastery, LLC)
Social Graphics Genie (x32 Version: 2.1.0 - Infomastery, LLC) Hidden
Speccy (Version: 1.24 - Piriform)
SupportSoft Assisted Service (x32 Version: 15 - SupportSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
TEAM MANAGER Lite 7.0 (x32 Version: 1.00.0002 - The Active Network)
Times Reader (x32 Version: 2.055 - The New York Times Company)
Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Expression Web 2 (KB957827) (x32 Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 System (KB2539530) (x32 Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version: - Microsoft)
Validity Sensors DDK (Version: 4.1.139.0 - Validity Sensors, Inc.)
VIO (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version: - Microsoft Corporation)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
VSClassic (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.294 - Corel Corporation) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (x32 Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.44-1 (x64) (Version: 3.44.1 - HTTrack)
XMind 2012 (v3.3.1) (x32 Version: 3.3.1.201212250029 - XMind Ltd.)
ZipCloud (Version: - ZipCloud)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points =========================

10-01-2014 20:17:20 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {035CA585-5A9B-4E5D-A445-93375794956A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {0C3FF6D7-903B-425C-ABED-A37B297CF1BC} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {24C6CCA3-A638-4457-AB42-B73D3C015777} - \LaunchApp No Task File
Task: {29D5E4B2-6B99-405E-8890-068A8C916BD9} - System32\Tasks\HPCeeScheduleForBAMM-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {3379C8A7-EBF2-4672-B482-E15022045D50} - System32\Tasks\HPCeeScheduleForBAMM => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {43704CB5-E8CF-4845-8A6D-C797BB4633F9} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {44D549FF-74AC-4655-8F4E-69806A648168} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-03] (CyberLink)
Task: {52A90F05-1B3D-4AC6-8259-A155BB7B94C1} - System32\Tasks\Wabash Wireless 1329160591 => C:\Program Files (x86)\Intuit\QuickBooks 2009\AutoBackupEXE.exe
Task: {67DD62A3-CA1D-4F10-A33F-C59946B0927A} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NICMJNDJCMKJBJ"
Task: {74AF5ED7-EF5E-4EE1-8CA7-FB25968A786F} - System32\Tasks\{6F1FEFE0-A286-41D9-9150-74737DAD2A57} => Iexplore.exe http://ui.skype.com/...red;notincluded
Task: {7EB21EF1-C2FA-46F1-8B00-64C171F6D9AD} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NICMJNDJCMKJBJ"
Task: {8405DBEF-356C-49D9-93A3-E47F0F786A3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {9295B5C7-DFD8-4F47-82DF-9F6AA3CB77B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {97242F31-BD54-452E-912B-599A50278EB8} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe [2013-11-09] (Siber Systems)
Task: {A71ED33F-7ECC-484B-8112-89E8F4407F92} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AA2E2DFD-DCEB-4151-B0FC-B39EA09B59B7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2011-01-07] (Microsoft Corporation)
Task: {AB6EF3D4-AB58-4D32-8FEE-55EDDE26D4F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31] (Adobe Systems Incorporated)
Task: {BAA492E2-6186-4C15-9F73-1487E714B5EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {C446A598-EEB5-48D9-B0D4-78BBB73F83C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D0C8DEDB-345E-4BA6-A34E-3148D045FAF7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8443DEF-2E28-4F73-B8C1-1C31792AD8DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {E08C8646-B29B-41D0-984B-B346EEA7AA2E} - System32\Tasks\B & A Mobile Marketing llc 1371827452 => C:\Program Files (x86)\Intuit\QuickBooks 2013\AutoBackupEXE.exe [2013-03-11] (Intuit Inc.)
Task: {E7B1C73F-1237-4733-BEA9-BBFA7540B3B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {FAD1531D-C50B-4F56-A657-9AA05E61A498} - System32\Tasks\AdobeAAMUpdater-1.0-BAMM-HP-BAMM => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\B & A Mobile Marketing llc 1371827452.job => C:\Program Files (x86)\Intuit\QuickBooks 2013\AutoBackupEXE.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForBAMM-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForBAMM.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Wabash Wireless 1329160591.job => C:\Program Files (x86)\Intuit\QuickBooks 2009\AutoBackupEXE.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-07-19 12:55 - 2013-07-19 12:55 - 01421480 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 11:25 - 2013-10-17 11:25 - 08866472 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2014 07:44:40 PM) (Source: Application Error) (User: )
Description: Windows cannot access the file C:\Program Files (x86)\AVG\AVG2014\avgupdx.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program AVG Installer Application because of this error.

Program: AVG Installer Application
File: C:\Program Files (x86)\AVG\AVG2014\avgupdx.dll

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: C0000185
Disk type: 3

Error: (01/10/2014 07:44:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: avgmfapx.exe, version: 14.0.0.4256, time stamp: 0x52829758
Faulting module name: avgupdx.dll, version: 14.0.0.4256, time stamp: 0x52829716
Exception code: 0xc0000006
Fault offset: 0x000a6690
Faulting process id: 0xd5c
Faulting application start time: 0xavgmfapx.exe0
Faulting application path: avgmfapx.exe1
Faulting module path: avgmfapx.exe2
Report Id: avgmfapx.exe3

Error: (01/10/2014 03:10:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

System errors:
=============
Error: (01/11/2014 10:17:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:17:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:17:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:17:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:17:10 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:01:15 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:01:15 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:01:15 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 10:01:15 AM) (Source: atapi) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort0.

Error: (01/11/2014 09:54:52 AM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service failed to start due to the following error:
%%1053

Microsoft Office Sessions:
=========================
Error: (09/19/2013 02:13:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 90175 seconds with 2280 seconds of active time. This session ended with a crash.

Error: (06/22/2013 09:17:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 76507 seconds with 360 seconds of active time. This session ended with a crash.

Error: (06/18/2013 10:26:00 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/01/2013 07:35:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 352234 seconds with 2280 seconds of active time. This session ended with a crash.

Error: (05/08/2013 07:16:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/02/2013 09:02:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/30/2013 06:22:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 252882 seconds with 1680 seconds of active time. This session ended with a crash.

Error: (03/10/2013 00:03:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 384239 seconds with 2460 seconds of active time. This session ended with a crash.

Error: (03/05/2013 10:31:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 91285 seconds with 480 seconds of active time. This session ended with a crash.

Error: (12/11/2012 10:10:53 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6429 seconds with 600 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 7930.9 MB
Available physical RAM: 5846.44 MB
Total Pagefile: 15859.98 MB
Available Pagefile: 13388.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:674.06 GB) (Free:510.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:24.28 GB) (Free:3.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
Drive g: () (Removable) (Total:7.44 GB) (Free:6.93 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: F30902DC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=674 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================

Ju2014-01-12 08:24:09, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:09, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:12, Info CSI 0000000c [SR] Verify complete
2014-01-12 08:24:13, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:13, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:15, Info CSI 00000010 [SR] Verify complete
2014-01-12 08:24:16, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:16, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:18, Info CSI 00000014 [SR] Verify complete
2014-01-12 08:24:19, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:19, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:22, Info CSI 00000018 [SR] Verify complete
2014-01-12 08:24:22, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:22, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:25, Info CSI 0000001c [SR] Verify complete
2014-01-12 08:24:25, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:25, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:30, Info CSI 00000020 [SR] Verify complete
2014-01-12 08:24:30, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:30, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:34, Info CSI 00000024 [SR] Verify complete
2014-01-12 08:24:35, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:35, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:38, Info CSI 00000028 [SR] Verify complete
2014-01-12 08:24:39, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:39, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:39, Info CSI 0000002b [SR] Cannot repair member file [l:44{22}]"DevicePairingProxy.dll" of DevicePairingProxy, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:24:42, Info CSI 0000002c [SR] Cannot repair member file [l:44{22}]"DevicePairingProxy.dll" of DevicePairingProxy, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:24:42, Info CSI 0000002d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:24:42, Info CSI 0000002e [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:44{22}]"DevicePairingProxy.dll"; source file in store is also corrupted
2014-01-12 08:24:42, Info CSI 00000030 [SR] Verify complete
2014-01-12 08:24:43, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:43, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:47, Info CSI 00000034 [SR] Verify complete
2014-01-12 08:24:47, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:47, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:52, Info CSI 00000038 [SR] Verify complete
2014-01-12 08:24:53, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:53, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2014-01-12 08:24:57, Info CSI 0000003c [SR] Verify complete
2014-01-12 08:24:57, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:24:57, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:01, Info CSI 00000040 [SR] Verify complete
2014-01-12 08:25:01, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:01, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:08, Info CSI 00000045 [SR] Verify complete
2014-01-12 08:25:09, Info CSI 00000046 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:09, Info CSI 00000047 [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:17, Info CSI 0000004b [SR] Verify complete
2014-01-12 08:25:18, Info CSI 0000004c [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:18, Info CSI 0000004d [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:23, Info CSI 00000050 [SR] Verify complete
2014-01-12 08:25:24, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:24, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:30, Info CSI 00000055 [SR] Verify complete
2014-01-12 08:25:30, Info CSI 00000056 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:30, Info CSI 00000057 [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:37, Info CSI 00000059 [SR] Verify complete
2014-01-12 08:25:38, Info CSI 0000005a [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:38, Info CSI 0000005b [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:49, Info CSI 00000080 [SR] Verify complete
2014-01-12 08:25:49, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:49, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2014-01-12 08:25:54, Info CSI 00000083 [SR] Cannot repair member file [l:60{30}]"DeviceDisplayStatusManager.dll" of Microsoft-Windows-DeviceDisplayStatusManager, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:25:55, Info CSI 00000084 [SR] Cannot repair member file [l:60{30}]"DeviceDisplayStatusManager.dll" of Microsoft-Windows-DeviceDisplayStatusManager, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:25:55, Info CSI 00000085 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:25:55, Info CSI 00000086 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:60{30}]"DeviceDisplayStatusManager.dll"; source file in store is also corrupted
2014-01-12 08:25:57, Info CSI 00000088 [SR] Verify complete
2014-01-12 08:25:58, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:25:58, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:04, Info CSI 0000008c [SR] Verify complete
2014-01-12 08:26:05, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:05, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:06, Info CSI 0000008f [SR] Cannot repair member file [l:50{25}]"DeviceMetadataParsers.dll" of Microsoft-Windows-DeviceMetadataParsers, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:06, Info CSI 00000090 [SR] Cannot repair member file [l:46{23}]"DevicePairingWizard.exe" of Microsoft-Windows-DevicePairingApp, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:06, Info CSI 00000091 [SR] Cannot repair member file [l:34{17}]"DevicePairing.dll" of Microsoft-Windows-DevicePairingDll, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:06, Info CSI 00000092 [SR] Cannot repair member file [l:48{24}]"DevicePairingHandler.dll" of Microsoft-Windows-DevicePairingHandler, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:15, Info CSI 00000093 [SR] Cannot repair member file [l:46{23}]"DevicePairingWizard.exe" of Microsoft-Windows-DevicePairingApp, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:15, Info CSI 00000094 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:26:15, Info CSI 00000095 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:46{23}]"DevicePairingWizard.exe"; source file in store is also corrupted
2014-01-12 08:26:15, Info CSI 00000096 [SR] Cannot repair member file [l:48{24}]"DevicePairingHandler.dll" of Microsoft-Windows-DevicePairingHandler, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:15, Info CSI 00000097 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:26:15, Info CSI 00000098 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:48{24}]"DevicePairingHandler.dll"; source file in store is also corrupted
2014-01-12 08:26:15, Info CSI 00000099 [SR] Cannot repair member file [l:34{17}]"DevicePairing.dll" of Microsoft-Windows-DevicePairingDll, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:15, Info CSI 0000009a [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:26:15, Info CSI 0000009b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:34{17}]"DevicePairing.dll"; source file in store is also corrupted
2014-01-12 08:26:16, Info CSI 0000009c [SR] Cannot repair member file [l:50{25}]"DeviceMetadataParsers.dll" of Microsoft-Windows-DeviceMetadataParsers, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:26:16, Info CSI 0000009d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:26:16, Info CSI 0000009e [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:50{25}]"DeviceMetadataParsers.dll"; source file in store is also corrupted
2014-01-12 08:26:16, Info CSI 000000a0 [SR] Verify complete
2014-01-12 08:26:17, Info CSI 000000a1 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:17, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:27, Info CSI 000000a4 [SR] Verify complete
2014-01-12 08:26:27, Info CSI 000000a5 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:27, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:34, Info CSI 000000a8 [SR] Verify complete
2014-01-12 08:26:34, Info CSI 000000a9 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:34, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:46, Info CSI 000000ae [SR] Verify complete
2014-01-12 08:26:46, Info CSI 000000af [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:46, Info CSI 000000b0 [SR] Beginning Verify and Repair transaction
2014-01-12 08:26:59, Info CSI 000000d1 [SR] Verify complete
2014-01-12 08:26:59, Info CSI 000000d2 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:26:59, Info CSI 000000d3 [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:13, Info CSI 000000d5 [SR] Verify complete
2014-01-12 08:27:13, Info CSI 000000d6 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:13, Info CSI 000000d7 [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:29, Info CSI 000000db [SR] Verify complete
2014-01-12 08:27:29, Info CSI 000000dc [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:29, Info CSI 000000dd [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:33, Info CSI 000000df [SR] Verify complete
2014-01-12 08:27:33, Info CSI 000000e0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:33, Info CSI 000000e1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:36, Info CSI 000000e3 [SR] Verify complete
2014-01-12 08:27:36, Info CSI 000000e4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:36, Info CSI 000000e5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:40, Info CSI 000000e7 [SR] Verify complete
2014-01-12 08:27:41, Info CSI 000000e8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:41, Info CSI 000000e9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:54, Info CSI 000000fc [SR] Verify complete
2014-01-12 08:27:54, Info CSI 000000fd [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:54, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2014-01-12 08:27:58, Info CSI 00000100 [SR] Verify complete
2014-01-12 08:27:58, Info CSI 00000101 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:27:58, Info CSI 00000102 [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:02, Info CSI 00000104 [SR] Verify complete
2014-01-12 08:28:03, Info CSI 00000105 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:03, Info CSI 00000106 [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:07, Info CSI 00000108 [SR] Verify complete
2014-01-12 08:28:08, Info CSI 00000109 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:08, Info CSI 0000010a [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:15, Info CSI 0000010d [SR] Verify complete
2014-01-12 08:28:15, Info CSI 0000010e [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:15, Info CSI 0000010f [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:31, Info CSI 00000112 [SR] Verify complete
2014-01-12 08:28:31, Info CSI 00000113 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:31, Info CSI 00000114 [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:35, Info CSI 00000116 [SR] Verify complete
2014-01-12 08:28:36, Info CSI 00000117 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:36, Info CSI 00000118 [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:39, Info CSI 0000011a [SR] Verify complete
2014-01-12 08:28:39, Info CSI 0000011b [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:39, Info CSI 0000011c [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:48, Info CSI 0000011e [SR] Verify complete
2014-01-12 08:28:49, Info CSI 0000011f [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:49, Info CSI 00000120 [SR] Beginning Verify and Repair transaction
2014-01-12 08:28:56, Info CSI 00000122 [SR] Verify complete
2014-01-12 08:28:57, Info CSI 00000123 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:28:57, Info CSI 00000124 [SR] Beginning Verify and Repair transaction
2014-01-12 08:29:04, Info CSI 00000126 [SR] Verify complete
2014-01-12 08:29:05, Info CSI 00000127 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:29:05, Info CSI 00000128 [SR] Beginning Verify and Repair transaction
2014-01-12 08:29:21, Info CSI 00000140 [SR] Verify complete
2014-01-12 08:29:22, Info CSI 00000141 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:29:22, Info CSI 00000142 [SR] Beginning Verify and Repair transaction
2014-01-12 08:29:29, Info CSI 00000144 [SR] Verify complete
2014-01-12 08:29:30, Info CSI 00000145 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:29:30, Info CSI 00000146 [SR] Beginning Verify and Repair transaction
2014-01-12 08:29:50, Info CSI 00000148 [SR] Verify complete
2014-01-12 08:29:50, Info CSI 00000149 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:29:50, Info CSI 0000014a [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:03, Info CSI 0000014d [SR] Verify complete
2014-01-12 08:30:03, Info CSI 0000014e [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:03, Info CSI 0000014f [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:15, Info CSI 00000151 [SR] Verify complete
2014-01-12 08:30:15, Info CSI 00000152 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:15, Info CSI 00000153 [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:23, Info CSI 00000155 [SR] Verify complete
2014-01-12 08:30:24, Info CSI 00000156 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:24, Info CSI 00000157 [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:27, Info CSI 00000158 [SR] Cannot repair member file [l:30{15}]"DeviceEject.exe" of Microsoft-Windows-PnpHotPlugUi, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:30:31, Info CSI 00000159 [SR] Cannot repair member file [l:30{15}]"DeviceEject.exe" of Microsoft-Windows-PnpHotPlugUi, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:30:31, Info CSI 0000015a [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:30:31, Info CSI 0000015b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"DeviceEject.exe"; source file in store is also corrupted
2014-01-12 08:30:32, Info CSI 0000015d [SR] Verify complete
2014-01-12 08:30:32, Info CSI 0000015e [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:32, Info CSI 0000015f [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:37, Info CSI 00000161 [SR] Verify complete
2014-01-12 08:30:38, Info CSI 00000162 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:38, Info CSI 00000163 [SR] Beginning Verify and Repair transaction
2014-01-12 08:30:45, Info CSI 00000167 [SR] Verify complete
2014-01-12 08:30:45, Info CSI 00000168 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:30:45, Info CSI 00000169 [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:03, Info CSI 0000016b [SR] Verify complete
2014-01-12 08:31:03, Info CSI 0000016c [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:03, Info CSI 0000016d [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:13, Info CSI 00000170 [SR] Verify complete
2014-01-12 08:31:14, Info CSI 00000171 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:14, Info CSI 00000172 [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:20, Info CSI 00000174 [SR] Verify complete
2014-01-12 08:31:20, Info CSI 00000175 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:20, Info CSI 00000176 [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:28, Info CSI 00000179 [SR] Verify complete
2014-01-12 08:31:28, Info CSI 0000017a [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:28, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:42, Info CSI 0000017e [SR] Verify complete
2014-01-12 08:31:42, Info CSI 0000017f [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:42, Info CSI 00000180 [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:50, Info CSI 00000182 [SR] Verify complete
2014-01-12 08:31:51, Info CSI 00000183 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:51, Info CSI 00000184 [SR] Beginning Verify and Repair transaction
2014-01-12 08:31:57, Info CSI 00000186 [SR] Verify complete
2014-01-12 08:31:57, Info CSI 00000187 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:31:57, Info CSI 00000188 [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:04, Info CSI 0000018b [SR] Verify complete
2014-01-12 08:32:04, Info CSI 0000018c [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:04, Info CSI 0000018d [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:12, Info CSI 0000018f [SR] Verify complete
2014-01-12 08:32:12, Info CSI 00000190 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:12, Info CSI 00000191 [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:16, Info CSI 00000193 [SR] Verify complete
2014-01-12 08:32:17, Info CSI 00000194 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:17, Info CSI 00000195 [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:28, Info CSI 00000198 [SR] Verify complete
2014-01-12 08:32:28, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:28, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:37, Info CSI 0000019c [SR] Verify complete
2014-01-12 08:32:37, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:37, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:45, Info CSI 000001a2 [SR] Verify complete
2014-01-12 08:32:45, Info CSI 000001a3 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:45, Info CSI 000001a4 [SR] Beginning Verify and Repair transaction
2014-01-12 08:32:58, Info CSI 000001a6 [SR] Verify complete
2014-01-12 08:32:59, Info CSI 000001a7 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:32:59, Info CSI 000001a8 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:08, Info CSI 000001ab [SR] Verify complete
2014-01-12 08:33:08, Info CSI 000001ac [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:08, Info CSI 000001ad [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:18, Info CSI 000001af [SR] Verify complete
2014-01-12 08:33:18, Info CSI 000001b0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:18, Info CSI 000001b1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:20, Info CSI 000001b3 [SR] Verify complete
2014-01-12 08:33:20, Info CSI 000001b4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:20, Info CSI 000001b5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:26, Info CSI 000001b7 [SR] Verify complete
2014-01-12 08:33:27, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:27, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:33, Info CSI 000001bb [SR] Verify complete
2014-01-12 08:33:33, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:33, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:41, Info CSI 000001bf [SR] Verify complete
2014-01-12 08:33:42, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:42, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:48, Info CSI 000001c3 [SR] Verify complete
2014-01-12 08:33:48, Info CSI 000001c4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:48, Info CSI 000001c5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:33:55, Info CSI 000001c7 [SR] Verify complete
2014-01-12 08:33:55, Info CSI 000001c8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:33:55, Info CSI 000001c9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:09, Info CSI 000001cb [SR] Verify complete
2014-01-12 08:34:09, Info CSI 000001cc [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:09, Info CSI 000001cd [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:30, Info CSI 000001cf [SR] Verify complete
2014-01-12 08:34:30, Info CSI 000001d0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:30, Info CSI 000001d1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:38, Info CSI 000001d3 [SR] Verify complete
2014-01-12 08:34:38, Info CSI 000001d4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:38, Info CSI 000001d5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:45, Info CSI 000001d7 [SR] Verify complete
2014-01-12 08:34:45, Info CSI 000001d8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:45, Info CSI 000001d9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:49, Info CSI 000001db [SR] Verify complete
2014-01-12 08:34:49, Info CSI 000001dc [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:49, Info CSI 000001dd [SR] Beginning Verify and Repair transaction
2014-01-12 08:34:54, Info CSI 000001df [SR] Verify complete
2014-01-12 08:34:55, Info CSI 000001e0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:34:55, Info CSI 000001e1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:06, Info CSI 000001e3 [SR] Verify complete
2014-01-12 08:35:06, Info CSI 000001e4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:06, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:12, Info CSI 000001e7 [SR] Verify complete
2014-01-12 08:35:12, Info CSI 000001e8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:12, Info CSI 000001e9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:14, Info CSI 000001eb [SR] Verify complete
2014-01-12 08:35:15, Info CSI 000001ec [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:15, Info CSI 000001ed [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:23, Info CSI 000001f5 [SR] Verify complete
2014-01-12 08:35:23, Info CSI 000001f6 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:23, Info CSI 000001f7 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:28, Info CSI 000001f9 [SR] Verify complete
2014-01-12 08:35:29, Info CSI 000001fa [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:29, Info CSI 000001fb [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:34, Info CSI 000001fd [SR] Verify complete
2014-01-12 08:35:34, Info CSI 000001fe [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:34, Info CSI 000001ff [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:40, Info CSI 00000201 [SR] Verify complete
2014-01-12 08:35:40, Info CSI 00000202 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:40, Info CSI 00000203 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:47, Info CSI 00000205 [SR] Verify complete
2014-01-12 08:35:48, Info CSI 00000206 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:48, Info CSI 00000207 [SR] Beginning Verify and Repair transaction
2014-01-12 08:35:58, Info CSI 0000020a [SR] Verify complete
2014-01-12 08:35:59, Info CSI 0000020b [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:35:59, Info CSI 0000020c [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:03, Info CSI 0000020e [SR] Verify complete
2014-01-12 08:36:03, Info CSI 0000020f [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:03, Info CSI 00000210 [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:06, Info CSI 00000212 [SR] Verify complete
2014-01-12 08:36:06, Info CSI 00000213 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:06, Info CSI 00000214 [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:24, Info CSI 00000219 [SR] Verify complete
2014-01-12 08:36:24, Info CSI 0000021a [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:24, Info CSI 0000021b [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:36, Info CSI 0000021e [SR] Verify complete
2014-01-12 08:36:36, Info CSI 0000021f [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:36, Info CSI 00000220 [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:45, Info CSI 00000224 [SR] Verify complete
2014-01-12 08:36:45, Info CSI 00000225 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:45, Info CSI 00000226 [SR] Beginning Verify and Repair transaction
2014-01-12 08:36:55, Info CSI 00000232 [SR] Verify complete
2014-01-12 08:36:55, Info CSI 00000233 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:36:55, Info CSI 00000234 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:05, Info CSI 0000023a [SR] Verify complete
2014-01-12 08:37:06, Info CSI 0000023b [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:06, Info CSI 0000023c [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:13, Info CSI 0000023e [SR] Verify complete
2014-01-12 08:37:14, Info CSI 0000023f [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:14, Info CSI 00000240 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:19, Info CSI 00000244 [SR] Verify complete
2014-01-12 08:37:19, Info CSI 00000245 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:19, Info CSI 00000246 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:25, Info CSI 00000248 [SR] Verify complete
2014-01-12 08:37:25, Info CSI 00000249 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:25, Info CSI 0000024a [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:34, Info CSI 0000026f [SR] Verify complete
2014-01-12 08:37:34, Info CSI 00000270 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:34, Info CSI 00000271 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:41, Info CSI 00000273 [SR] Verify complete
2014-01-12 08:37:41, Info CSI 00000274 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:41, Info CSI 00000275 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:47, Info CSI 00000277 [SR] Verify complete
2014-01-12 08:37:47, Info CSI 00000278 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:47, Info CSI 00000279 [SR] Beginning Verify and Repair transaction
2014-01-12 08:37:54, Info CSI 0000027b [SR] Verify complete
2014-01-12 08:37:54, Info CSI 0000027c [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:37:54, Info CSI 0000027d [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:00, Info CSI 0000028b [SR] Verify complete
2014-01-12 08:38:00, Info CSI 0000028c [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:00, Info CSI 0000028d [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:12, Info CSI 0000028f [SR] Verify complete
2014-01-12 08:38:12, Info CSI 00000290 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:12, Info CSI 00000291 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:21, Info CSI 0000029f [SR] Verify complete
2014-01-12 08:38:22, Info CSI 000002a0 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:22, Info CSI 000002a1 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:25, Info CSI 000002a3 [SR] Verify complete
2014-01-12 08:38:25, Info CSI 000002a4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:25, Info CSI 000002a5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:31, Info CSI 000002a7 [SR] Verify complete
2014-01-12 08:38:32, Info CSI 000002a8 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:32, Info CSI 000002a9 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:39, Info CSI 000002ac [SR] Verify complete
2014-01-12 08:38:40, Info CSI 000002ad [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:40, Info CSI 000002ae [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:43, Info CSI 000002b0 [SR] Verify complete
2014-01-12 08:38:43, Info CSI 000002b1 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:43, Info CSI 000002b2 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:51, Info CSI 000002b4 [SR] Verify complete
2014-01-12 08:38:51, Info CSI 000002b5 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:51, Info CSI 000002b6 [SR] Beginning Verify and Repair transaction
2014-01-12 08:38:58, Info CSI 000002b8 [SR] Verify complete
2014-01-12 08:38:58, Info CSI 000002b9 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:38:58, Info CSI 000002ba [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:09, Info CSI 000002c3 [SR] Verify complete
2014-01-12 08:39:09, Info CSI 000002c4 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:09, Info CSI 000002c5 [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:18, Info CSI 000002d8 [SR] Verify complete
2014-01-12 08:39:18, Info CSI 000002d9 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:18, Info CSI 000002da [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:38, Info CSI 000002dc [SR] Verify complete
2014-01-12 08:39:38, Info CSI 000002dd [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:38, Info CSI 000002de [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:44, Info CSI 000002e0 [SR] Verify complete
2014-01-12 08:39:44, Info CSI 000002e1 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:44, Info CSI 000002e2 [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:51, Info CSI 000002e4 [SR] Verify complete
2014-01-12 08:39:51, Info CSI 000002e5 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:51, Info CSI 000002e6 [SR] Beginning Verify and Repair transaction
2014-01-12 08:39:55, Info CSI 000002ea [SR] Verify complete
2014-01-12 08:39:56, Info CSI 000002eb [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:39:56, Info CSI 000002ec [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:01, Info CSI 000002ee [SR] Verify complete
2014-01-12 08:40:02, Info CSI 000002ef [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:02, Info CSI 000002f0 [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:09, Info CSI 000002f2 [SR] Verify complete
2014-01-12 08:40:09, Info CSI 000002f3 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:09, Info CSI 000002f4 [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:14, Info CSI 000002f6 [SR] Verify complete
2014-01-12 08:40:15, Info CSI 000002f7 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:15, Info CSI 000002f8 [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:21, Info CSI 000002fb [SR] Verify complete
2014-01-12 08:40:21, Info CSI 000002fc [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:21, Info CSI 000002fd [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:27, Info CSI 000002ff [SR] Verify complete
2014-01-12 08:40:28, Info CSI 00000300 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:28, Info CSI 00000301 [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:34, Info CSI 00000303 [SR] Verify complete
2014-01-12 08:40:35, Info CSI 00000304 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:35, Info CSI 00000305 [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:42, Info CSI 00000308 [SR] Verify complete
2014-01-12 08:40:43, Info CSI 00000309 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:43, Info CSI 0000030a [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:52, Info CSI 0000030c [SR] Verify complete
2014-01-12 08:40:52, Info CSI 0000030d [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:40:52, Info CSI 0000030e [SR] Beginning Verify and Repair transaction
2014-01-12 08:40:59, Info CSI 00000310 [SR] Verify complete
2014-01-12 08:41:00, Info CSI 00000311 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:41:00, Info CSI 00000312 [SR] Beginning Verify and Repair transaction
2014-01-12 08:41:05, Info CSI 00000314 [SR] Verify complete
2014-01-12 08:41:06, Info CSI 00000315 [SR] Verifying 100 (0x0000000000000064) components
2014-01-12 08:41:06, Info CSI 00000316 [SR] Beginning Verify and Repair transaction
2014-01-12 08:41:14, Info CSI 00000318 [SR] Verify complete
2014-01-12 08:41:14, Info CSI 00000319 [SR] Verifying 59 (0x000000000000003b) components
2014-01-12 08:41:14, Info CSI 0000031a [SR] Beginning Verify and Repair transaction
2014-01-12 08:41:18, Info CSI 0000031c [SR] Verify complete
2014-01-12 08:41:18, Info CSI 0000031d [SR] Repairing 7 components
2014-01-12 08:41:18, Info CSI 0000031e [SR] Beginning Verify and Repair transaction
2014-01-12 08:41:18, Info CSI 0000031f [SR] Cannot repair member file [l:44{22}]"DevicePairingProxy.dll" of DevicePairingProxy, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000320 [SR] Cannot repair member file [l:60{30}]"DeviceDisplayStatusManager.dll" of Microsoft-Windows-DeviceDisplayStatusManager, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000321 [SR] Cannot repair member file [l:46{23}]"DevicePairingWizard.exe" of Microsoft-Windows-DevicePairingApp, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000322 [SR] Cannot repair member file [l:48{24}]"DevicePairingHandler.dll" of Microsoft-Windows-DevicePairingHandler, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000323 [SR] Cannot repair member file [l:34{17}]"DevicePairing.dll" of Microsoft-Windows-DevicePairingDll, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000324 [SR] Cannot repair member file [l:50{25}]"DeviceMetadataParsers.dll" of Microsoft-Windows-DeviceMetadataParsers, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000325 [SR] Cannot repair member file [l:30{15}]"DeviceEject.exe" of Microsoft-Windows-PnpHotPlugUi, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000326 [SR] Cannot repair member file [l:46{23}]"DevicePairingWizard.exe" of Microsoft-Windows-DevicePairingApp, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000327 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 00000328 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:46{23}]"DevicePairingWizard.exe"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 00000329 [SR] Cannot repair member file [l:30{15}]"DeviceEject.exe" of Microsoft-Windows-PnpHotPlugUi, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 0000032a [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 0000032b [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:30{15}]"DeviceEject.exe"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 0000032c [SR] Cannot repair member file [l:44{22}]"DevicePairingProxy.dll" of DevicePairingProxy, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 0000032d [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 0000032e [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:44{22}]"DevicePairingProxy.dll"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 0000032f [SR] Cannot repair member file [l:48{24}]"DevicePairingHandler.dll" of Microsoft-Windows-DevicePairingHandler, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000330 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 00000331 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:48{24}]"DevicePairingHandler.dll"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 00000332 [SR] Cannot repair member file [l:50{25}]"DeviceMetadataParsers.dll" of Microsoft-Windows-DeviceMetadataParsers, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000333 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 00000334 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:50{25}]"DeviceMetadataParsers.dll"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 00000335 [SR] Cannot repair member file [l:34{17}]"DevicePairing.dll" of Microsoft-Windows-DevicePairingDll, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000336 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 00000337 [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:34{17}]"DevicePairing.dll"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 00000338 [SR] Cannot repair member file [l:60{30}]"DeviceDisplayStatusManager.dll" of Microsoft-Windows-DeviceDisplayStatusManager, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, file is missing
2014-01-12 08:41:18, Info CSI 00000339 [SR] This component was referenced by [l:202{101}]"Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.WindowsFoundationDelivery"
2014-01-12 08:41:18, Info CSI 0000033a [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:60{30}]"DeviceDisplayStatusManager.dll"; source file in store is also corrupted
2014-01-12 08:41:18, Info CSI 0000033c [SR] Repair complete
2014-01-12 08:41:18, Info CSI 0000033d [SR] Committing transaction
2014-01-12 08:41:18, Info CSI 00000341 [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction have been successfully repaired
nk.txt:

View-syVino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/01/2014 8:48:57 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 11/01/2014 8:26:38 PM
Type: Error Category: 0
Event: 877 Source: Application Popup
There was error [DATABASE OPEN FAILED] processing the driver database.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 12/01/2014 1:19:23 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name isatap.wbshinaa.metronetinc.net timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 11/01/2014 8:26:39 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WinUSB failed to load for the device USB\VID_138A&PID_0005\3312be91ae00.

Log: 'System' Date/Time: 11/01/2014 8:26:39 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\HidUsb failed to load for the device USB\VID_046D&PID_C51B&MI_01\6&cb977a8&0&0001.

Log: 'System' Date/Time: 11/01/2014 8:26:39 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\HidUsb failed to load for the device USB\VID_046D&PID_C51B&MI_00\6&cb977a8&0&0000.

Log: 'System' Date/Time: 11/01/2014 8:26:39 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\usbvideo failed to load for the device USB\VID_0BDA&PID_5801&MI_00\6&1b3daa85&1&0000.

Log: 'System' Date/Time: 11/01/2014 4:17:00 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 11/01/2014 4:17:00 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll

stem log:

View application logs:
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 12/01/2014 8:50:23 AM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2014 8:56:47 PM
Type: Error Category: 0
Event: 9 Source: SideBySide
Activation context generation failed for "C:\Users\BAMM\AppData\Roaming\IDAutomation.com, Inc\IDAutomation Word Excel Addin 2007\adxloader.dll.Manifest".Error in manifest or policy file "C:\Users\BAMM\AppData\Roaming\IDAutomation.com, Inc\IDAutomation Word Excel Addin 2007\adxloader.dll.Manifest" on line 2. The manifest file root element must be assembly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/01/2014 4:16:50 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 5 user registry handles leaked from \Registry\User\S-1-5-21-2684741075-1314613713-1915352737-1000:
Process 840 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2684741075-1314613713-1915352737-1000
Process 840 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2684741075-1314613713-1915352737-1000
Process 840 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2684741075-1314613713-1915352737-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 840 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2684741075-1314613713-1915352737-1000\Software\Microsoft\SystemCertificates\My
Process 840 (\Device\HarddiskVolume2\Windows\System32\lsass.exe) has opened key \REGISTRY\USER\S-1-5-21-2684741075-1314613713-1915352737-1000\Software\Microsoft\SystemCertificates\CA

Took the check disk 3+ hours to finish:

to answer your question Better I think?

Russ

#6
RKinner

Posted 12 January 2014 - 12:37 PM

Malware Expert

Expert
24,625 posts

SFC found several files that it could not repair but at least we are no longer getting disk errors.

Copy the text in the code box:

/md5start
DevicePairingProxy.dll
DeviceDisplayStatusManager.dll
DeviceMetadataParsers.dll
DevicePairingWizard.exe
DevicePairing.dll
DevicePairingHandler.dll
DeviceMetadataParsers.dll
lsass.exe
drvmain.sdb
/md5stop

Run OTL (Vista or Win 7 => right click and Run As Administrator)

Paste (Ctrl + v) the copied text in the box where it says Custom Scan/Fixes

Select the All option in the Extra Registry group then Run Scan.

You should get two logs. Please copy and paste both of them.

Also run Speccy again. I want to see if the SMART Hard drive data has changed so just open the log, find the section on S.M.A.R.T and post that.

#7
Rabell

Posted 16 January 2014 - 06:12 AM

Member

Topic Starter
Member
29 posts

Sorry it taken a while to reply but I can not the program your reference: Run OTL (Vista or Win 7 => right click and Run As Administrator)

What is OTL?

Russ

#8
RKinner

Posted 16 January 2014 - 09:51 AM

Malware Expert

Expert
24,625 posts

Normally OTL is the program you run when you post in the malware forum. It's called for in the instructions at the top of the forum but:

Download OTL from
http://www.geekstogo...timers-list-it/
and Save it to your desktop.

I'm going to be on a trip for the next two weeks. Expect delays.