Sorry about the delay it got late here..I think we are in differnt time zones....OK will paste the logs, was not quite sure about that... feels a little exposed and there was an up load function which opens on ones computer. Also I am getting message from the Microsoft folks about unreported issues but I did nothing with it since I think one of yoour conditions is that we do nothing from outside the blog until you finish your work... so here goes
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2012
Ran by SYSTEM at 21-11-2012 17:46:00
Running from G:\
Windows 7 Professional (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11490408 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [2179688 2010-12-03] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] %ProgramFiles%\Apoint\Apoint.exe [x]
HKLM\...\Run: [ClientAppLogon] C:\Program Files\TrueSuite\TrueSuite.ClientAppLogonExe.exe [421192 2010-12-13] (AuthenTec, Inc.)
HKLM\...\Run: [ClientAppLogon32] C:\Program Files\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe [308040 2010-12-13] (AuthenTec, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" [673168 2010-11-17] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VAIO Boot Manager] "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe" [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [MMReminderService] C:\Program Files (x86)\Mindjet\MindManager 10\MMReminderService.exe [38248 2011-11-10] (Mindjet)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent [x]
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3143800 2012-11-06] (AVG Technologies CZ, s.r.o.)
HKU\Cecilia\...\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized [23069600 2012-09-11] (VoipBuster)
HKU\Cecilia\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Cecilia\...\Run: [EPSON14FFC7 (Epson Stylus SX420W)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Windows\TEMP\E_S86EA.tmp" /EF "HKCU" [224768 2009-09-14] (SEIKO EPSON CORPORATION)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
AppInit_DLLs:
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Services (Whitelisted) ===================
2 ABBYY.Licensing.FineReader.Sprint.9.0; "C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service [759048 2009-05-14] (ABBYY)
3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 avgfws; "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" [1340976 2012-11-02] (AVG Technologies CZ, s.r.o.)
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" [5814392 2012-11-06] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
2 FPLService; "C:\Program Files\TrueSuite\TrueSuite.Service.exe" [290632 2010-12-13] (AuthenTec, Inc)
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
2 SampleCollector; "C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata" [259192 2011-01-29] (Sony Corporation)
2 VMCService; "C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe" [9216 2009-11-16] (Vodafone)
==================== Drivers (Whitelisted) =====================
1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)
0 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
0 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [111456 2012-10-05] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
3 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [133632 2009-11-04] (Huawei Technologies Co., Ltd.)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-11-21 17:17 - 2012-11-21 17:17 - 01476262 ____A C:\Users\Cecilia\Desktop\computer info.bmp
2012-11-21 14:10 - 2012-11-21 14:43 - 00000000 ____D C:\Users\Cecilia\Desktop\MW problem
2012-11-21 08:57 - 2012-11-21 08:57 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-21 08:57 - 2012-09-29 19:54 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-11-21 08:51 - 2012-11-21 08:51 - 00001284 ____A C:\Users\Cecilia\Desktop\mbam-setup-1.65.1.1000.exe - Shortcut.lnk
2012-11-21 08:49 - 2012-11-21 08:49 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Cecilia\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-20 21:39 - 2012-07-26 03:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-20 21:39 - 2012-07-26 03:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-20 21:39 - 2012-07-26 03:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-20 21:39 - 2012-07-26 03:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-20 21:39 - 2012-07-26 03:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-20 21:39 - 2012-07-26 02:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-20 21:39 - 2012-07-26 02:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-20 21:39 - 2012-06-02 14:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-20 21:35 - 2012-09-25 22:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-11-20 21:35 - 2012-09-25 22:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-20 19:17 - 2012-11-21 08:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-20 19:17 - 2012-11-20 19:17 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\Malwarebytes
2012-11-20 19:17 - 2012-11-20 19:17 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-20 18:06 - 2012-11-20 21:26 - 00000000 ____D C:\Program Files (x86)\Mega Codec Pack
2012-11-20 18:05 - 2012-11-20 18:05 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\Media Player Classic
2012-11-20 12:13 - 2012-11-20 13:10 - 00000000 ____D C:\Users\Cecilia\Desktop\NEO exp 2011 & 2012
2012-11-15 12:13 - 2012-11-15 14:37 - 00000000 ____D C:\Users\Cecilia\Documents\Exp Neo
2012-11-13 21:03 - 2012-11-20 21:23 - 00000000 ____D C:\Program Files (x86)\Essentials Codec Pack
2012-11-13 21:03 - 2012-11-13 21:03 - 00001188 ____A C:\Users\Cecilia\Desktop\Media Player Classic.lnk
2012-11-13 21:02 - 2012-11-13 21:02 - 00000000 ____D C:\Program Files (x86)\Yontoo
2012-11-13 21:01 - 2012-11-13 21:01 - 00000000 ____D C:\Windows\SysWOW64\C2MP
2012-11-13 20:55 - 2012-11-13 20:55 - 00000000 ____D C:\Users\Cecilia\AppData\Local\{0BAEF352-9A02-44CE-A574-DD55AF3C863A}
2012-11-11 20:57 - 2012-11-11 20:57 - 00039904 ____A C:\Windows\SysWOW64\dischandler.exe
2012-11-11 17:46 - 2012-11-11 17:46 - 04012544 ____A C:\Windows\System32\ffmpeg.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 04376576 ____A C:\Windows\System32\ffdshow.ax
2012-11-11 17:45 - 2012-11-11 17:45 - 00474624 ____A C:\Windows\System32\ff_kernelDeint.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 00156672 ____A C:\Windows\System32\ff_libmad.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 00127488 ____A C:\Windows\System32\ff_vfw.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 01532928 ____A C:\Windows\System32\ff_samplerate.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00631296 ____A C:\Windows\System32\TomsMoComp_ff.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00223232 ____A C:\Windows\System32\ff_libdts.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00183296 ____A C:\Windows\System32\ff_unrar.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00116224 ____A C:\Windows\System32\ff_liba52.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00114688 ____A C:\Windows\System32\ff_wmv9.dll
2012-11-11 17:42 - 2012-11-11 17:42 - 03915776 ____A C:\Windows\SysWOW64\ffmpeg.dll
2012-11-11 17:41 - 2012-11-11 17:41 - 03504128 ____A C:\Windows\SysWOW64\ffdshow.ax
2012-11-11 17:41 - 2012-11-11 17:41 - 00271360 ____A C:\Windows\SysWOW64\TomsMoComp_ff.dll
2012-11-11 17:41 - 2012-11-11 17:41 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 01525760 ____A C:\Windows\SysWOW64\ff_samplerate.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00211968 ____A C:\Windows\SysWOW64\ff_libdts.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00157184 ____A C:\Windows\SysWOW64\ff_unrar.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00147456 ____A C:\Windows\SysWOW64\ff_libmad.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00114688 ____A C:\Windows\SysWOW64\ff_liba52.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00099840 ____A C:\Windows\SysWOW64\ff_wmv9.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 08000584 ____A C:\Windows\System32\avcodec-lav-54.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 01497768 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVVideo.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 01137384 ____A C:\Windows\System32\avformat-lav-54.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00503464 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVSplitter.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 00405200 ____A C:\Windows\System32\swscale-lav-2.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00364712 ____A (Intel Corp.) C:\Windows\System32\IntelQuickSyncDecoder.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00274600 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVAudio.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 00252792 ____A C:\Windows\System32\avutil-lav-52.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00215720 ____A C:\Windows\System32\libbluray.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00181568 ____A C:\Windows\System32\avfilter-lav-3.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00178472 ____A C:\Windows\System32\avresample-lav-1.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 07870928 ____A C:\Windows\SysWOW64\avcodec-lav-54.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 01182696 ____A C:\Windows\SysWOW64\avformat-lav-54.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 01172648 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVVideo.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00413864 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVSplitter.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00382120 ____A C:\Windows\SysWOW64\swscale-lav-2.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00281768 ____A (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00241832 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVAudio.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00238528 ____A C:\Windows\SysWOW64\avutil-lav-52.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00183976 ____A C:\Windows\SysWOW64\libbluray.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00167728 ____A C:\Windows\SysWOW64\avfilter-lav-3.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00158096 ____A C:\Windows\SysWOW64\avresample-lav-1.dll
2012-11-08 18:21 - 2012-11-08 18:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-11-08 18:21 - 2012-11-08 18:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-11-08 13:05 - 2012-11-08 18:20 - 00000000 ____D C:\Users\Cecilia\Documents\AGV
2012-11-08 12:59 - 2012-11-08 12:59 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\AVG2013
2012-11-08 12:45 - 2012-11-08 18:21 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2012-11-08 12:45 - 2012-11-08 12:45 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\TuneUp Software
2012-11-08 12:43 - 2012-11-20 21:23 - 00000000 ____D C:\Users\All Users\AVG2013
2012-11-08 12:03 - 2012-11-08 15:18 - 00000000 ____D C:\Users\Cecilia\AppData\Local\Avg2013
2012-11-08 12:03 - 2012-11-08 12:03 - 00000000 ____D C:\Users\Cecilia\AppData\Local\MFAData
2012-11-08 12:01 - 2012-11-08 12:01 - 04418888 ____A (AVG Technologies) C:\Users\Cecilia\Documents\avg_avc_stb_all_2013_2742.exe
2012-11-02 16:54 - 2012-11-02 16:54 - 00000000 ____A C:\Users\Cecilia\Sti_Trace.log
2012-10-30 15:46 - 2012-11-21 09:42 - 01229538 ____A C:\Users\Cecilia\Downloads\TR177_Metamodel_Ecore.zip
2012-10-30 12:40 - 2012-11-21 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-30 11:34 - 2012-10-30 16:56 - 00000000 ____D C:\Users\Cecilia\Desktop\Today
2012-10-22 13:02 - 2012-10-22 13:02 - 00154464 ____A (AVG Technologies CZ, s.r.o. ) C:\Windows\System32\Drivers\avgidsdrivera.sys
==================== One Month Modified Files and Folders =======
2012-11-21 17:45 - 2012-11-21 17:45 - 00000000 ____D C:\FRST
2012-11-21 17:37 - 2011-11-26 15:30 - 01502050 ____A C:\Windows\WindowsUpdate.log
2012-11-21 17:34 - 2011-11-28 21:00 - 00000000 ____D C:\Users\Cecilia\Documents\Outlook
2012-11-21 17:25 - 2011-11-26 17:05 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\Skype
2012-11-21 17:22 - 2009-07-14 04:45 - 00013888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-21 17:22 - 2009-07-14 04:45 - 00013888 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-21 17:17 - 2012-11-21 17:17 - 01476262 ____A C:\Users\Cecilia\Desktop\computer info.bmp
2012-11-21 17:10 - 2011-11-28 19:55 - 00000000 ____D C:\Users\All Users\MFAData
2012-11-21 17:06 - 2012-04-02 11:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-21 17:05 - 2011-03-30 05:47 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-21 16:59 - 2009-07-14 05:13 - 00730512 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-21 16:05 - 2011-03-30 05:47 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-21 14:46 - 2012-04-12 10:56 - 00000476 ____A C:\Windows\Tasks\SDMsgUpdate (TE).job
2012-11-21 14:46 - 2011-03-30 06:03 - 00349986 ____A C:\Windows\PFRO.log
2012-11-21 14:46 - 2009-07-14 05:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-21 14:46 - 2009-07-14 04:51 - 00069267 ____A C:\Windows\setupact.log
2012-11-21 14:43 - 2012-11-21 14:10 - 00000000 ____D C:\Users\Cecilia\Desktop\MW problem
2012-11-21 14:43 - 2012-07-16 16:11 - 00000000 ____D C:\Users\Cecilia\Desktop\Charandas
2012-11-21 14:14 - 2012-05-21 11:47 - 00000000 ____D C:\Users\Cecilia\Desktop\FRAMEWRKS METHOD MODEL
2012-11-21 11:00 - 2012-10-30 12:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-21 10:41 - 2011-11-26 15:31 - 00124504 ____A C:\Users\Cecilia\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-21 09:42 - 2012-10-30 15:46 - 01229538 ____A C:\Users\Cecilia\Downloads\TR177_Metamodel_Ecore.zip
2012-11-21 08:57 - 2012-11-21 08:57 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-11-21 08:57 - 2012-11-20 19:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-11-21 08:53 - 2012-08-12 15:25 - 00000000 ____D C:\Users\Cecilia\Downloads\Complete
2012-11-21 08:51 - 2012-11-21 08:51 - 00001284 ____A C:\Users\Cecilia\Desktop\mbam-setup-1.65.1.1000.exe - Shortcut.lnk
2012-11-21 08:49 - 2012-11-21 08:49 - 10669952 ____A (Malwarebytes Corporation ) C:\Users\Cecilia\Downloads\mbam-setup-1.65.1.1000.exe
2012-11-21 08:34 - 2009-07-14 04:45 - 00444632 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-20 21:38 - 2011-11-28 20:14 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-11-20 21:38 - 2009-07-14 02:34 - 00000510 ____A C:\Windows\win.ini
2012-11-20 21:26 - 2012-11-20 18:06 - 00000000 ____D C:\Program Files (x86)\Mega Codec Pack
2012-11-20 21:26 - 2012-08-12 15:13 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\BitTorrent
2012-11-20 21:26 - 2011-11-26 15:31 - 00000000 ____D C:\users\Cecilia
2012-11-20 21:26 - 2011-03-30 05:26 - 00000000 ____D C:\Users\All Users\Sony Corporation
2012-11-20 21:26 - 2009-07-14 03:20 - 00000000 __RSD C:\Windows\Media
2012-11-20 21:26 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\System32\NDF
2012-11-20 21:26 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache
2012-11-20 21:26 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\registration
2012-11-20 21:26 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-11-20 21:23 - 2012-11-13 21:03 - 00000000 ____D C:\Program Files (x86)\Essentials Codec Pack
2012-11-20 21:23 - 2012-11-08 12:43 - 00000000 ____D C:\Users\All Users\AVG2013
2012-11-20 19:17 - 2012-11-20 19:17 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\Malwarebytes
2012-11-20 19:17 - 2012-11-20 19:17 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-11-20 18:05 - 2012-11-20 18:05 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\Media Player Classic
2012-11-20 15:24 - 2012-08-12 15:26 - 00000000 ____D C:\Users\Cecilia\Downloads\Pending
2012-11-20 13:10 - 2012-11-20 12:13 - 00000000 ____D C:\Users\Cecilia\Desktop\NEO exp 2011 & 2012
2012-11-20 09:36 - 2011-12-01 16:33 - 00000000 ____D C:\Users\Cecilia\Documents\Neosynapse
2012-11-15 14:37 - 2012-11-15 12:13 - 00000000 ____D C:\Users\Cecilia\Documents\Exp Neo
2012-11-13 21:03 - 2012-11-13 21:03 - 00001188 ____A C:\Users\Cecilia\Desktop\Media Player Classic.lnk
2012-11-13 21:02 - 2012-11-13 21:02 - 00000000 ____D C:\Program Files (x86)\Yontoo
2012-11-13 21:01 - 2012-11-13 21:01 - 00000000 ____D C:\Windows\SysWOW64\C2MP
2012-11-13 20:55 - 2012-11-13 20:55 - 00000000 ____D C:\Users\Cecilia\AppData\Local\{0BAEF352-9A02-44CE-A574-DD55AF3C863A}
2012-11-13 15:16 - 2011-12-01 16:41 - 00000000 ____D C:\Users\Cecilia\Documents\Flights
2012-11-11 20:57 - 2012-11-11 20:57 - 00039904 ____A C:\Windows\SysWOW64\dischandler.exe
2012-11-11 17:46 - 2012-11-11 17:46 - 04012544 ____A C:\Windows\System32\ffmpeg.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 04376576 ____A C:\Windows\System32\ffdshow.ax
2012-11-11 17:45 - 2012-11-11 17:45 - 00474624 ____A C:\Windows\System32\ff_kernelDeint.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 00156672 ____A C:\Windows\System32\ff_libmad.dll
2012-11-11 17:45 - 2012-11-11 17:45 - 00127488 ____A C:\Windows\System32\ff_vfw.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 01532928 ____A C:\Windows\System32\ff_samplerate.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00631296 ____A C:\Windows\System32\TomsMoComp_ff.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00223232 ____A C:\Windows\System32\ff_libdts.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00183296 ____A C:\Windows\System32\ff_unrar.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00116224 ____A C:\Windows\System32\ff_liba52.dll
2012-11-11 17:44 - 2012-11-11 17:44 - 00114688 ____A C:\Windows\System32\ff_wmv9.dll
2012-11-11 17:42 - 2012-11-11 17:42 - 03915776 ____A C:\Windows\SysWOW64\ffmpeg.dll
2012-11-11 17:41 - 2012-11-11 17:41 - 03504128 ____A C:\Windows\SysWOW64\ffdshow.ax
2012-11-11 17:41 - 2012-11-11 17:41 - 00271360 ____A C:\Windows\SysWOW64\TomsMoComp_ff.dll
2012-11-11 17:41 - 2012-11-11 17:41 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 01525760 ____A C:\Windows\SysWOW64\ff_samplerate.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00211968 ____A C:\Windows\SysWOW64\ff_libdts.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00157184 ____A C:\Windows\SysWOW64\ff_unrar.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00147456 ____A C:\Windows\SysWOW64\ff_libmad.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00114688 ____A C:\Windows\SysWOW64\ff_liba52.dll
2012-11-11 17:40 - 2012-11-11 17:40 - 00099840 ____A C:\Windows\SysWOW64\ff_wmv9.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 08000584 ____A C:\Windows\System32\avcodec-lav-54.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 01497768 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVVideo.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 01137384 ____A C:\Windows\System32\avformat-lav-54.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00503464 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVSplitter.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 00405200 ____A C:\Windows\System32\swscale-lav-2.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00364712 ____A (Intel Corp.) C:\Windows\System32\IntelQuickSyncDecoder.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00274600 ____A (1f0.de - Hendrik Leppkes) C:\Windows\System32\LAVAudio.ax
2012-11-11 13:34 - 2012-11-11 13:34 - 00252792 ____A C:\Windows\System32\avutil-lav-52.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00215720 ____A C:\Windows\System32\libbluray.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00181568 ____A C:\Windows\System32\avfilter-lav-3.dll
2012-11-11 13:34 - 2012-11-11 13:34 - 00178472 ____A C:\Windows\System32\avresample-lav-1.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 07870928 ____A C:\Windows\SysWOW64\avcodec-lav-54.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 01182696 ____A C:\Windows\SysWOW64\avformat-lav-54.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 01172648 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVVideo.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00413864 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVSplitter.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00382120 ____A C:\Windows\SysWOW64\swscale-lav-2.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00281768 ____A (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00241832 ____A (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\LAVAudio.ax
2012-11-11 13:32 - 2012-11-11 13:32 - 00238528 ____A C:\Windows\SysWOW64\avutil-lav-52.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00183976 ____A C:\Windows\SysWOW64\libbluray.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00167728 ____A C:\Windows\SysWOW64\avfilter-lav-3.dll
2012-11-11 13:32 - 2012-11-11 13:32 - 00158096 ____A C:\Windows\SysWOW64\avresample-lav-1.dll
2012-11-10 16:17 - 2012-04-30 08:37 - 00000000 ____D C:\SIRIUS12
2012-11-09 15:46 - 2012-02-29 11:15 - 00040727 ____A C:\test.xml
2012-11-08 18:21 - 2012-11-08 18:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-11-08 18:21 - 2012-11-08 18:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-11-08 18:21 - 2012-11-08 12:45 - 00000965 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2012-11-08 18:21 - 2012-08-04 14:55 - 00000000 ___HD C:\$AVG
2012-11-08 18:20 - 2012-11-08 13:05 - 00000000 ____D C:\Users\Cecilia\Documents\AGV
2012-11-08 16:45 - 2012-08-31 18:33 - 00000000 ____D C:\Users\Cecilia\Desktop\Zachman
2012-11-08 15:18 - 2012-11-08 12:03 - 00000000 ____D C:\Users\Cecilia\AppData\Local\Avg2013
2012-11-08 13:02 - 2011-11-28 20:00 - 00000000 ____D C:\Users\All Users\AVG2012
2012-11-08 12:59 - 2012-11-08 12:59 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\AVG2013
2012-11-08 12:59 - 2011-11-28 19:59 - 00000000 ____D C:\Program Files (x86)\AVG
2012-11-08 12:45 - 2012-11-08 12:45 - 00000000 ____D C:\Users\Cecilia\AppData\Roaming\TuneUp Software
2012-11-08 12:03 - 2012-11-08 12:03 - 00000000 ____D C:\Users\Cecilia\AppData\Local\MFAData
2012-11-08 12:01 - 2012-11-08 12:01 - 04418888 ____A (AVG Technologies) C:\Users\Cecilia\Documents\avg_avc_stb_all_2013_2742.exe
2012-11-06 08:51 - 2012-06-27 10:22 - 00000000 ____D C:\Users\Cecilia\Documents\Extracted Files
2012-11-02 16:54 - 2012-11-02 16:54 - 00000000 ____A C:\Users\Cecilia\Sti_Trace.log
2012-11-02 14:47 - 2012-05-08 18:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-30 16:56 - 2012-10-30 11:34 - 00000000 ____D C:\Users\Cecilia\Desktop\Today
2012-10-30 15:51 - 2012-06-26 07:43 - 00000000 ____D C:\Users\Cecilia\Desktop\FAST
2012-10-23 14:27 - 2012-10-20 11:18 - 00000000 ____D C:\Users\Cecilia\Documents\Tapes of Master
2012-10-23 08:34 - 2011-12-01 16:34 - 00000000 ____D C:\Users\Cecilia\Documents\Lyrics poetry quotes
2012-10-22 13:02 - 2012-10-22 13:02 - 00154464 ____A (AVG Technologies CZ, s.r.o. ) C:\Windows\System32\Drivers\avgidsdrivera.sys
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-10-30 13:53:40
Restore point made on: 2012-11-08 10:01:21
Restore point made on: 2012-11-08 12:43:34
Restore point made on: 2012-11-08 12:44:06
Restore point made on: 2012-11-09 23:17:50
Restore point made on: 2012-11-16 00:37:07
Restore point made on: 2012-11-20 20:48:42
Restore point made on: 2012-11-20 21:37:40
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 4011.86 MB
Available physical RAM: 3361.42 MB
Total Pagefile: 4010.01 MB
Available Pagefile: 3354.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:451.33 GB) (Free:250.17 GB) NTFS
2 Drive e: (Recovery) (Fixed) (Total:14.34 GB) (Free:1.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: () (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 977 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 14 GB 1024 KB
Partition 2 Primary 100 MB 14 GB
Partition 3 Primary 451 GB 14 GB
==================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E Recovery NTFS Partition 14 GB Healthy Hidden
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 451 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 977 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT Removable 977 MB Healthy
=========================================================
Last Boot: 2012-11-15 14:31
==================== End Of Log =============================