Hi
Thanks for quick reply below is the log.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014
Ran by SYSTEM on MININT-RMLBRQH on 21-07-2014 20:30:29
Running from g:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/ Download link for 64-Bit Version:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-09-17] (LogMeIn, Inc.)
HKLM-x32\...\Run: [TOSDCR] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe [169296 2007-08-28] ()
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-04-01] (TOSHIBA)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-15] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-20] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Administrator\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-24] (Google Inc.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\LogMeInRemoteUser\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\LogMeInRemoteUser\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\LogMeInRemoteUser\...\RunOnce: [spchecker] => "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\Lynn\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\Lynn\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\Lynn\...\Run: [Google Update] => C:\Users\Lynn\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-05] (Google Inc.)
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Azabat Software.lnk
ShortcutTarget: Azabat Software.lnk -> C:\Program Files (x86)\azabat\menu.exe (No File)
Startup: C:\Users\Lynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers-x32: SharingPrivate -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => No File
==================== Services (Whitelisted) =================
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-15] (AVAST Software)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-06-07] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-06-07] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-05] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
S2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
S3 GSService; "C:\Windows\SysWOW64\GSService.exe" [X]
S3 JTVNCProxy_14.0; C:\Program Files\Freedom Scientific\JAWS\14.0\JTVNCProxy.exe [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 McMPFSvc; "C:\Program Files\Common Files\McSvHost.exe" /McCoreSvc [X]
S2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 McODS; "C:\ProgramData\McAfee\msc\Updates\Installs\1\vso\%VSINSTALL_DIR64%\mcods.exe" [X]
==================== Drivers (Whitelisted) ====================
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-15] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-15] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-15] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-15] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-15] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-15] ()
S2 Freedom Scientific Kernel Manager; C:\Windows\System32\fsKMgr.dll [29712 2013-06-25] (Freedom Scientific, Inc.)
S3 fsvidmir_service; C:\Windows\System32\DRIVERS\fsvidmir.sys [15856 2013-06-25] (Freedom Scientific, Inc.)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-03] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S2 MSK80Service;
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-10] (SafeNet, Inc.)
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34088 2012-11-30] (Windows (R) Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
S3 PowerBrl; \??\C:\Windows\system32\Drivers\powerbrl.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-21 17:34 - 2014-07-21 19:49 - 00000000 ____D () C:\FRST
2014-07-17 03:33 - 2014-07-17 03:33 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-17 03:33 - 2014-07-17 03:33 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-15 08:29 - 2014-07-17 03:52 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-15 08:29 - 2014-07-17 03:52 - 00003226 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-15 04:27 - 2014-07-15 04:27 - 01070592 _____ () C:\Users\Lynn\Downloads\MicrosoftFixit50569 (1).msi
2014-07-15 02:40 - 2014-07-15 02:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-15 02:25 - 2014-07-15 02:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Apple
2014-07-09 04:36 - 2014-07-09 04:36 - 00164142 _____ () C:\Users\Lynn\Downloads\WordPress-Services-Toolkit.zip
2014-07-09 00:25 - 2014-06-29 18:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-07-09 00:25 - 2014-06-29 18:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-07-09 00:25 - 2014-06-17 18:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\System32\osk.exe
2014-07-09 00:25 - 2014-06-17 17:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 00:25 - 2014-06-17 17:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-07-09 00:25 - 2014-06-06 02:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-07-09 00:25 - 2014-06-06 01:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 00:25 - 2014-05-29 22:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2014-07-09 00:24 - 2014-06-20 12:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-07-09 00:24 - 2014-06-20 11:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 00:24 - 2014-06-18 17:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-07-09 00:24 - 2014-06-18 17:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-07-09 00:24 - 2014-06-18 16:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-07-09 00:24 - 2014-06-18 16:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-07-09 00:24 - 2014-06-18 16:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-07-09 00:24 - 2014-06-18 16:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-07-09 00:24 - 2014-06-18 16:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-07-09 00:24 - 2014-06-18 16:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-07-09 00:24 - 2014-06-18 16:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 00:24 - 2014-06-18 16:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-07-09 00:24 - 2014-06-18 15:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-09 00:24 - 2014-06-18 15:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 00:24 - 2014-06-18 15:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-07-09 00:24 - 2014-06-18 15:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 00:24 - 2014-06-18 15:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 00:24 - 2014-06-18 15:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 00:24 - 2014-06-18 15:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 00:24 - 2014-06-18 15:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-07-09 00:24 - 2014-06-18 15:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 00:24 - 2014-06-18 15:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 00:24 - 2014-06-18 15:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 00:24 - 2014-06-18 15:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-07-09 00:24 - 2014-06-18 15:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 00:24 - 2014-06-18 15:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 00:24 - 2014-06-18 15:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 00:24 - 2014-06-18 15:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 00:24 - 2014-06-18 15:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 00:24 - 2014-06-18 15:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 00:24 - 2014-06-18 14:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 00:24 - 2014-06-18 14:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 00:24 - 2014-06-18 14:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 00:24 - 2014-06-18 14:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 00:24 - 2014-06-18 14:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 00:24 - 2014-06-18 14:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 00:24 - 2014-06-18 14:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 00:24 - 2014-06-18 14:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-07-09 00:24 - 2014-06-18 14:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 00:24 - 2014-06-18 14:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 00:24 - 2014-06-18 14:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-07-09 00:24 - 2014-05-30 00:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 00:24 - 2014-05-29 23:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 00:23 - 2014-06-18 17:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-07-09 00:23 - 2014-06-18 16:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-07-09 00:23 - 2014-06-18 16:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-07-09 00:23 - 2014-06-18 16:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-07-09 00:23 - 2014-06-18 16:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-07-09 00:23 - 2014-06-18 16:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-07-09 00:23 - 2014-06-18 16:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-09 00:23 - 2014-06-18 15:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-07-09 00:23 - 2014-06-18 15:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-07-09 00:23 - 2014-06-18 15:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-07-09 00:23 - 2014-06-18 15:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-07-09 00:23 - 2014-06-18 15:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-07-09 00:23 - 2014-06-18 14:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-07-09 00:23 - 2014-06-18 14:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-07-09 00:23 - 2014-06-18 14:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-07-09 00:23 - 2014-06-05 06:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-07-09 00:23 - 2014-06-05 06:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 00:23 - 2014-06-05 06:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 00:02 - 2014-07-09 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeInIgnition
2014-07-02 08:33 - 2014-07-02 08:33 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-02 08:31 - 2014-07-02 08:32 - 00283952 _____ (Mozilla) C:\Users\Lynn\Downloads\Firefox Setup Stub 30.0.exe
2014-07-02 07:56 - 2014-07-02 07:56 - 01070592 _____ () C:\Users\Lynn\Downloads\MicrosoftFixit50569.msi
2014-07-02 07:20 - 2014-07-02 07:20 - 02347384 _____ (ESET) C:\Users\Lynn\Downloads\esetsmartinstaller_enu (1).exe
2014-07-02 06:18 - 2014-07-02 06:18 - 02347384 _____ (ESET) C:\Users\Lynn\Downloads\esetsmartinstaller_enu.exe
2014-07-02 06:05 - 2014-07-02 06:05 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 05:26 - 2010-08-29 23:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 05:25 - 2014-07-02 08:20 - 00000000 ____D () C:\AdwCleaner
2014-07-01 21:30 - 2014-07-01 21:30 - 00608112 _____ () C:\Users\Lynn\Downloads\6 Figure Teleseminar Report
2014-07-01 21:21 - 2014-07-01 21:21 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar (2).ics
2014-07-01 21:21 - 2014-07-01 21:21 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar (1).ics
2014-07-01 21:20 - 2014-07-01 21:20 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar.ics
2014-06-30 08:50 - 2014-06-30 08:50 - 00000325 _____ () C:\Users\Lynn\Downloads\admhelper (3).adh
2014-06-30 08:50 - 2014-06-30 08:50 - 00000325 _____ () C:\Users\Lynn\Downloads\admhelper (2).adh
2014-06-30 08:49 - 2014-06-30 08:49 - 00000328 _____ () C:\Users\Lynn\Downloads\admhelper.adh
2014-06-30 08:49 - 2014-06-30 08:49 - 00000328 _____ () C:\Users\Lynn\Downloads\admhelper (1).adh
2014-06-24 21:15 - 2014-07-10 03:28 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-06-24 20:57 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2014-06-24 20:57 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2014-06-24 20:57 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-24 20:57 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
==================== One Month Modified Files and Folders =======
2014-07-21 19:49 - 2014-07-21 17:34 - 00000000 ____D () C:\FRST
2014-07-21 06:54 - 2014-02-24 08:11 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 06:43 - 2014-02-24 08:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 06:25 - 2010-12-01 21:03 - 01406079 _____ () C:\Windows\WindowsUpdate.log
2014-07-21 06:24 - 2009-07-13 20:45 - 00016304 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-21 06:24 - 2009-07-13 20:45 - 00016304 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-21 06:10 - 2012-05-03 02:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-21 05:58 - 2013-11-05 08:23 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480214603-3922382801-2139169186-1001UA.job
2014-07-21 05:55 - 2011-03-08 09:06 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-21 05:53 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-21 05:52 - 2009-07-13 20:51 - 00166315 _____ () C:\Windows\setupact.log
2014-07-17 03:52 - 2014-07-15 08:29 - 00003362 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-17 03:52 - 2014-07-15 08:29 - 00003226 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-17 03:52 - 2012-05-04 12:59 - 00000000 ___RD () C:\Users\Lynn\Dropbox
2014-07-17 03:52 - 2012-05-04 12:20 - 00000000 ____D () C:\Users\Lynn\AppData\Roaming\Dropbox
2014-07-17 03:51 - 2014-05-16 01:31 - 00000000 ____D () C:\Users\Lynn\AppData\Roaming\DropboxMaster
2014-07-17 03:45 - 2013-09-24 06:03 - 00000000 ____D () C:\Users\Lynn\AppData\Local\2FAFD42E-B644-4862-B97C-FF916ADDDF83.aplzod
2014-07-17 03:40 - 2011-04-28 06:53 - 00000000 ____D () C:\Users\Lynn\Documents\Outlook Files
2014-07-17 03:38 - 2011-03-24 08:59 - 00000000 ____D () C:\Program Files\Freedom Scientific
2014-07-17 03:33 - 2014-07-17 03:33 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-17 03:33 - 2014-07-17 03:33 - 00003204 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1480214603-3922382801-2139169186-1001
2014-07-17 03:32 - 2013-06-04 06:05 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-17 03:06 - 2013-11-05 08:23 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1480214603-3922382801-2139169186-1001Core.job
2014-07-17 01:09 - 2011-04-16 08:33 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FA112DB7-BDA9-42D3-B11A-86B25AD2F21C}
2014-07-15 06:36 - 2010-12-01 20:58 - 00546534 _____ () C:\Windows\PFRO.log
2014-07-15 06:09 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-15 05:43 - 2014-06-20 06:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-07-15 04:27 - 2014-07-15 04:27 - 01070592 _____ () C:\Users\Lynn\Downloads\MicrosoftFixit50569 (1).msi
2014-07-15 02:41 - 2013-06-04 06:05 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-15 02:40 - 2014-07-15 02:40 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-15 02:40 - 2014-05-28 10:24 - 00029208 _____ () C:\Windows\System32\Drivers\aswHwid.sys
2014-07-15 02:40 - 2014-02-24 08:04 - 00092008 _____ (AVAST Software) C:\Windows\System32\Drivers\aswstm.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 01041168 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsnx.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 00427360 _____ (AVAST Software) C:\Windows\System32\Drivers\aswsp.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 00307344 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2014-07-15 02:40 - 2013-06-04 06:05 - 00224896 _____ () C:\Windows\System32\Drivers\aswVmm.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 00093568 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 00079184 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2014-07-15 02:40 - 2013-06-04 06:05 - 00065776 _____ () C:\Windows\System32\Drivers\aswRvrt.sys
2014-07-15 02:25 - 2014-07-15 02:25 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Apple
2014-07-15 02:25 - 2013-06-06 04:44 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-14 01:03 - 2009-07-13 21:13 - 00795246 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-13 13:23 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-07-13 08:07 - 2009-07-13 21:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-10 03:28 - 2014-06-24 21:15 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-07-10 02:48 - 2009-07-13 20:45 - 00416688 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-07-10 02:45 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 02:45 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 02:44 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\System32\Dism
2014-07-10 00:18 - 2011-04-16 08:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 00:15 - 2013-08-07 18:40 - 00000000 ____D () C:\Windows\System32\MRT
2014-07-10 00:11 - 2011-05-04 02:56 - 96441528 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-07-09 04:36 - 2014-07-09 04:36 - 00164142 _____ () C:\Users\Lynn\Downloads\WordPress-Services-Toolkit.zip
2014-07-09 00:02 - 2014-07-09 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\LogMeInIgnition
2014-07-08 23:59 - 2012-05-03 02:54 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 23:59 - 2012-05-03 02:54 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 23:59 - 2011-05-19 12:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-02 10:43 - 2011-03-09 06:58 - 00000000 ____D () C:\Users\Lynn\AppData\Roaming\Skype
2014-07-02 08:33 - 2014-07-02 08:33 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-02 08:33 - 2014-07-02 08:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-02 08:33 - 2011-03-09 05:51 - 00000000 ____D () C:\Users\Lynn\AppData\Roaming\Mozilla
2014-07-02 08:33 - 2011-03-09 05:51 - 00000000 ____D () C:\Users\Lynn\AppData\Local\Mozilla
2014-07-02 08:32 - 2014-07-02 08:31 - 00283952 _____ (Mozilla) C:\Users\Lynn\Downloads\Firefox Setup Stub 30.0.exe
2014-07-02 08:20 - 2014-07-02 05:25 - 00000000 ____D () C:\AdwCleaner
2014-07-02 07:56 - 2014-07-02 07:56 - 01070592 _____ () C:\Users\Lynn\Downloads\MicrosoftFixit50569.msi
2014-07-02 07:20 - 2014-07-02 07:20 - 02347384 _____ (ESET) C:\Users\Lynn\Downloads\esetsmartinstaller_enu (1).exe
2014-07-02 06:18 - 2014-07-02 06:18 - 02347384 _____ (ESET) C:\Users\Lynn\Downloads\esetsmartinstaller_enu.exe
2014-07-02 06:05 - 2014-07-02 06:05 - 00000000 ____D () C:\Windows\ERUNT
2014-07-02 05:18 - 2014-05-20 06:54 - 00029575 _____ () C:\Windows\IE11_main.log
2014-07-01 21:30 - 2014-07-01 21:30 - 00608112 _____ () C:\Users\Lynn\Downloads\6 Figure Teleseminar Report
2014-07-01 21:21 - 2014-07-01 21:21 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar (2).ics
2014-07-01 21:21 - 2014-07-01 21:21 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar (1).ics
2014-07-01 21:20 - 2014-07-01 21:20 - 00000824 _____ () C:\Users\Lynn\Downloads\calendar.ics
2014-06-30 08:50 - 2014-06-30 08:50 - 00000325 _____ () C:\Users\Lynn\Downloads\admhelper (3).adh
2014-06-30 08:50 - 2014-06-30 08:50 - 00000325 _____ () C:\Users\Lynn\Downloads\admhelper (2).adh
2014-06-30 08:49 - 2014-06-30 08:49 - 00000328 _____ () C:\Users\Lynn\Downloads\admhelper.adh
2014-06-30 08:49 - 2014-06-30 08:49 - 00000328 _____ () C:\Users\Lynn\Downloads\admhelper (1).adh
2014-06-29 18:09 - 2014-07-09 00:25 - 00519168 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-06-29 18:04 - 2014-07-09 00:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-06-28 02:19 - 2014-06-17 06:01 - 00779556 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-24 21:15 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-24 21:15 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
Files to move or delete:
====================
C:\ProgramData\TempMOBK-update-6f587c3c1a49f2fdf5254a3e5ed05791.exe
C:\Users\Lynn\iTunes64Setup.exe
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\ExcelColumnAndRowHeadersJAWS.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining1.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining2.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining3.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining4.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining5.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining6.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining7.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining8.exe
C:\Users\Administrator\AppData\Local\Temp\JAWS13BasicTraining9.exe
C:\Users\Administrator\AppData\Local\Temp\JAWSUpdate.dll
C:\Users\Administrator\AppData\Local\Temp\OpenBookOverview.exe
C:\Users\Administrator\AppData\Local\Temp\PlaceMarkers.exe
C:\Users\Administrator\AppData\Local\Temp\ResearchIt.exe
C:\Users\Administrator\AppData\Local\Temp\SettingsCenter.exe
C:\Users\Administrator\AppData\Local\Temp\Tandem.exe
C:\Users\Administrator\AppData\Local\Temp\TextAnalyzer.exe
C:\Users\Administrator\AppData\Local\Temp\VirtualRibbonMenus.exe
C:\Users\Administrator\AppData\Local\Temp\VoiceProfiles.exe
C:\Users\Administrator\AppData\Local\Temp\WhatIsNew14.exe
C:\Users\Administrator\AppData\Local\Temp\WordIndex.exe
C:\Users\Administrator\AppData\Local\Temp\XTraCustomLabelsWordIE.exe
C:\Users\Administrator\AppData\Local\Temp\XTraDocumentPresentationAndHTMLElementSelection.exe
C:\Users\Administrator\AppData\Local\Temp\XTraExcelFormsJAWS.exe
C:\Users\Administrator\AppData\Local\Temp\XTraLaptopKeystrokes.exe
C:\Users\Administrator\AppData\Local\Temp\XTraOffice2007IntroJAWS.exe
C:\Users\Administrator\AppData\Local\Temp\XTraSkimReadingWithSummary.exe
C:\Users\Administrator\AppData\Local\Temp\XTraSmartWordReading.exe
C:\Users\Administrator\AppData\Local\Temp\XTraSpeechAndSounds.exe
C:\Users\Administrator\AppData\Local\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll
C:\Users\Lynn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgywvep.dll
C:\Users\Lynn\AppData\Local\Temp\ExcelColumnAndRowHeaders.exe
C:\Users\Lynn\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Lynn\AppData\Local\Temp\install_flashplayer11x32ax_aaa_aih.exe
C:\Users\Lynn\AppData\Local\Temp\install_flashplayer11x32ax_aaa_aih[1].exe
C:\Users\Lynn\AppData\Local\Temp\install_flashplayer11x32ax_aaa_aih_1.exe
C:\Users\Lynn\AppData\Local\Temp\install_flashplayer11x32ax_gtbd_chrd_dn_aih[1].exe
C:\Users\Lynn\AppData\Local\Temp\JAWS11BasicTraining.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS11BasicTraining4.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS11BasicTraining5.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS11BasicTraining7.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS11BasicTraining8.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS12BasicTraining2.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS12BasicTraining3.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS12BasicTraining6.exe
C:\Users\Lynn\AppData\Local\Temp\JAWS12BasicTraining9.exe
C:\Users\Lynn\AppData\Local\Temp\lowproc.exe
C:\Users\Lynn\AppData\Local\Temp\MSNBC9A.exe
C:\Users\Lynn\AppData\Local\Temp\msvcp110.dll
C:\Users\Lynn\AppData\Local\Temp\msvcr110.dll
C:\Users\Lynn\AppData\Local\Temp\OpenBookOverview.exe
C:\Users\Lynn\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\Lynn\AppData\Local\Temp\PlaceMarkers.exe
C:\Users\Lynn\AppData\Local\Temp\ResearchIt.exe
C:\Users\Lynn\AppData\Local\Temp\rnsetup0.exe
C:\Users\Lynn\AppData\Local\Temp\rnsetup1.exe
C:\Users\Lynn\AppData\Local\Temp\rnupdate0.exe
C:\Users\Lynn\AppData\Local\Temp\SettingsCenter.exe
C:\Users\Lynn\AppData\Local\Temp\setup.exe
C:\Users\Lynn\AppData\Local\Temp\sqlite3.dll
C:\Users\Lynn\AppData\Local\Temp\stubhelper.dll
C:\Users\Lynn\AppData\Local\Temp\Tandem.exe
C:\Users\Lynn\AppData\Local\Temp\TextAnalyzer.exe
C:\Users\Lynn\AppData\Local\Temp\VirtualRibbonMenus.exe
C:\Users\Lynn\AppData\Local\Temp\VoiceProfiles.exe
C:\Users\Lynn\AppData\Local\Temp\WhatIsNew12.exe
C:\Users\Lynn\AppData\Local\Temp\WordIndex.exe
C:\Users\Lynn\AppData\Local\Temp\XTraCustomLabelsWordIE.exe
C:\Users\Lynn\AppData\Local\Temp\XTraExcelFormsJAWS.exe
C:\Users\Lynn\AppData\Local\Temp\XTraLaptopKeystrokes.exe
C:\Users\Lynn\AppData\Local\Temp\XTraOffice2007IntroJAWS.exe
C:\Users\Lynn\AppData\Local\Temp\XTraSkimReadingWithSummary.exe
C:\Users\Lynn\AppData\Local\Temp\XTraSmartWordReading.exe
C:\Users\Lynn\AppData\Local\Temp\XTraSpeechAndSounds.exe
C:\Users\Lynn\AppData\Local\Temp\{0BEFE152-34B1-450C-9B38-217BFD1B1064}-30.0.1599.101_chrome_installer.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE Association (whitelisted) =============
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 3824.43 MB
Available physical RAM: 3200.04 MB
Total Pagefile: 3822.57 MB
Available Pagefile: 3199.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:149.04 GB) (Free:30.17 GB) NTFS
Drive e: (Data) (Fixed) (Total:148.65 GB) (Free:90.89 GB) NTFS
Drive g: (UDISK 2.0) (Removable) (Total:3.84 GB) (Free:3.83 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 16A6DB17)
Partition 1: (Active) - (Size=400 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 8D9CAF44)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)
LastRegBack: 2014-07-08 01:43
==================== End Of Log ============================