Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by DougWendy (administrator) on FAMILYPC on 16-05-2014 20:18:25
Running from C:\Users\DougWendy\Downloads
Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Code 42 Software) C:\Program Files\CrashPlan\CrashPlanService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7158344 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-08-29] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [206240 2010-08-23] (CANON INC.)
HKU\S-1-5-21-1667700695-4105642080-2727116873-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1667700695-4105642080-2727116873-1001\...\MountPoints2: {7476521f-d6c2-11e3-be98-d850e6c581e7} - "O:\LaunchU3.exe" -a
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CrashPlan Tray.lnk
ShortcutTarget: CrashPlan Tray.lnk -> C:\Program Files\CrashPlan\CrashPlanTray.exe (Code 42 Software, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
FireFox:
========
FF ProfilePath: C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default
FF Homepage: hxxp://www.mercercountysports.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\DougWendy\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Bitdefender QuickScan - C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-03-24]
FF Extension: NoScript - C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-24]
FF Extension: Adblock Plus - C:\Users\DougWendy\AppData\Roaming\Mozilla\Firefox\Profiles\to9hmuv0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-24]
Chrome:
=======
CHR HomePage: hxxp://www.mercercountysports.com/
CHR StartupUrls: "hxxp://www.mercercountysports.com/"
CHR Extension: (Google Docs) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-24]
CHR Extension: (Google Drive) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-24]
CHR Extension: (YouTube) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-24]
CHR Extension: (Google Search) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-24]
CHR Extension: (avast! Online Security) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-24]
CHR Extension: (Daily Bible Guide) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjgekpddapedobkjbmeefnjofabigbi [2014-05-06]
CHR Extension: (Tom Sachs) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppegiodmddaaljhkfjokkepamifbekj [2014-03-24]
CHR Extension: (Google Wallet) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-24]
CHR Extension: (Gmail) - C:\Users\DougWendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-24]
==================== Services (Whitelisted) =================
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [223232 2014-02-19] (Code 42 Software)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-05-15] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
S2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [X]
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2014-04-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-24] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-24] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R1 {9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64; C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112 2014-05-12] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-16 20:18 - 2014-05-16 20:18 - 00016743 _____ () C:\Users\DougWendy\Downloads\FRST.txt
2014-05-16 20:18 - 2014-05-16 20:18 - 00000000 ____D () C:\FRST
2014-05-16 20:17 - 2014-05-16 20:17 - 02067456 _____ (Farbar) C:\Users\DougWendy\Downloads\FRST64.exe
2014-05-16 10:22 - 2014-05-16 10:22 - 00204888 _____ () C:\Users\DougWendy\Desktop\malware removal forum post.txt
2014-05-16 09:26 - 2014-05-16 09:26 - 00130464 _____ () C:\Users\DougWendy\Downloads\OTL.Txt
2014-05-16 09:26 - 2014-05-16 09:26 - 00073206 _____ () C:\Users\DougWendy\Downloads\Extras.Txt
2014-05-16 09:10 - 2014-05-16 09:10 - 00602112 _____ (OldTimer Tools) C:\Users\DougWendy\Downloads\OTL.exe
2014-05-16 09:09 - 2014-05-16 09:09 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds(2).scr
2014-05-16 09:02 - 2014-05-16 09:02 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds.com
2014-05-16 08:59 - 2014-05-16 08:59 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds(1).scr
2014-05-16 08:56 - 2014-05-16 08:56 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds.scr
2014-05-16 08:28 - 2014-05-16 08:29 - 00002288 _____ () C:\Users\DougWendy\Documents\Deacon meeting minutes from May 4, 2014.txt
2014-05-16 08:23 - 2014-05-16 08:23 - 00000000 ____D () C:\Users\DougWendy\Desktop\OpenOffice 4.1.0 (en-US) Installation Files
2014-05-16 08:22 - 2014-05-16 08:23 - 140910890 _____ () C:\Users\DougWendy\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-05-15 11:40 - 2014-05-15 11:40 - 00000498 _____ () C:\WINDOWS\system32\.crusader
2014-05-15 10:49 - 2014-05-15 10:49 - 00001916 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-05-15 10:49 - 2014-05-15 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-05-15 10:49 - 2014-05-15 10:49 - 00000000 ____D () C:\Program Files\HitmanPro
2014-05-15 10:42 - 2014-05-15 11:40 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-15 10:23 - 2014-05-15 10:24 - 10971424 _____ (SurfRight B.V.) C:\Users\DougWendy\Downloads\HitmanPro_x64.exe
2014-05-15 09:50 - 2014-05-16 19:47 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-15 09:50 - 2014-05-15 09:50 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-15 09:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-05-15 09:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-05-15 09:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-05-15 09:49 - 2014-05-15 09:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\DougWendy\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-15 09:47 - 2014-05-15 09:47 - 00000888 _____ () C:\Users\DougWendy\Desktop\JRT.txt
2014-05-15 09:41 - 2014-05-15 09:41 - 01016261 _____ (Thisisu) C:\Users\DougWendy\Downloads\JRT.exe
2014-05-15 09:41 - 2014-05-15 09:41 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-15 09:34 - 2014-05-15 09:35 - 00000000 ____D () C:\AdwCleaner
2014-05-15 09:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-15 09:33 - 2014-05-15 09:33 - 01325827 _____ () C:\Users\DougWendy\Downloads\adwcleaner_3.208.exe
2014-05-14 14:38 - 2014-05-06 00:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 14:38 - 2014-05-05 23:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 14:38 - 2014-05-05 23:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 14:38 - 2014-05-05 22:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 14:38 - 2014-04-11 06:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 14:38 - 2014-04-11 06:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 14:38 - 2014-04-11 04:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 14:38 - 2014-04-11 02:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 14:38 - 2014-04-11 01:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 14:38 - 2014-04-11 01:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 14:38 - 2014-04-10 23:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 14:38 - 2014-04-10 23:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 14:38 - 2014-04-10 23:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 14:38 - 2014-04-10 23:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 14:38 - 2014-04-10 23:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 14:38 - 2014-04-10 23:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 14:38 - 2014-04-10 23:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 14:38 - 2014-04-10 23:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 14:38 - 2014-04-10 23:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 14:38 - 2014-04-10 23:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 14:38 - 2014-04-10 22:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 14:38 - 2014-04-10 22:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 14:38 - 2014-04-10 22:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 14:38 - 2014-04-10 22:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 14:38 - 2014-04-10 22:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 14:38 - 2014-04-10 22:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 14:38 - 2014-04-10 22:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 14:38 - 2014-04-10 22:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 14:38 - 2014-04-10 22:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 14:38 - 2014-04-10 22:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 14:38 - 2014-04-10 22:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 14:38 - 2014-03-23 22:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 14:38 - 2014-03-23 22:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 14:38 - 2014-03-23 22:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 14:38 - 2014-03-13 03:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 14:38 - 2014-03-13 02:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 14:37 - 2014-04-08 18:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 14:37 - 2014-04-08 18:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 14:37 - 2014-04-08 14:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 14:37 - 2014-04-08 14:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 14:37 - 2014-03-27 05:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 14:37 - 2014-03-27 03:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-13 13:14 - 2014-05-12 16:40 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
2014-05-13 11:44 - 2014-05-13 11:44 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\OpenOffice
2014-05-13 11:41 - 2014-05-15 09:35 - 00000000 ____D () C:\Program Files (x86)\webget
2014-05-13 11:41 - 2014-05-13 11:41 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-05-13 11:41 - 2014-05-13 11:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-05-13 11:41 - 2014-05-13 11:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-13 11:16 - 2014-05-13 11:16 - 01070624 _____ (Unity Technologies ApS) C:\Users\DougWendy\Downloads\UnityWebPlayer.exe
2014-05-12 20:30 - 2014-05-12 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series
2014-05-12 20:30 - 2014-05-12 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-12 20:26 - 2014-05-12 20:26 - 26877072 _____ () C:\Users\DougWendy\Downloads\mp68-win-mp560-1_06-ea24.exe
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 __SHD () C:\Users\DougWendy\AppData\Local\EmieUserList
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 __SHD () C:\Users\DougWendy\AppData\Local\EmieSiteList
2014-05-10 04:50 - 2014-05-10 04:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 20:36 - 2014-05-08 20:55 - 00000000 ____D () C:\Users\DougWendy\Desktop\HeraldSubmissions
2014-05-02 13:37 - 2014-05-02 13:37 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 13:36 - 2014-05-02 13:36 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-24 05:55 - 2014-04-24 05:55 - 00000000 ____D () C:\ProgramData\GZ
2014-04-21 22:18 - 2014-04-21 22:18 - 00000000 ____D () C:\Users\DougWendy\Documents\Adobe
2014-04-21 21:24 - 2014-04-21 21:24 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.4 64-bit.lnk
2014-04-21 21:24 - 2014-04-21 21:24 - 00002078 _____ () C:\Users\Public\Desktop\Lightroom 5.4 64-bit.lnk
2014-04-21 21:24 - 2014-04-21 21:24 - 00000000 ____D () C:\Program Files\Adobe
2014-04-21 21:18 - 2014-04-21 21:18 - 00003510 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-nashtockdw@hotmail.com
2014-04-21 21:18 - 2014-04-21 21:18 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2014-04-21 21:17 - 2014-04-21 21:17 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\NVIDIA
2014-04-21 21:12 - 2014-04-21 21:17 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-21 21:12 - 2014-04-21 21:12 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk
2014-04-21 21:12 - 2014-04-21 21:12 - 00000771 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
2014-04-21 21:11 - 2014-04-21 21:24 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-21 20:56 - 2014-04-21 20:56 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-04-21 20:56 - 2014-04-21 20:56 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-04-21 20:56 - 2014-04-21 20:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-21 20:51 - 2014-04-21 20:51 - 02808712 _____ (Adobe Systems Incorporated) C:\Users\DougWendy\Downloads\CreativeCloudSet-Up.exe
2014-04-21 17:26 - 2014-04-21 17:26 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-04-20 13:25 - 2014-04-20 13:25 - 00000000 ____D () C:\Users\DougWendy\Desktop\Easter 2014
==================== One Month Modified Files and Folders =======
2014-05-16 20:18 - 2014-05-16 20:18 - 00016743 _____ () C:\Users\DougWendy\Downloads\FRST.txt
2014-05-16 20:18 - 2014-05-16 20:18 - 00000000 ____D () C:\FRST
2014-05-16 20:17 - 2014-05-16 20:17 - 02067456 _____ (Farbar) C:\Users\DougWendy\Downloads\FRST64.exe
2014-05-16 20:06 - 2014-03-30 10:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{DD7D5603-915A-4950-A4FE-DF764191344E}
2014-05-16 20:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-16 19:47 - 2014-05-15 09:50 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-05-16 19:43 - 2014-03-24 10:28 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 19:21 - 2014-03-23 22:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-05-16 16:13 - 2014-04-04 23:37 - 01350802 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-16 10:22 - 2014-05-16 10:22 - 00204888 _____ () C:\Users\DougWendy\Desktop\malware removal forum post.txt
2014-05-16 09:26 - 2014-05-16 09:26 - 00130464 _____ () C:\Users\DougWendy\Downloads\OTL.Txt
2014-05-16 09:26 - 2014-05-16 09:26 - 00073206 _____ () C:\Users\DougWendy\Downloads\Extras.Txt
2014-05-16 09:10 - 2014-05-16 09:10 - 00602112 _____ (OldTimer Tools) C:\Users\DougWendy\Downloads\OTL.exe
2014-05-16 09:09 - 2014-05-16 09:09 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds(2).scr
2014-05-16 09:02 - 2014-05-16 09:02 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds.com
2014-05-16 08:59 - 2014-05-16 08:59 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds(1).scr
2014-05-16 08:56 - 2014-05-16 08:56 - 00688992 _____ (Swearware) C:\Users\DougWendy\Downloads\dds.scr
2014-05-16 08:29 - 2014-05-16 08:28 - 00002288 _____ () C:\Users\DougWendy\Documents\Deacon meeting minutes from May 4, 2014.txt
2014-05-16 08:23 - 2014-05-16 08:23 - 00000000 ____D () C:\Users\DougWendy\Desktop\OpenOffice 4.1.0 (en-US) Installation Files
2014-05-16 08:23 - 2014-05-16 08:22 - 140910890 _____ () C:\Users\DougWendy\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe
2014-05-16 02:00 - 2014-03-23 20:41 - 00000000 ____D () C:\Users\DougWendy\AppData\Local\Adobe
2014-05-15 21:47 - 2014-03-23 15:06 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1667700695-4105642080-2727116873-1001
2014-05-15 21:43 - 2014-03-24 10:28 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 21:43 - 2014-03-24 10:28 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 11:44 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2014-05-15 11:43 - 2014-03-24 00:12 - 00000000 __RDO () C:\Users\DougWendy\SkyDrive
2014-05-15 11:42 - 2014-03-23 23:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-15 11:42 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-15 11:40 - 2014-05-15 11:40 - 00000498 _____ () C:\WINDOWS\system32\.crusader
2014-05-15 11:40 - 2014-05-15 10:42 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-05-15 10:49 - 2014-05-15 10:49 - 00001916 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-05-15 10:49 - 2014-05-15 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-05-15 10:49 - 2014-05-15 10:49 - 00000000 ____D () C:\Program Files\HitmanPro
2014-05-15 10:24 - 2014-05-15 10:23 - 10971424 _____ (SurfRight B.V.) C:\Users\DougWendy\Downloads\HitmanPro_x64.exe
2014-05-15 10:23 - 2014-03-23 22:05 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\QuickScan
2014-05-15 10:19 - 2014-04-08 21:03 - 00003774 _____ () C:\WINDOWS\PFRO.log
2014-05-15 10:19 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-05-15 09:50 - 2014-05-15 09:50 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-15 09:50 - 2014-05-15 09:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-15 09:49 - 2014-05-15 09:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\DougWendy\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-15 09:47 - 2014-05-15 09:47 - 00000888 _____ () C:\Users\DougWendy\Desktop\JRT.txt
2014-05-15 09:41 - 2014-05-15 09:41 - 01016261 _____ (Thisisu) C:\Users\DougWendy\Downloads\JRT.exe
2014-05-15 09:41 - 2014-05-15 09:41 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-05-15 09:36 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-15 09:36 - 2012-07-26 01:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-05-15 09:35 - 2014-05-15 09:34 - 00000000 ____D () C:\AdwCleaner
2014-05-15 09:35 - 2014-05-13 11:41 - 00000000 ____D () C:\Program Files (x86)\webget
2014-05-15 09:33 - 2014-05-15 09:33 - 01325827 _____ () C:\Users\DougWendy\Downloads\adwcleaner_3.208.exe
2014-05-15 09:26 - 2014-03-23 14:49 - 00000000 ___RD () C:\Users\DougWendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 09:26 - 2014-03-23 14:49 - 00000000 ___RD () C:\Users\DougWendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 07:40 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-15 07:27 - 2013-08-22 10:44 - 05094992 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 07:26 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 04:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 04:57 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-15 04:56 - 2014-03-23 20:37 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-15 04:56 - 2014-03-23 20:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-15 04:56 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-13 14:21 - 2014-03-23 22:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-13 11:44 - 2014-05-13 11:44 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\OpenOffice
2014-05-13 11:41 - 2014-05-13 11:41 - 00001128 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-05-13 11:41 - 2014-05-13 11:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-05-13 11:41 - 2014-05-13 11:41 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-05-13 11:16 - 2014-05-13 11:16 - 01070624 _____ (Unity Technologies ApS) C:\Users\DougWendy\Downloads\UnityWebPlayer.exe
2014-05-12 20:30 - 2014-05-12 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP560 series
2014-05-12 20:30 - 2014-05-12 20:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon IJ Network Utilities
2014-05-12 20:30 - 2014-03-24 12:16 - 00002036 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-05-12 20:30 - 2014-03-24 12:16 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-05-12 20:30 - 2013-08-22 11:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-05-12 20:26 - 2014-05-12 20:26 - 26877072 _____ () C:\Users\DougWendy\Downloads\mp68-win-mp560-1_06-ea24.exe
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 __SHD () C:\Users\DougWendy\AppData\Local\EmieUserList
2014-05-12 19:46 - 2014-05-12 19:46 - 00000000 __SHD () C:\Users\DougWendy\AppData\Local\EmieSiteList
2014-05-12 16:40 - 2014-05-13 13:14 - 00061112 _____ (StdLib) C:\WINDOWS\system32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys
2014-05-10 20:57 - 2014-03-23 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-10 04:50 - 2014-05-10 04:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 21:38 - 2014-03-24 10:28 - 00003894 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 21:38 - 2014-03-24 10:28 - 00003658 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 20:55 - 2014-05-08 20:36 - 00000000 ____D () C:\Users\DougWendy\Desktop\HeraldSubmissions
2014-05-08 20:27 - 2013-11-14 03:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-08 20:23 - 2014-04-09 20:34 - 00003176 _____ () C:\WINDOWS\setupact.log
2014-05-08 02:07 - 2014-03-23 23:26 - 00000000 ____D () C:\Users\DougWendy
2014-05-06 00:40 - 2014-05-14 14:38 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-05 23:25 - 2014-05-14 14:38 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-05 23:00 - 2014-05-14 14:38 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-05 22:10 - 2014-05-14 14:38 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-02 13:37 - 2014-05-02 13:37 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 13:36 - 2014-05-02 13:36 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-01 16:30 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-05-01 16:30 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-24 05:55 - 2014-04-24 05:55 - 00000000 ____D () C:\ProgramData\GZ
2014-04-21 22:18 - 2014-04-21 22:18 - 00000000 ____D () C:\Users\DougWendy\Documents\Adobe
2014-04-21 22:18 - 2014-03-23 14:48 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\Adobe
2014-04-21 21:24 - 2014-04-21 21:24 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.4 64-bit.lnk
2014-04-21 21:24 - 2014-04-21 21:24 - 00002078 _____ () C:\Users\Public\Desktop\Lightroom 5.4 64-bit.lnk
2014-04-21 21:24 - 2014-04-21 21:24 - 00000000 ____D () C:\Program Files\Adobe
2014-04-21 21:24 - 2014-04-21 21:11 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-21 21:24 - 2013-08-29 06:17 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-21 21:18 - 2014-04-21 21:18 - 00003510 _____ () C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-nashtockdw@hotmail.com
2014-04-21 21:18 - 2014-04-21 21:18 - 00000796 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC (64bit).lnk
2014-04-21 21:17 - 2014-04-21 21:17 - 00000000 ____D () C:\Users\DougWendy\AppData\Roaming\NVIDIA
2014-04-21 21:17 - 2014-04-21 21:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-04-21 21:12 - 2014-04-21 21:12 - 00000824 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk
2014-04-21 21:12 - 2014-04-21 21:12 - 00000771 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC.lnk
2014-04-21 20:56 - 2014-04-21 20:56 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-04-21 20:56 - 2014-04-21 20:56 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-04-21 20:56 - 2014-04-21 20:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-21 20:55 - 2013-08-29 06:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-21 20:51 - 2014-04-21 20:51 - 02808712 _____ (Adobe Systems Incorporated) C:\Users\DougWendy\Downloads\CreativeCloudSet-Up.exe
2014-04-21 17:26 - 2014-04-21 17:26 - 00261056 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-04-21 17:26 - 2014-03-23 14:47 - 00000000 ____D () C:\Users\DougWendy\AppData\Local\VirtualStore
2014-04-20 13:25 - 2014-04-20 13:25 - 00000000 ____D () C:\Users\DougWendy\Desktop\Easter 2014
Some content of TEMP:
====================
C:\Users\DougWendy\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-11 06:34
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2014
Ran by DougWendy at 2014-05-16 20:18:58
Running from C:\Users\DougWendy\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
==================== Installed Programs ======================
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.4 64-bit (HKLM\...\{558B5965-CC1B-4AF1-BA07-5D6832404050}) (Version: 5.4.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5DA7ED45-2322-45AA-99B6-B8F94EBF859F}) (Version: 20.06.6362.4423 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.06.6362.4423 - Alcor Micro Corp.) Hidden
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ASUS Easy Update 2 (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 3.00.06 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CrashPlan (HKLM\...\{056FE336-5B2D-44A8-B013-EBF0343B0DC5}) (Version: 3.6.3 - Code 42 Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.216 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Open Office Packages (HKCU\...\Open Office Packages) (Version: - ) <==== ATTENTION
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Restore Points =========================
13-05-2014 15:41:18 Installed OpenOffice 4.0.1
16-05-2014 12:25:18 Installed OpenOffice 4.1.0
==================== Hosts content: ==========================
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {13BE30E9-54F8-46B7-80AC-8FFCDE5F512A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26EFDFF6-3688-47B0-B125-2FCC5C9B3DA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AC0E3A8-D810-480D-BD12-1E06FAF68A18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {5C9ED1AD-9E81-49BD-984E-060FB4D60045} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-15] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {705DFFC8-1818-4A62-BEE4-441C19A183E5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {70BA1D1B-B072-442B-96AC-4A8D160F5113} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8EF130F4-B9CB-4476-8A02-5463BF0A914D} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ABC0E8AD-D968-49E0-A293-BC8D2DC53333} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-nashtockdw@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {C20C6B3E-EA9F-46CB-A562-F9EFB6D9CBC2} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CD81DC57-176F-431A-80B9-56342AC6B379} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3EC89F0-0A5F-469E-A65C-12D5D4FFB00E} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EB153C92-2B43-4A66-A36B-ED02A95DF396} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-24] (Google Inc.)
Task: {F62D41D0-5995-4BA5-823A-31DA85F4DBC3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {F840152A-7F2B-4E7D-A38E-4929A9215A89} - System32\Tasks\ASUS\ASUS Easy Update 2 => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [2013-04-01] (ASUSTeK Computer Inc.)
Task: {FC31EAC6-BE4D-4442-B85D-734A14F52EB2} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1667700695-4105642080-2727116873-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-03-23 22:27 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
2014-03-23 22:27 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll
2014-03-23 23:23 - 2014-03-04 09:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-29 06:18 - 2012-06-01 05:42 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-12-19 02:10 - 2012-12-19 02:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-02-19 19:17 - 2014-02-19 19:17 - 00014848 _____ () C:\Program Files\CrashPlan\md564.dll
2014-02-19 19:17 - 2014-02-19 19:17 - 00230400 _____ () C:\Program Files\CrashPlan\cpnative64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-08-29 06:18 - 2014-05-15 11:42 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-08-29 06:18 - 2010-06-28 22:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-12-10 23:00 - 2013-02-15 20:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-10 04:50 - 2014-05-10 04:50 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\DougWendy\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\DougWendy\Downloads\adwcleaner_3.208.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_en-US.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\ccsetup412.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\CrashPlan-x64_3.6.3_Win.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\CreativeCloudSet-Up.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\CrucialScan.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\dds(1).scr:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\dds(2).scr:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\dds.com:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\dds.scr:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\HitmanPro_x64.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\JRT.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\mbam-setup-2.0.1.1004.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\mp68-win-mp560-1_06-ea24.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\OTL.exe:BDU
AlternateDataStreams: C:\Users\DougWendy\Downloads\UnityWebPlayer.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2014 00:27:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x5155445a
Faulting module name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x5155445a
Exception code: 0xc000041d
Fault offset: 0x0000a491
Faulting process id: 0x16d4
Faulting application start time: 0xLiveUpdt.exe0
Faulting application path: LiveUpdt.exe1
Faulting module path: LiveUpdt.exe2
Report Id: LiveUpdt.exe3
Faulting package full name: LiveUpdt.exe4
Faulting package-relative application ID: LiveUpdt.exe5
Error: (05/16/2014 00:27:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x5155445a
Faulting module name: LiveUpdt.exe, version: 2.0.0.0, time stamp: 0x5155445a
Exception code: 0xc0000005
Fault offset: 0x0000a491
Faulting process id: 0x16d4
Faulting application start time: 0xLiveUpdt.exe0
Faulting application path: LiveUpdt.exe1
Faulting module path: LiveUpdt.exe2
Report Id: LiveUpdt.exe3
Faulting package full name: LiveUpdt.exe4
Faulting package-relative application ID: LiveUpdt.exe5
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDED30).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:17 AM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF050).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 08:26:01 AM) (Source: MsiInstaller) (EventID: 1013) (User: FAMILYPC)
Description: Product: OpenOffice 4.1.0 -- Please exit OpenOffice 4.1.0 and the OpenOffice 4.1.0 Quickstarter before you continue. If you are using a multi-user system, also make sure that no other user has OpenOffice 4.1.0 open.
Error: (05/15/2014 10:16:27 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000F69E33F810).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/15/2014 10:16:27 PM) (Source: VSS) (EventID: 12294) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000F69E33F810).
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
System errors:
=============
Error: (05/15/2014 11:42:53 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error:
%%0
Error: (05/15/2014 11:41:03 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
%%5
Error: (05/15/2014 10:19:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062
Microsoft Office Sessions:
=========================
Error: (05/16/2014 00:27:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LiveUpdt.exe2.0.0.05155445aLiveUpdt.exe2.0.0.05155445ac000041d0000a49116d401cf711e526c20acC:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exeC:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exefd6bec99-dd16-11e3-be9f-d850e6c581e7
Error: (05/16/2014 00:27:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LiveUpdt.exe2.0.0.05155445aLiveUpdt.exe2.0.0.05155445ac00000050000a49116d401cf711e526c20acC:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exeC:\Program Files (x86)\ASUS\ASUS Easy Update\LiveUpdt.exefcda7cae-dd16-11e3-be9f-d850e6c581e7
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF410)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:22 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDED30)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 09:07:17 AM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},0000008B3DCDF050)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/16/2014 08:26:01 AM) (Source: MsiInstaller) (EventID: 1013) (User: FAMILYPC)
Description: Product: OpenOffice 4.1.0 -- Please exit OpenOffice 4.1.0 and the OpenOffice 4.1.0 Quickstarter before you continue. If you are using a multi-user system, also make sure that no other user has OpenOffice 4.1.0 open.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (05/15/2014 10:16:27 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000F69E33F810)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
Error: (05/15/2014 10:16:27 PM) (Source: VSS) (EventID: 12294) (User: )
Description: {b5946137-7b9f-4925-af80-51abd60b20d5}GetSnapshot({00000000-0000-0000-0000-000000000000},000000F69E33F810)
Operation:
Get Shadow Copy Properties
Context:
Execution Context: Coordinator
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 16291.13 MB
Available physical RAM: 11200.61 MB
Total Pagefile: 18723.13 MB
Available Pagefile: 12836.97 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:61.87 GB) NTFS
Drive d: (Data) (Fixed) (Total:758.21 GB) (Free:754.16 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:2794.39 GB) (Free:1300.32 GB) NTFS
Drive k: (My Passport) (Fixed) (Total:465.64 GB) (Free:12.98 GB) FAT32
Drive l: (Photoshop ) (Fixed) (Total:111.79 GB) (Free:108.77 GB) NTFS
Drive m: (My Book) (Fixed) (Total:3725.99 GB) (Free:1897.37 GB) NTFS
Drive n: (My Passport) (Fixed) (Total:931.48 GB) (Free:103.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 15430E25)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 112 GB) (Disk ID: 311109D9)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or (Size: 2795 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 3 (Size: 466 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 8.
========================================================
Disk: 9 (MBR Code: Windows XP) (Size: 931 GB) (Disk ID: 00042ADA)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================