1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive Blank text, non-functional constant blue-screens

Discussion in 'Malware and Virus Removal Archive' started by so13eit, 2013/10/14.

  1. 2013/10/14
    so13eit

    so13eit Inactive Thread Starter

    Joined:
    2011/12/11
    Messages:
    42
    Likes Received:
    0
    [Inactive] Blank text, non-functional constant blue-screens

    Hi Broni,

    Unfortunately, I have another problem with another laptop- my apologies for coming back for more help!

    I was using a Samsung RC512 when I got a blue screen which broke the computer. I was able to find this post here that accurately describes my problem:

    http://www.bleepingcomputer.com/forums/t/484740/blank-text-corrupted-font-and-regular-bluescreening/

    I can start the laptop in safe mode- but can't open explorer.. nor can I open any programs (tried to open Malwarebytes but it gave a blank error screen). I tried to do a system restore but that didn't work either.

    Is there any way for me to recover this laptop to a working condition?

    Thanks so much.
     
    so13eit,
    #1
  2. 2013/10/14
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ==========================

    What Windows version is it?
     
    broni,
    #2


  3. to hide this advert.

  4. 2013/10/14
    so13eit

    so13eit Inactive Thread Starter

    Joined:
    2011/12/11
    Messages:
    42
    Likes Received:
    0
    Windows 7
     
    so13eit,
    #3
  5. 2013/10/14
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    NOTE 1. Use another working computer to download following tool.
    NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    [color= "#0000FF"]To enter System Recovery Options from the Advanced Boot Options:[/color]
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    [color= "#0000FF"]To enter System Recovery Options by using Windows installation disc:[/color]
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    [color= "#008000"]On the System Recovery Options menu you will get the following options:[/color]

    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type [color= "#FF0000"]e[/color]:\frst (for x64 bit version type [color= "#FF0000"]e[/color]:\frst64) and press Enter
      Note: Replace letter [color= "#FF0000"]e[/color] with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
    broni,
    #4
  6. 2013/10/14
    so13eit

    so13eit Inactive Thread Starter

    Joined:
    2011/12/11
    Messages:
    42
    Likes Received:
    0
    Thanks, Broni!

    Scan result of Farbar Recovery Scan Tool Version: 11-07-2012
    Ran by SYSTEM at 14-10-2013 21:19:22
    Running from H:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167960 2010-12-07] (Intel Corporation)
    HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [391704 2010-12-07] (Intel Corporation)
    HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417304 2010-12-07] (Intel Corporation)
    HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11660904 2010-11-30] (Realtek Semiconductor)
    HKLM\...\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray [1933584 2010-11-01] (Intel(R) Corporation)
    HKLM\...\Run: [IntelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash [1449984 2010-08-31] (Intel® Corporation)
    HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-10-08] ()
    HKLM-x32\...\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-08-25] (cyberlink)
    HKLM-x32\...\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [618496 2010-06-07] ()
    HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
    HKLM-x32\...\Run: [BaofengPlatform] "C:\Program Files (x86)\Baofeng\StormPlayer\BaofengPlatform.exe" /autorun [371296 2011-10-30] (????????????)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2345296 2013-10-01] (LogMeIn Inc.)
    HKU\Administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
    HKU\Administrator\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP [x]
    HKU\Administrator\...\Run: [SearchProtect] C:\Users\Administrator\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
    HKU\Owner\...\Run: [Desktop Software] "C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe" /ini "C:\Program Files (x86)\ComcastUI\Desktop Software\uinstaller.ini" /fromrun /starthidden [x]
    HKU\Owner\...\Run: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-07] (Conduit)
    HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
    HKU\UpdatusUser\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP [x]
    Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll
    Startup: C:\Users\Administrator\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
    ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)
    Startup: C:\Users\Default\Start Menu\Programs\Startup\Best Buy pc app.lnk
    ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
    Startup: C:\Users\Default User\Start Menu\Programs\Startup\Best Buy pc app.lnk
    ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
    Startup: C:\Users\Owner\Start Menu\Programs\Startup\Adobe Gamma.lnk
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    Startup: C:\Users\Owner\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
    ShortcutTarget: Intel(R) Turbo Boost Technology Monitor 2.0.lnk -> C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe (Intel® Corporation)

    ==================== Services (Whitelisted) ======

    3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [72704 2013-07-27] (Adobe Systems)
    2 ccosm; C:\Program Files (x86)\StormII\ccosm.exe /asservice [433064 2007-09-07] ()
    2 CLKMSVC10_38F51D56; "C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe" /svc [246256 2010-08-24] (CyberLink)
    2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-07] (Conduit)
    2 confsvr; C:\Program Files (x86)\O2Micro\Succendo\confsvr.exe [68096 2010-03-26] ()
    2 FunshionSvr; C:\Program Files (x86)\Common Files\FunshionLauncher\FunshionSvr.dll [73504 2012-12-24] ()
    2 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [2746704 2013-10-01] (LogMeIn Inc.)
    3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-01] ()
    2 RichVideo; "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" [244904 2009-11-30] ()
    3 Samsung UPD Service; "C:\Windows\System32\SUPDSvc.exe" [166704 2010-08-09] (Samsung Electronics CO., LTD.)
    2 sesssvr; C:\Program Files (x86)\O2Micro\Succendo\sesssvr.exe [68608 2010-03-26] ()
    3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [565672 2013-10-08] (Valve Corporation)
    2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2655768 2010-10-05] (Intel Corporation)
    3 Leica Microsystems Data Container V1; C:\Program Files (x86)\Leica Microsystems CMS GmbH\Leica LAS AF Lite\DC\LMSDataContainerServer.exe [x]

    ========================== Drivers (Whitelisted) =============

    3 davinci2; C:\Windows\System32\Drivers\davinci2.sys [17952 2009-11-19] ()
    3 hamachi; C:\Windows\System32\Drivers\hamachi.sys [33856 2009-03-18] (LogMeIn, Inc.)
    1 SABI; C:\Windows\System32\Drivers\SABI.sys [13824 2009-05-27] (SAMSUNG ELECTRONICS)

    ========================== NetSvcs (Whitelisted) ===========


    ============ One Month Created Files and Folders ==============

    2013-10-14 17:11 - 2010-09-07 20:28 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
    2013-10-14 17:11 - 2009-07-13 17:15 - 00229376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2013-10-14 17:11 - 2009-07-13 17:15 - 00126976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2013-10-14 17:11 - 2009-07-13 17:15 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
    2013-10-14 17:11 - 2009-07-13 17:14 - 00176128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2013-10-14 17:11 - 2009-07-13 17:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2013-10-14 17:10 - 2010-12-22 02:20 - 00174640 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
    2013-10-14 17:10 - 2010-12-22 02:20 - 00007440 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
    2013-10-14 17:10 - 2010-09-07 21:35 - 01026048 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
    2013-10-14 17:10 - 2009-07-13 17:41 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
    2013-10-14 17:10 - 2009-07-13 17:41 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
    2013-10-14 17:10 - 2009-07-13 17:40 - 00090112 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
    2013-10-14 17:10 - 2009-07-13 17:40 - 00022016 ____A (Microsoft Corporation) C:\Windows\System32\corpol.dll
    2013-10-14 17:10 - 2009-07-13 17:27 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
    2013-10-14 17:10 - 2009-07-13 17:14 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2013-10-14 17:10 - 2009-06-10 12:45 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
    2013-10-14 13:31 - 2013-10-14 13:32 - 00272904 ____A C:\Windows\Minidump\101413-35802-01.dmp
    2013-10-14 13:21 - 2013-10-14 13:22 - 00272888 ____A C:\Windows\Minidump\101413-24507-01.dmp
    2013-10-14 13:16 - 2013-10-14 13:16 - 00262144 ____A C:\Windows\Minidump\101413-24273-01.dmp
    2013-10-14 13:04 - 2013-10-14 13:05 - 00262144 ____A C:\Windows\Minidump\101413-26598-01.dmp
    2013-10-13 17:15 - 2013-10-13 17:15 - 00508905 ____A C:\Users\Owner\Desktop\target.xps
    2013-10-11 15:56 - 2013-10-11 15:58 - 00000000 ____D C:\Users\All Users\Storm
    2013-10-11 06:10 - 2013-09-22 15:28 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-10-11 06:10 - 2013-09-22 15:28 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 02876928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 02048512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-10-11 06:10 - 2013-09-22 15:27 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-10-11 06:10 - 2013-09-22 14:55 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-10-11 06:10 - 2013-09-22 14:55 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-10-11 06:10 - 2013-09-22 14:55 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-10-11 06:10 - 2013-09-22 14:54 - 19252224 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 03959296 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-10-11 06:10 - 2013-09-22 14:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-10-11 06:10 - 2013-09-20 19:38 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-10-11 06:10 - 2013-09-20 19:30 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-10-11 06:10 - 2013-09-20 18:48 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-10-11 06:10 - 2013-09-20 18:39 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-10-11 06:09 - 2013-09-22 15:27 - 14335488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-10-11 06:04 - 2009-03-18 14:35 - 00033856 ___AH (LogMeIn, Inc.) C:\Windows\System32\hamachi.sys
    2013-10-11 06:03 - 2013-10-11 06:03 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
    2013-10-10 17:11 - 2013-07-04 04:50 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\comctl32.dll
    2013-10-10 17:11 - 2013-07-04 03:50 - 00530432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2013-10-10 17:10 - 2013-09-13 17:10 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
    2013-10-10 17:10 - 2013-09-07 18:30 - 01903552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-10-10 17:10 - 2013-09-07 18:27 - 00327168 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
    2013-10-10 17:10 - 2013-09-07 18:03 - 00231424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2013-10-10 17:10 - 2013-08-28 18:17 - 05549504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-10-10 17:10 - 2013-08-28 18:16 - 01732032 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
    2013-10-10 17:10 - 2013-08-28 18:16 - 00859648 ____A (Microsoft Corporation) C:\Windows\System32\tdh.dll
    2013-10-10 17:10 - 2013-08-28 18:16 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
    2013-10-10 17:10 - 2013-08-28 18:13 - 00878080 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
    2013-10-10 17:10 - 2013-08-28 17:51 - 03969472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-10-10 17:10 - 2013-08-28 17:51 - 03914176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-10-10 17:10 - 2013-08-28 17:50 - 01292192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-10-10 17:10 - 2013-08-28 17:50 - 00619520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2013-10-10 17:10 - 2013-08-28 17:50 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-10-10 17:10 - 2013-08-28 17:48 - 00640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2013-10-10 17:10 - 2013-08-28 16:49 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-10-10 17:10 - 2013-08-28 16:49 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-10-10 17:10 - 2013-08-28 16:49 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-10-10 17:10 - 2013-08-28 16:49 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-10-10 17:10 - 2013-08-27 17:21 - 03155968 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-10-10 17:10 - 2013-08-27 17:12 - 00461312 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
    2013-10-10 17:10 - 2013-08-01 04:09 - 00983488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-10-10 17:10 - 2013-07-20 02:33 - 00124112 ____A (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2013-10-10 17:10 - 2013-07-20 02:33 - 00102608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2013-10-10 17:10 - 2013-07-12 02:41 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbvideo.sys
    2013-10-10 17:10 - 2013-07-12 02:41 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbcir.sys
    2013-10-10 17:10 - 2013-07-04 04:57 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
    2013-10-10 17:10 - 2013-07-04 04:50 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll
    2013-10-10 17:10 - 2013-07-04 03:57 - 00205824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
    2013-10-10 17:10 - 2013-07-04 03:51 - 00081920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
    2013-10-10 17:10 - 2013-07-04 02:11 - 00140800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys
    2013-10-10 17:10 - 2013-07-02 20:05 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
    2013-10-10 17:10 - 2013-07-02 20:05 - 00032896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
    2013-10-10 17:10 - 2013-06-25 14:55 - 00785624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
    2013-10-10 17:10 - 2013-06-05 21:50 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
    2013-10-10 17:10 - 2013-06-05 21:49 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
    2013-10-10 17:10 - 2013-06-05 21:49 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
    2013-10-10 17:10 - 2013-06-05 21:47 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2013-10-10 17:10 - 2013-06-05 20:57 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2013-10-10 17:10 - 2013-06-05 20:51 - 00070656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2013-10-10 17:10 - 2013-06-05 20:50 - 00010240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2013-10-10 17:10 - 2013-06-05 19:30 - 00368128 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2013-10-10 17:10 - 2013-06-05 19:01 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2013-10-10 17:10 - 2013-06-05 19:01 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2013-10-03 17:16 - 2013-10-03 17:16 - 00000000 ____D C:\Users\Administrator\AppData\Local\Macromedia
    2013-10-01 17:30 - 2013-10-01 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2013-09-16 07:44 - 2013-09-16 07:44 - 00262144 ____A C:\Windows\Minidump\091613-29281-01.dmp
    2013-09-14 19:59 - 2013-09-14 19:59 - 04288182 ____A C:\Users\Owner\Desktop\Fig1new.psd
    2013-09-14 07:13 - 2013-09-14 07:13 - 00247923 ____A C:\Users\Owner\Desktop\jobs.htm
    2013-09-14 07:13 - 2013-09-14 07:13 - 00000000 ____D C:\Users\Owner\Desktop\jobs_files


    ============ 3 Months Modified Files ========================

    2013-10-14 13:32 - 2013-10-14 13:31 - 00272904 ____A C:\Windows\Minidump\101413-35802-01.dmp
    2013-10-14 13:32 - 2013-06-11 18:56 - 00000350 ____A C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
    2013-10-14 13:32 - 2013-05-31 07:37 - 00000350 ____A C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
    2013-10-14 13:32 - 2013-01-05 19:08 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-10-14 13:32 - 2010-12-22 01:56 - 00000050 ____A C:\Windows\System32\SupplicantTest.log
    2013-10-14 13:31 - 2012-11-09 07:15 - 548325882 ____A C:\Windows\MEMORY.DMP
    2013-10-14 13:31 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-10-14 13:31 - 2009-07-13 20:51 - 00092070 ____A C:\Windows\setupact.log
    2013-10-14 13:27 - 2009-07-13 21:13 - 00723198 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-10-14 13:22 - 2013-10-14 13:21 - 00272888 ____A C:\Windows\Minidump\101413-24507-01.dmp
    2013-10-14 13:16 - 2013-10-14 13:16 - 00262144 ____A C:\Windows\Minidump\101413-24273-01.dmp
    2013-10-14 13:05 - 2013-10-14 13:04 - 00262144 ____A C:\Windows\Minidump\101413-26598-01.dmp
    2013-10-14 13:01 - 2010-12-22 18:45 - 01704700 ____A C:\Windows\WindowsUpdate.log
    2013-10-14 12:57 - 2013-01-05 19:08 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-10-13 17:15 - 2013-10-13 17:15 - 00508905 ____A C:\Users\Owner\Desktop\target.xps
    2013-10-13 12:34 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-10-13 12:34 - 2009-07-13 20:45 - 00014144 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-10-11 15:56 - 2009-07-13 20:45 - 00445728 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-10-10 18:07 - 2011-10-20 18:49 - 00113724 ____A C:\Users\Owner\Documents\Expense.xlsx
    2013-10-03 17:16 - 2012-11-09 07:17 - 00001145 ____A C:\Users\UpdatusUser\Desktop\±©·Ã§Ã“°Ã’ô5.lnk
    2013-10-03 17:16 - 2012-11-09 07:17 - 00001145 ____A C:\Users\Owner\Desktop\±©·Ã§Ã“°Ã’ô5.lnk
    2013-10-03 17:16 - 2012-11-09 07:17 - 00001145 ____A C:\Users\Administrator\Desktop\±©·Ã§Ã“°Ã’ô5.lnk
    2013-10-03 17:11 - 2012-09-28 08:34 - 00122992 ____A C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-09-28 06:59 - 2011-10-14 08:35 - 00000014 ____A C:\Users\Owner\Desktop\New Text Document.txt
    2013-09-27 17:51 - 2012-11-27 20:53 - 00000915 ____A C:\Users\Owner\AppData\Roaming\coreavc.ini
    2013-09-22 15:28 - 2013-10-11 06:10 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-09-22 15:28 - 2013-10-11 06:10 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 02876928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 02048512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-09-22 15:27 - 2013-10-11 06:10 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-09-22 15:27 - 2013-10-11 06:09 - 14335488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-09-22 14:55 - 2013-10-11 06:10 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-09-22 14:55 - 2013-10-11 06:10 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-09-22 14:55 - 2013-10-11 06:10 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-09-22 14:54 - 2013-10-11 06:10 - 19252224 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 03959296 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-09-22 14:54 - 2013-10-11 06:10 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-09-20 19:38 - 2013-10-11 06:10 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-09-20 19:30 - 2013-10-11 06:10 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-09-20 18:48 - 2013-10-11 06:10 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-09-20 18:39 - 2013-10-11 06:10 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-09-17 17:37 - 2013-07-05 04:56 - 00009441 ____A C:\Users\Owner\Documents\entertainment.xlsx
    2013-09-16 07:44 - 2013-09-16 07:44 - 00262144 ____A C:\Windows\Minidump\091613-29281-01.dmp
    2013-09-14 19:59 - 2013-09-14 19:59 - 04288182 ____A C:\Users\Owner\Desktop\Fig1new.psd
    2013-09-14 07:13 - 2013-09-14 07:13 - 00247923 ____A C:\Users\Owner\Desktop\jobs.htm
    2013-09-13 17:10 - 2013-10-10 17:10 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
    2013-09-09 16:34 - 2011-10-20 18:49 - 00018944 ____A C:\Users\Owner\Documents\month.xls
    2013-09-07 18:30 - 2013-10-10 17:10 - 01903552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-09-07 18:27 - 2013-10-10 17:10 - 00327168 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
    2013-09-07 18:03 - 2013-10-10 17:10 - 00231424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
    2013-09-07 08:14 - 2013-09-07 08:14 - 00000222 ____A C:\Users\Owner\Desktop\Dungeonland.url
    2013-09-06 18:35 - 2013-09-06 03:54 - 00000404 ____A C:\Users\Owner\Desktop\card.txt
    2013-08-28 18:17 - 2013-10-10 17:10 - 05549504 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-08-28 18:16 - 2013-10-10 17:10 - 01732032 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
    2013-08-28 18:16 - 2013-10-10 17:10 - 00859648 ____A (Microsoft Corporation) C:\Windows\System32\tdh.dll
    2013-08-28 18:16 - 2013-10-10 17:10 - 00243712 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
    2013-08-28 18:13 - 2013-10-10 17:10 - 00878080 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
    2013-08-28 17:51 - 2013-10-10 17:10 - 03969472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-08-28 17:51 - 2013-10-10 17:10 - 03914176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-08-28 17:50 - 2013-10-10 17:10 - 01292192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-08-28 17:50 - 2013-10-10 17:10 - 00619520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
    2013-08-28 17:50 - 2013-10-10 17:10 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-08-28 17:48 - 2013-10-10 17:10 - 00640512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2013-08-28 16:49 - 2013-10-10 17:10 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-08-28 16:49 - 2013-10-10 17:10 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-08-28 16:49 - 2013-10-10 17:10 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-08-28 16:49 - 2013-10-10 17:10 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-08-27 17:21 - 2013-10-10 17:10 - 03155968 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-08-27 17:12 - 2013-10-10 17:10 - 00461312 ____A (Microsoft Corporation) C:\Windows\System32\scavengeui.dll
    2013-08-23 04:23 - 2013-07-29 18:09 - 13764780 ____A C:\Users\Owner\Desktop\Fig1.psd
    2013-08-14 18:29 - 2013-08-14 18:28 - 00262144 ____A C:\Windows\Minidump\081413-21746-01.dmp
    2013-08-11 18:27 - 2013-08-11 18:27 - 00262144 ____A C:\Windows\Minidump\081113-27549-01.dmp
    2013-08-08 09:19 - 2013-08-08 09:19 - 00262144 ____A C:\Windows\Minidump\080813-20467-01.dmp
    2013-08-07 20:40 - 2013-07-30 19:14 - 09217740 ____A C:\Users\Owner\Desktop\fig0.psd
    2013-08-07 06:38 - 2013-08-02 17:42 - 00773050 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
    2013-08-07 00:22 - 2013-08-02 18:10 - 00278800 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
    2013-08-06 05:59 - 2013-08-06 05:53 - 00008621 ____A C:\Windows\IE10_main.log
    2013-08-06 05:56 - 2013-08-06 05:56 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-08-06 05:56 - 2013-08-06 05:56 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2013-08-06 05:56 - 2013-08-06 05:56 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2013-08-06 05:56 - 2013-08-06 05:56 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2013-08-06 05:56 - 2013-08-06 05:56 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2013-08-06 05:56 - 2013-08-06 05:56 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2013-08-06 05:56 - 2013-08-06 05:56 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2013-08-06 05:56 - 2013-08-06 05:56 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2013-08-06 05:56 - 2013-08-06 05:56 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2013-08-06 05:56 - 2013-08-06 05:56 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2013-08-06 05:56 - 2013-08-06 05:56 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2013-08-06 05:55 - 2013-08-06 05:55 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-08-06 05:55 - 2013-08-06 05:55 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    2013-08-06 05:43 - 2013-08-06 05:43 - 47984684 ____A C:\Users\Owner\Downloads\Composite 1a - brk 4TAG mut 4.19AF.psd
    2013-08-04 18:25 - 2013-09-10 12:43 - 00155584 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
    2013-08-04 17:03 - 2013-08-03 07:01 - 00283836 ____A C:\Windows\msxml4-KB973688-enu.LOG
    2013-08-04 17:03 - 2013-08-03 06:49 - 00286746 ____A C:\Windows\msxml4-KB954430-enu.LOG
    2013-08-04 15:35 - 2010-12-22 03:08 - 00371664 ____A C:\Windows\PFRO.log
    2013-08-04 15:18 - 2009-07-13 18:36 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\msclmd.dll
    2013-08-04 15:18 - 2009-07-13 18:36 - 00152576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
    2013-08-04 14:39 - 2011-06-30 03:46 - 00122992 ____A C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
    2013-08-03 06:40 - 2013-08-03 06:36 - 00004039 ____A C:\Windows\IE9_main.log
    2013-08-02 19:20 - 2013-08-02 19:20 - 04296704 ____A C:\Users\Owner\Downloads\hamachi.msi
    2013-08-02 19:19 - 2013-08-02 19:19 - 00392000 ____A (Softonic ) C:\Users\Owner\Downloads\SoftonicDownloader_for_hamachi.exe
    2013-08-02 17:31 - 2013-08-02 17:31 - 00889416 ____A (Microsoft Corporation) C:\Users\Owner\Downloads\dotNetFx40_Full_setup(1).exe
    2013-08-02 17:28 - 2013-08-02 17:28 - 00889416 ____A (Microsoft Corporation) C:\Users\Owner\Downloads\dotNetFx40_Full_setup.exe
    2013-08-02 17:10 - 2013-08-02 17:10 - 07639718 ____A C:\Users\Owner\Desktop\Fig2.psd
    2013-08-02 09:20 - 2013-08-02 09:20 - 78828758 ____A C:\Users\Owner\Downloads\Composite 7.psd
    2013-08-01 18:14 - 2013-09-10 12:43 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-08-01 18:13 - 2013-09-10 12:43 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2013-08-01 18:13 - 2013-09-10 12:43 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00006656 ____A (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2013-08-01 18:12 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2013-08-01 17:50 - 2013-09-10 12:43 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2013-08-01 17:50 - 2013-09-10 12:43 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2013-08-01 17:48 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2013-08-01 17:09 - 2013-09-10 12:43 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2013-08-01 16:59 - 2013-09-10 12:43 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
    2013-08-01 16:43 - 2013-09-10 12:43 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2013-08-01 16:43 - 2013-09-10 12:43 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-08-01 16:43 - 2013-09-10 12:43 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2013-08-01 16:43 - 2013-09-10 12:43 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2013-08-01 04:09 - 2013-10-10 17:10 - 00983488 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2013-07-27 14:27 - 2013-07-27 14:26 - 22531941 ____A C:\Users\Owner\Downloads\Composite 1a - brk 4Tag mut 4.19B.psd
    2013-07-27 14:09 - 2009-07-13 18:34 - 00000478 ____A C:\Windows\win.ini
    2013-07-27 13:56 - 2013-07-27 13:54 - 00000009 ____A C:\END
    2013-07-27 13:50 - 2013-07-27 13:34 - 356583291 ____A (Adobe Systems Inc. ) C:\Users\Owner\Downloads\PhSp_CS2_English.exe
    2013-07-27 13:34 - 2013-07-27 13:34 - 01067672 ____A C:\Users\Owner\Downloads\Setup.exe
    2013-07-25 18:24 - 2013-09-10 12:42 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
    2013-07-25 18:24 - 2013-09-10 12:42 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
    2013-07-25 17:55 - 2013-09-10 12:42 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-07-25 17:55 - 2013-09-10 12:42 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2013-07-25 01:25 - 2013-08-14 07:11 - 01888768 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
    2013-07-25 00:57 - 2013-08-14 07:11 - 01620992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-07-20 02:33 - 2013-10-10 17:10 - 00124112 ____A (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
    2013-07-20 02:33 - 2013-10-10 17:10 - 00102608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2013-07-18 17:58 - 2013-08-14 07:11 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
    2013-07-18 17:41 - 2013-08-14 07:11 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
     
    so13eit,
    #5
  7. 2013/10/14
    so13eit

    so13eit Inactive Thread Starter

    Joined:
    2011/12/11
    Messages:
    42
    Likes Received:
    0
    ========================= Known DLLs (Whitelisted) ============


    ========================= Bamital & volsnap Check ============

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 12%
    Total physical RAM: 6056.29 MB
    Available physical RAM: 5299.77 MB
    Total Pagefile: 6054.44 MB
    Available Pagefile: 5302.46 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.9 MB

    ======================= Partitions =========================

    1 Drive c: () (Fixed) (Total:272 GB) (Free:171.28 GB) NTFS
    2 Drive d: () (Fixed) (Total:406.34 GB) (Free:358.62 GB) NTFS
    3 Drive f: (SAMSUNG_REC) (Fixed) (Total:20.2 GB) (Free:0.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    5 Drive h: (AMYPAN) (Removable) (Total:3.76 GB) (Free:3.09 GB) FAT32
    6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    7 Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 698 GB 1024 KB
    Disk 1 Online 3854 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 100 MB 1024 KB
    Partition 2 Primary 272 GB 101 MB
    Partition 0 Extended 406 GB 272 GB
    Partition 4 Logical 406 GB 272 GB
    Partition 3 Recovery 20 GB 678 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 Y SYSTEM NTFS Partition 100 MB Healthy

    ==================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 C NTFS Partition 272 GB Healthy

    ==================================================================================

    Disk: 0
    Partition 4
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 D NTFS Partition 406 GB Healthy

    ==================================================================================

    Disk: 0
    Partition 3
    Type : 27
    Hidden: Yes
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 4 F SAMSUNG_REC NTFS Partition 20 GB Healthy Hidden

    ==================================================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 3853 MB 31 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 0C
    Hidden: No
    Active: Yes


    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 5 H FLASH FAT32 Removable 3853 MB Healthy
     
    so13eit,
    #6
  8. 2013/10/14
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    The very lower part of FRST log is missing but I can tell you right now that there is nothing malicious on your computer.
    You should create new topic in Windows forum.
     
    broni,
    #7
  9. 2013/10/14
    so13eit

    so13eit Inactive Thread Starter

    Joined:
    2011/12/11
    Messages:
    42
    Likes Received:
    0
    Ah, my apologies- I deleted the ==='s at the end of it in order to try to limit the text to 55000 characters, and forgot to add it back in when I made two posts. Thank you for your help!
     
    so13eit,
    #8
  10. 2013/10/14
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome [​IMG]
     
    broni,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...