1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved windows 7 computer will not boot

Discussion in 'Malware and Virus Removal Archive' started by trickster21, 2012/07/08.

  1. 2012/07/08
    trickster21

    trickster21 Inactive Thread Starter

    Joined:
    2009/03/06
    Messages:
    18
    Likes Received:
    0
    [Resolved] windows 7 computer will not boot

    Hi,

    I have a windows 7 computer that will not boot up at all. It gives me the option to launch startup repair. After it runs its test, it says there is no root cause.

    From the tests I have run it appears to be a software issue or virus because the computer is not detecting any hardware issues.

    Can you please help me fix this computer?
     
    trickster21,
    #1
  2. 2012/07/08
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =================================================

    You abandoned this topic in the past: http://www.windowsbbs.com/malware-v...ng-slowly-has-trouble-updating-antivirus.html
    If it happens again you will NOT be allowed to receive any more help in malware removal forum.

    ================================================

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    [color= "#0000FF"]To enter System Recovery Options from the Advanced Boot Options:[/color]
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    [color= "#0000FF"]To enter System Recovery Options by using Windows installation disc:[/color]
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.

    [color= "#008000"]On the System Recovery Options menu you will get the following options:[/color]

      • Startup Repair
        System Restore
        Windows Complete PC Restore
        Windows Memory Diagnostic Tool
        Command Prompt
    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type [color= "#FF0000"]e[/color]:\frst.exe (for x64 bit version type [color= "#FF0000"]e[/color]:\frst64) and press Enter
      Note: Replace letter [color= "#FF0000"]e[/color] with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
     
    broni,
    #2


  3. to hide this advert.

  4. 2012/07/08
    trickster21

    trickster21 Inactive Thread Starter

    Joined:
    2009/03/06
    Messages:
    18
    Likes Received:
    0
    Scan result of Farbar Recovery Scan Tool Version: 08-07-2012
    Ran by SYSTEM at 08-07-2012 13:50:34
    Running from F:\
    Windows 7 Home Premium (X64) OS Language: English(US)
    The current controlset is ControlSet001

    ========================== Registry (Whitelisted) =============

    HKLM\...\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe [649608 2010-06-09] (ELAN Microelectronic Corp.)
    HKLM\...\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-15] ()
    HKLM\...\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [307768 2009-11-18] ()
    HKLM\...\Run: [lxdnmon.exe] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe" [660136 2009-01-29] ()
    HKLM\...\Run: [lxdnamon] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnamon.exe" [16040 2009-01-29] ()
    HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [167704 2012-01-10] (Intel Corporation)
    HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [392984 2012-01-10] (Intel Corporation)
    HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [417560 2012-01-10] (Intel Corporation)
    HKLM-x32\...\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [87336 2009-07-06] (CyberLink Corp.)
    HKLM-x32\...\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-02-23] (cyberlink)
    HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
    HKLM-x32\...\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2429 2010-09-18] ()
    HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6806144 2010-06-24] (ASUS)
    HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
    HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
    HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2011-07-05] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2011-08-19] (Apple Inc.)
    HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2416480 2012-01-24] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
    HKLM-x32\...\Run: [FaxCenterServer] "C:\Program Files (x86)\Lexmark Fax Solutions\fm3032.exe" /s [320168 2009-01-29] ()
    HKLM-x32\...\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot [296056 2012-06-03] (RealNetworks, Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
    HKU\GA\...\Run: [cdloader] "C:\Users\GA\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK [50592 2011-08-23] (magicJack L.P.)
    HKU\GA\...\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (syncables, LLC)
    HKU\GA\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    HKU\GA\...\Run: [Facebook Update] "C:\Users\GA\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [137536 2012-01-05] (Facebook Inc.)
    HKU\GA\...\Run: [Google Update] "C:\Users\GA\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-03-24] (Google Inc.)
    HKU\GA\...\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [12163848 2012-06-20] (Google)
    HKU\Guest\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-09-18] (Google Inc.)
    HKU\Guest\...\Run: [cdloader] "C:\Users\Guest\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK [50592 2011-08-23] (magicJack L.P.)
    Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\FancyStart daemon.lnk
    ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    Startup: C:\Users\All Users\Start Menu\Programs\Startup\SRS Premium Sound.lnk
    ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
    Startup: C:\Users\GA\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

    ==================== Services (Whitelisted) ======

    2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
    2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
    2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe" [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.)
    2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [192776 2011-08-02] (AVG Technologies CZ, s.r.o.)
    2 lxdnCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
    2 lxdn_device; C:\Windows\system32\lxdncoms.exe -service [1044648 2008-02-27] ( )
    2 lxdn_device; C:\Windows\SysWow64\lxdncoms.exe -service [594600 2008-02-27] ( )
    3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
    2 UNS; "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [2314240 2009-09-30] (Intel Corporation)

    ========================== Drivers (Whitelisted) =============

    2 ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [15416 2009-07-02] (ASUS)
    3 AVGIDSDriver; C:\Windows\System32\Drivers\AVGIDSDriver.sys [120400 2011-07-11] (AVG Technologies CZ, s.r.o. )
    0 AVGIDSEH; C:\Windows\System32\Drivers\AVGIDSEH.sys [26704 2011-07-11] (AVG Technologies CZ, s.r.o. )
    3 AVGIDSFilter; C:\Windows\System32\Drivers\AVGIDSFilter.sys [29776 2011-07-11] (AVG Technologies CZ, s.r.o. )
    1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [283728 2011-10-07] (AVG Technologies CZ, s.r.o.)
    1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [46672 2011-08-08] (AVG Technologies CZ, s.r.o.)
    0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [37456 2011-09-13] (AVG Technologies CZ, s.r.o.)
    1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [375376 2011-07-11] (AVG Technologies CZ, s.r.o.)
    3 JME; C:\Windows\System32\Drivers\JME.sys [115312 2010-02-24] (JMicron Technology Corp.)
    3 kbfiltr; C:\Windows\System32\Drivers\kbfiltr.sys [15416 2009-07-20] ( )
    0 lullaby; C:\Windows\System32\Drivers\lullaby.sys [15928 2009-06-18] (Windows (R) Win 7 DDK provider)
    3 SNP2UVC; C:\Windows\System32\Drivers\SNP2UVC.sys [1806400 2009-06-05] ()
    2 {B154377D-700F-42cc-9474-23858FBDF4BD}; \??\C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
    3 tmlwf; [x]
    3 tmwfp; [x]

    ========================== NetSvcs (Whitelisted) ===========


    ============ One Month Created Files and Folders ==============

    2012-07-08 13:50 - 2012-07-08 13:50 - 00000000 ____D C:\FRST
    2012-07-02 12:45 - 2012-07-02 12:45 - 00000000 __SHD C:\found.001
    2012-07-01 11:34 - 2012-07-01 11:34 - 00823576 ____A (Bandoo Media Inc) C:\Users\GA\Downloads\iLividSetupV1.exe
    2012-06-25 10:20 - 2012-06-25 10:20 - 00262144 ____A C:\Windows\Minidump\062512-22292-01.dmp
    2012-06-25 10:12 - 2012-06-25 10:12 - 00262144 ____A C:\Windows\Minidump\062512-23244-01.dmp
    2012-06-23 23:08 - 2012-06-23 23:08 - 00262144 ____A C:\Windows\Minidump\062412-23696-01.dmp
    2012-06-23 13:17 - 2012-02-23 09:18 - 00279656 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2012-06-22 02:09 - 2012-06-22 02:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2012-06-22 02:09 - 2012-06-22 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-06-22 02:09 - 2012-06-22 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-06-22 02:09 - 2012-06-22 02:09 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-06-22 02:09 - 2012-06-22 02:09 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-06-22 02:09 - 2012-06-22 02:09 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2012-06-22 02:09 - 2012-06-22 02:09 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2012-06-22 02:09 - 2012-06-22 02:09 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2012-06-22 02:09 - 2012-06-22 02:09 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2012-06-22 02:02 - 2012-06-22 02:19 - 00005933 ____A C:\Windows\IE9_main.log
    2012-06-21 19:29 - 2012-06-21 19:29 - 00001505 ____A C:\Users\GA\Desktop\desktop - Shortcut.lnk
    2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\GA\Documents\CyberLink
    2012-06-21 19:29 - 2012-06-21 19:29 - 00000000 ____D C:\Users\GA\AppData\Local\Cyberlink
    2012-06-21 19:25 - 2012-06-21 19:25 - 00000000 ____D C:\Users\GA\AppData\Roaming\EeeStorageUploader
    2012-06-21 18:27 - 2012-06-21 18:27 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
    2012-06-21 18:27 - 2012-06-21 18:27 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
    2012-06-21 18:27 - 2012-06-21 18:27 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
    2012-06-21 18:27 - 2012-06-21 18:27 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
    2012-06-21 13:14 - 2010-11-01 20:41 - 00135168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
    2012-06-21 13:14 - 2010-06-25 21:14 - 01495040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2012-06-21 13:14 - 2010-05-23 02:15 - 01619456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2012-06-21 13:14 - 2010-05-23 02:11 - 03181568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2012-06-21 13:14 - 2010-05-23 02:11 - 00196608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
    2012-06-21 13:14 - 2010-05-23 00:37 - 01888256 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
    2012-06-21 13:14 - 2010-05-23 00:35 - 00257024 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
    2012-06-21 13:13 - 2011-01-25 22:53 - 00982912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
    2012-06-21 13:13 - 2011-01-25 22:53 - 00265088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
    2012-06-21 13:13 - 2011-01-25 22:31 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
    2012-06-21 13:13 - 2010-11-01 21:18 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
    2012-06-21 13:13 - 2010-11-01 21:12 - 01133568 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
    2012-06-21 13:13 - 2010-06-25 21:31 - 01863680 ____A (Microsoft Corporation) C:\Windows\System32\ExplorerFrame.dll
    2012-06-21 13:13 - 2010-05-23 00:35 - 04068864 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll
    2012-06-21 13:13 - 2010-05-23 00:35 - 00206848 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll
    2012-06-21 13:11 - 2012-04-23 21:59 - 01460224 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2012-06-21 13:11 - 2012-04-23 21:59 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2012-06-21 13:11 - 2012-04-23 21:59 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2012-06-21 13:11 - 2012-04-23 20:47 - 01156608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2012-06-21 13:11 - 2012-04-23 20:47 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2012-06-21 13:11 - 2012-04-23 20:47 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2012-06-21 13:05 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-21 13:05 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-21 13:05 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-21 13:05 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-21 13:05 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-21 13:05 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-21 13:05 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-21 13:05 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-21 13:05 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-06-21 12:44 - 2012-06-21 12:44 - 03533704 ____A (iYogi) C:\Users\GA\Downloads\SDSetup.exe
    2012-06-21 12:44 - 2012-06-21 12:44 - 03533704 ____A (iYogi) C:\Users\GA\Downloads\SDSetup (1).exe
    2012-06-20 16:56 - 2012-05-04 02:52 - 05505392 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-06-20 16:56 - 2012-05-04 02:08 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2012-06-20 16:56 - 2012-05-04 02:08 - 03902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2012-06-20 16:56 - 2012-05-01 21:32 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
    2012-06-20 16:56 - 2012-04-25 21:34 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-06-20 16:56 - 2012-04-25 21:34 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-06-20 16:56 - 2012-04-25 21:28 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-06-20 16:55 - 2012-05-14 17:32 - 03144192 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-06-20 16:55 - 2012-04-27 19:50 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-06-20 16:55 - 2012-04-07 04:18 - 03213824 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll
    2012-06-20 16:55 - 2012-04-07 03:34 - 02342400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
    2012-06-20 16:47 - 2012-06-20 16:47 - 00000000 ____D C:\Users\All Users\Intel
    2012-06-20 15:20 - 2012-06-21 13:08 - 00000000 ____D C:\Program Files (x86)\iYogi Support Dock
    2012-06-20 14:45 - 2012-06-20 14:45 - 02998336 ____A (TeamViewer) C:\Users\GA\Downloads\TeamViewerQS_en.exe
    2012-06-11 17:25 - 2012-06-11 17:25 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (3).exe
    2012-06-11 17:23 - 2012-06-11 17:23 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (2).exe
    2012-06-11 17:22 - 2012-06-11 17:23 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (1).exe
    2012-06-11 16:28 - 2012-06-03 22:28 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

    ============ 3 Months Modified Files ========================

    2012-07-02 10:30 - 2010-09-18 08:05 - 01336489 ____A C:\Windows\WindowsUpdate.log
    2012-07-01 21:52 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2012-07-01 21:52 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2012-07-01 21:45 - 2012-01-05 16:40 - 00000916 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1402037810-1323609670-122994680-1000UA.job
    2012-07-01 21:38 - 2010-09-18 08:37 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2012-07-01 21:25 - 2012-05-10 14:20 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1402037810-1323609670-122994680-1000UA.job
    2012-07-01 20:04 - 2010-09-18 08:37 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2012-07-01 20:04 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2012-07-01 20:04 - 2009-07-13 20:51 - 00068623 ____A C:\Windows\setupact.log
    2012-07-01 11:38 - 2012-05-10 14:22 - 00002383 ____A C:\Users\GA\Desktop\Google Chrome.lnk
    2012-07-01 11:34 - 2012-07-01 11:34 - 00823576 ____A (Bandoo Media Inc) C:\Users\GA\Downloads\iLividSetupV1.exe
    2012-07-01 11:30 - 2012-01-05 16:40 - 00000894 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1402037810-1323609670-122994680-1000Core.job
    2012-06-30 14:25 - 2012-05-10 14:20 - 00000844 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1402037810-1323609670-122994680-1000Core.job
    2012-06-25 10:20 - 2012-06-25 10:20 - 00262144 ____A C:\Windows\Minidump\062512-22292-01.dmp
    2012-06-25 10:20 - 2011-07-06 13:58 - 386629141 ____A C:\Windows\MEMORY.DMP
    2012-06-25 10:12 - 2012-06-25 10:12 - 00262144 ____A C:\Windows\Minidump\062512-23244-01.dmp
    2012-06-23 23:08 - 2012-06-23 23:08 - 00262144 ____A C:\Windows\Minidump\062412-23696-01.dmp
    2012-06-22 02:19 - 2012-06-22 02:02 - 00005933 ____A C:\Windows\IE9_main.log
    2012-06-22 02:09 - 2012-06-22 02:09 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 09737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
    2012-06-22 02:09 - 2012-06-22 02:09 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
    2012-06-22 02:09 - 2012-06-22 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2012-06-22 02:09 - 2012-06-22 02:09 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2012-06-22 02:09 - 2012-06-22 02:09 - 02311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2012-06-22 02:09 - 2012-06-22 02:09 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2012-06-22 02:09 - 2012-06-22 02:09 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
    2012-06-22 02:09 - 2012-06-22 02:09 - 00434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2012-06-22 02:09 - 2012-06-22 02:09 - 00353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2012-06-22 02:09 - 2012-06-22 02:09 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2012-06-22 02:09 - 2012-06-22 02:09 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2012-06-22 02:09 - 2012-06-22 02:09 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
    2012-06-21 19:29 - 2012-06-21 19:29 - 00001505 ____A C:\Users\GA\Desktop\desktop - Shortcut.lnk
    2012-06-21 18:27 - 2012-06-21 18:27 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
    2012-06-21 18:27 - 2012-06-21 18:27 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
    2012-06-21 18:27 - 2012-06-21 18:27 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
    2012-06-21 18:27 - 2012-06-21 18:27 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
    2012-06-21 18:27 - 2011-09-15 22:10 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
    2012-06-21 17:05 - 2010-09-18 08:46 - 00037866 ____A C:\Windows\PFRO.log
    2012-06-21 12:57 - 2010-09-18 09:01 - 00001253 ____A C:\Windows\System32\ServiceFilter.ini
    2012-06-21 12:56 - 2009-07-13 20:45 - 00293288 ____A C:\Windows\System32\FNTCACHE.DAT
    2012-06-21 12:44 - 2012-06-21 12:44 - 03533704 ____A (iYogi) C:\Users\GA\Downloads\SDSetup.exe
    2012-06-21 12:44 - 2012-06-21 12:44 - 03533704 ____A (iYogi) C:\Users\GA\Downloads\SDSetup (1).exe
    2012-06-20 16:47 - 2010-09-18 09:01 - 00002228 ____A C:\Windows\System32\AutoRunFilter.ini
    2012-06-20 14:45 - 2012-06-20 14:45 - 02998336 ____A (TeamViewer) C:\Users\GA\Downloads\TeamViewerQS_en.exe
    2012-06-14 16:30 - 2009-07-13 21:08 - 00032582 ____A C:\Windows\Tasks\SCHEDLGU.TXT
    2012-06-11 17:25 - 2012-06-11 17:25 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (3).exe
    2012-06-11 17:23 - 2012-06-11 17:23 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (2).exe
    2012-06-11 17:23 - 2012-06-11 17:22 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight (1).exe
    2012-06-05 14:29 - 2012-06-05 14:29 - 00052736 ____A C:\Users\Guest\Downloads\occ_21-1020 (1).xls
    2012-06-05 14:25 - 2012-06-05 14:25 - 00052736 ____A C:\Users\Guest\Downloads\occ_21-1020.xls
    2012-06-03 22:28 - 2012-06-11 16:28 - 58957832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2012-06-03 20:09 - 2012-06-03 20:09 - 00000185 ____A C:\Users\Guest\Downloads\25-1000.00.wmv.asx
    2012-06-03 19:59 - 2012-06-03 19:59 - 00000185 ____A C:\Users\Guest\Downloads\21-1093.00.wmv.asx
    2012-06-03 19:47 - 2012-06-03 19:47 - 00000185 ____A C:\Users\Guest\Downloads\21-1022.00.wmv.asx
    2012-06-03 19:38 - 2012-06-03 19:38 - 00684288 ____A (RealNetworks, Inc.) C:\Users\Guest\Downloads\RealPlayer (2).exe
    2012-06-03 19:30 - 2012-06-03 19:30 - 00684288 ____A (RealNetworks, Inc.) C:\Users\Guest\Downloads\RealPlayer (1).exe
    2012-06-03 19:04 - 2012-06-03 19:04 - 00001266 ____A C:\Users\Public\Desktop\RealPlayer.lnk
    2012-06-03 19:03 - 2012-06-03 19:03 - 00272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
    2012-06-03 19:03 - 2012-06-03 19:03 - 00198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
    2012-06-03 19:03 - 2012-06-03 19:03 - 00006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll
    2012-06-03 19:03 - 2012-06-03 19:03 - 00005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll
    2012-06-03 19:03 - 2010-09-18 08:20 - 00499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
    2012-06-03 19:02 - 2012-06-03 19:02 - 00090624 ____A C:\Users\Public\AlexaNSISPlugin.7120.dll
    2012-06-03 19:00 - 2012-06-03 19:00 - 00684288 ____A (RealNetworks, Inc.) C:\Users\GA\Downloads\RealPlayer.exe
    2012-06-03 18:57 - 2012-06-03 18:57 - 00684288 ____A (RealNetworks, Inc.) C:\Users\Guest\Downloads\RealPlayer.exe
    2012-06-02 14:19 - 2012-06-21 13:05 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
    2012-06-02 14:19 - 2012-06-21 13:05 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
    2012-06-02 14:19 - 2012-06-21 13:05 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
    2012-06-02 14:19 - 2012-06-21 13:05 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
    2012-06-02 14:19 - 2012-06-21 13:05 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
    2012-06-02 14:19 - 2012-06-21 13:05 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
    2012-06-02 14:15 - 2012-06-21 13:05 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
    2012-06-02 14:15 - 2012-06-21 13:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
    2012-06-02 14:15 - 2012-06-21 13:05 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
    2012-05-30 11:08 - 2012-05-30 11:08 - 00279336 ____A C:\Windows\Minidump\053012-39717-01.dmp
    2012-05-26 16:23 - 2012-05-26 16:23 - 00319896 ____A C:\Windows\Minidump\052612-31028-01.dmp
    2012-05-24 18:37 - 2012-05-24 18:37 - 01837567 ____A C:\Users\GA\Downloads\setup (2).zip
    2012-05-24 18:37 - 2012-05-24 18:37 - 01837567 ____A C:\Users\GA\Downloads\setup (1).zip
    2012-05-24 18:36 - 2012-05-24 18:36 - 01837567 ____A C:\Users\GA\Downloads\setup.zip
    2012-05-23 13:19 - 2011-07-01 04:31 - 00025600 ____A C:\Users\GA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2012-05-18 20:16 - 2012-05-18 20:15 - 06955968 ____A (Microsoft Corporation) C:\Users\GA\Downloads\Silverlight.exe
    2012-05-18 19:57 - 2012-05-18 19:56 - 09761872 ____A (Microsoft Corporation) C:\Users\GA\Downloads\DefaultPack.EXE
    2012-05-15 14:11 - 2009-08-03 22:56 - 00393106 ____A C:\Windows\System32\prfh0804.dat
    2012-05-15 14:11 - 2009-08-03 22:56 - 00133984 ____A C:\Windows\System32\prfc0804.dat
    2012-05-15 14:11 - 2009-08-03 22:31 - 00710680 ____A C:\Windows\System32\prfh0816.dat
    2012-05-15 14:11 - 2009-08-03 22:31 - 00163488 ____A C:\Windows\System32\prfc0816.dat
    2012-05-15 14:11 - 2009-08-03 22:25 - 00409208 ____A C:\Windows\System32\prfh0404.dat
    2012-05-15 14:11 - 2009-08-03 22:25 - 00129070 ____A C:\Windows\System32\prfc0404.dat
    2012-05-15 14:11 - 2009-08-03 22:05 - 00725768 ____A C:\Windows\System32\perfh00C.dat
    2012-05-15 14:11 - 2009-08-03 22:05 - 00159876 ____A C:\Windows\System32\perfc00C.dat
    2012-05-15 14:11 - 2009-08-03 21:59 - 00790152 ____A C:\Windows\System32\perfh00A.dat
    2012-05-15 14:11 - 2009-08-03 21:59 - 00167870 ____A C:\Windows\System32\perfc00A.dat
    2012-05-15 14:11 - 2009-07-13 21:13 - 00005588 ____A C:\Windows\System32\PerfStringBackup.INI
    2012-05-15 14:10 - 2012-05-15 14:10 - 00034183 ____A C:\Users\Guest\Downloads\diagram 1st draft.pptx
    2012-05-14 17:32 - 2012-06-20 16:55 - 03144192 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2012-05-12 10:37 - 2012-05-12 10:37 - 00004017 ____A C:\Users\GA\Downloads\keys with counter arguments (2).html
    2012-05-12 10:33 - 2012-05-12 10:33 - 00004017 ____A C:\Users\GA\Downloads\keys with counter arguments (1).html
    2012-05-12 10:32 - 2012-05-12 10:32 - 00004017 ____A C:\Users\GA\Downloads\keys with counter arguments.html
    2012-05-12 10:29 - 2012-05-12 10:29 - 00001693 ____A C:\Users\GA\Desktop\Google Drive.lnk
    2012-05-10 14:54 - 2012-05-10 14:54 - 00279336 ____A C:\Windows\Minidump\051012-30139-01.dmp
    2012-05-10 14:08 - 2012-05-10 14:08 - 00739640 ____A (Google Inc.) C:\Users\GA\Downloads\ChromeSetup.exe
    2012-05-10 13:58 - 2012-05-10 13:01 - 00739640 ____A (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup.exe
    2012-05-10 13:47 - 2012-05-10 13:47 - 00739640 ____A (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup(4).exe
    2012-05-10 13:46 - 2012-05-10 13:46 - 00739640 ____A (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup(3).exe
    2012-05-10 13:36 - 2012-05-10 13:36 - 00739640 ____A (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup(2).exe
    2012-05-10 13:18 - 2012-05-10 13:18 - 00739840 ____A (Google Inc.) C:\Users\Guest\Downloads\ChromeSetup(1).exe
    2012-05-04 02:52 - 2012-06-20 16:56 - 05505392 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2012-05-04 02:08 - 2012-06-20 16:56 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2012-05-04 02:08 - 2012-06-20 16:56 - 03902320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2012-05-03 17:01 - 2012-05-03 17:01 - 00279336 ____A C:\Windows\Minidump\050312-55130-01.dmp
    2012-05-02 12:37 - 2012-05-02 12:36 - 00279336 ____A C:\Windows\Minidump\050212-53742-01.dmp
    2012-05-01 21:32 - 2012-06-20 16:56 - 00208896 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll
    2012-05-01 12:05 - 2012-05-01 09:28 - 00093612 ____A C:\Windows\System32\LexFiles.ulf
    2012-05-01 12:02 - 2012-05-01 09:31 - 00001067 ____A C:\Users\Public\Desktop\Lexmark Productivity Studio - 2600 Series.LNK
    2012-05-01 11:18 - 2010-09-18 09:02 - 00002595 ____A C:\Users\Public\Desktop\AI Recovery Burner.lnk
    2012-05-01 10:33 - 2012-05-01 10:33 - 01501801 ____A C:\Users\GA\Downloads\ErrorRepair_file.exe
    2012-05-01 09:41 - 2012-05-01 09:40 - 00000248 ____A C:\Users\All Users\lxdnDiagnostics.log
    2012-04-29 15:39 - 2012-04-29 15:39 - 00000237 ____A C:\user.js
    2012-04-29 15:38 - 2012-04-29 15:38 - 00000839 ____A C:\Users\Guest\Desktop\Media Player.lnk
    2012-04-29 15:37 - 2012-04-29 15:37 - 01107336 ____A C:\Users\Guest\Downloads\MediaPlayerSetup.exe
    2012-04-29 15:26 - 2012-04-29 15:26 - 00932704 ____A (DivX, LLC) C:\Users\Guest\Downloads\DivXInstaller(3).exe
    2012-04-29 15:22 - 2012-04-29 15:22 - 00001607 ____A C:\Users\GA\Desktop\DivX Movies.lnk
    2012-04-29 15:22 - 2012-04-29 15:22 - 00001114 ____A C:\Users\Public\Desktop\DivX Plus Player.lnk
    2012-04-29 15:22 - 2012-04-29 15:21 - 00002118 ____A C:\Users\Public\Desktop\DivX Plus Converter.lnk
    2012-04-29 15:20 - 2012-04-29 15:20 - 00932704 ____A (DivX, LLC) C:\Users\Guest\Downloads\DivXInstaller(2).exe
    2012-04-29 15:16 - 2012-04-29 15:14 - 54729016 ____A (DivX, LLC) C:\Users\Guest\Downloads\DivXInstaller(1).exe
    2012-04-29 15:12 - 2012-04-29 15:12 - 00932704 ____A (DivX, LLC) C:\Users\Guest\Downloads\DivXInstaller.exe
    2012-04-29 11:29 - 2012-04-29 11:29 - 08351056 ____A (AVG ) C:\Users\Guest\Downloads\avg_pct_stf_all_10_27_c1.exe
    2012-04-27 19:50 - 2012-06-20 16:55 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
    2012-04-25 21:34 - 2012-06-20 16:56 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
    2012-04-25 21:34 - 2012-06-20 16:56 - 00076288 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
    2012-04-25 21:28 - 2012-06-20 16:56 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
    2012-04-23 21:59 - 2012-06-21 13:11 - 01460224 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2012-04-23 21:59 - 2012-06-21 13:11 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2012-04-23 21:59 - 2012-06-21 13:11 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2012-04-23 20:47 - 2012-06-21 13:11 - 01156608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2012-04-23 20:47 - 2012-06-21 13:11 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2012-04-23 20:47 - 2012-06-21 13:11 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2012-04-17 19:35 - 2012-04-17 19:35 - 00279336 ____A C:\Windows\Minidump\041712-36363-01.dmp
    2012-04-15 09:36 - 2011-12-11 13:43 - 00000967 ____A C:\Users\Public\Desktop\AVG 2012.lnk

    ========================= Known DLLs (Whitelisted) ============


    ========================= Bamital & volsnap Check ============

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ========================= Memory info ======================

    Percentage of memory in use: 14%
    Total physical RAM: 3884.56 MB
    Available physical RAM: 3322.07 MB
    Total Pagefile: 3882.71 MB
    Available Pagefile: 3320.96 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.88 MB

    ======================= Partitions =========================

    1 Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:51.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    2 Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:329.62 GB) NTFS
    4 Drive f: (UDISK 2.0) (Removable) (Total:0.24 GB) (Free:0.23 GB) FAT
    5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

    Disk ### Status Size Free Dyn Gpt
    -------- ------------- ------- ------- --- ---
    Disk 0 Online 465 GB 1024 KB
    Disk 1 Online 244 MB 0 B

    Partitions of Disk 0:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 19 GB 31 KB
    Partition 2 Primary 116 GB 19 GB
    Partition 0 Extended 329 GB 135 GB
    Partition 3 Logical 329 GB 135 GB

    ==================================================================================

    Disk: 0
    Partition 1
    Type : 1C
    Hidden: Yes
    Active: No

    There is no volume associated with this partition.

    ==================================================================================

    Disk: 0
    Partition 2
    Type : 07
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 1 C OS NTFS Partition 116 GB Healthy

    ==================================================================================

    Disk: 0
    Partition 3
    Type : 07
    Hidden: No
    Active: No

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 2 D DATA NTFS Partition 329 GB Healthy

    ==================================================================================

    Partitions of Disk 1:
    ===============

    Partition ### Type Size Offset
    ------------- ---------------- ------- -------
    Partition 1 Primary 243 MB 16 KB

    ==================================================================================

    Disk: 1
    Partition 1
    Type : 0E
    Hidden: No
    Active: Yes

    Volume ### Ltr Label Fs Type Size Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volume 3 F UDISK 2.0 FAT Removable 243 MB Healthy

    ==================================================================================

    ==========================================================

    Last Boot: 2011-10-16 10:42

    ======================= End Of Log ==========================
     
    trickster21,
    #3
  5. 2012/07/08
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    I don't see anything malicious there.

    Let's see if we can restore your computer to the last known good start date.

    Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    On Vista or Windows 7: Now please enter System Recovery Options.
    On Windows XP: Now please boot into the UBCD.
    Run [color= "#0000FF"]FRST/FRST64[/color] and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

    See if you can boot normally.
     

    Attached Files:

    broni,
    #4
  6. 2012/07/08
    trickster21

    trickster21 Inactive Thread Starter

    Joined:
    2009/03/06
    Messages:
    18
    Likes Received:
    0
    Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 08-07-2012
    Ran by SYSTEM at 2012-07-08 14:17:27 Run:1
    Running from F:\

    ==============================================

    DEFAULT hive was successfully copied to System32\config\HiveBackup
    DEFAULT hive was successfully restored from registry back up.
    SAM hive was successfully copied to System32\config\HiveBackup
    SAM hive was successfully restored from registry back up.
    SECURITY hive was successfully copied to System32\config\HiveBackup
    SECURITY hive was successfully restored from registry back up.
    SOFTWARE hive was successfully copied to System32\config\HiveBackup
    SOFTWARE hive was successfully restored from registry back up.
    SYSTEM hive was successfully copied to System32\config\HiveBackup
    SYSTEM hive was successfully restored from registry back up.

    ==== End of Fixlog ====
     
    trickster21,
    #5
  7. 2012/07/08
    trickster21

    trickster21 Inactive Thread Starter

    Joined:
    2009/03/06
    Messages:
    18
    Likes Received:
    0
    The computer did start normally. What would have caused this issue?
     
    trickster21,
    #6
  8. 2012/07/08
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Good news :)

    There is really no way to find out what happened.
    Since I didn't see anything malicious I suspect some Windows corruption.

    Now since we went all the way back 2011-10-16 you must run some checks.
    Make sure to update Windows.
    Some programs may need reinstallation.
    Check your AV program and a firewall first then others.
     
    broni,
    #7
  9. 2012/07/08
    trickster21

    trickster21 Inactive Thread Starter

    Joined:
    2009/03/06
    Messages:
    18
    Likes Received:
    0
    thank you, will do.
     
    trickster21,
    #8
  10. 2012/07/08
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    You're very welcome [​IMG]
     
    broni,
    #9

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...