Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2012
Ran by SYSTEM at 27-10-2012 22:00:11
Running from F:\
Windows 7 Home Premium   (X64) OS Language: English(US) 
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: []  [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x]
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x]
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [x]
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [x]
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x]
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [x]
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [x]
HKLM-x32\...\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x]
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED [3218792 2010-06-02] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [552960 2010-06-11] (Toshiba)
HKLM-x32\...\Run: []  [x]
HKU\Amber\...\Run: [Google Update] "C:\Users\Amber\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-22] (Google Inc.)
HKU\Amber\...\Winlogon: [Shell] Explorer.exe
Tcpip\Parameters: [DhcpNameServer] 150.250.1.1 150.250.1.3 150.250.65.39 150.250.65.28
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll 

==================== Services (Whitelisted) ===================

2 lxdp_device; C:\windows\system32\lxdpcoms.exe -service [1039872 2007-11-19] ( )
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe /s  [131512 2012-06-24] (Symantec Corporation)
2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll" /prefetch:1 [132984 2009-08-29] (Symantec Corporation)

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20121019.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121021.008\ENG64.SYS [126112 2012-09-12] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121021.008\EX64.SYS [2084000 2012-09-12] (Symantec Corporation)
2 regi; C:\Windows\SysWow64\Drivers\regi.sys [11032 2007-04-17] (InterVideo)
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-07-03] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-10-26 22:52 - 2012-10-26 22:52 - 00000000 __SHD C:\found.000
2012-10-22 20:06 - 2012-10-22 20:06 - 00000000 ____D C:\Windows\System32\%LOCALAPPDATA%
2012-10-22 09:15 - 2012-10-22 09:15 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Mozilla
2012-10-22 01:33 - 2012-10-22 01:33 - 00000000 ____D C:\Users\Amber\AppData\Local\Symantec
2012-10-09 16:26 - 2012-09-14 11:23 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-09 16:26 - 2012-09-14 10:30 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-09 16:26 - 2012-08-31 10:02 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-09 16:26 - 2012-08-30 10:11 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-09 16:26 - 2012-08-30 09:18 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-09 16:26 - 2012-08-30 09:18 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-09 16:26 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-09 16:26 - 2012-08-24 09:10 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-09 16:26 - 2012-08-18 07:42 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-09 16:26 - 2012-08-18 07:40 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-09 16:26 - 2012-08-18 07:37 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-09 16:26 - 2012-08-18 07:37 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-09 16:26 - 2012-08-18 07:34 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-09 16:26 - 2012-08-18 07:22 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:22 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-09 16:26 - 2012-08-18 03:19 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-09 16:26 - 2012-08-18 03:17 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-09 16:26 - 2012-08-18 03:17 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-09 16:26 - 2012-08-18 03:17 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:12 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-09 16:26 - 2012-08-18 01:12 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-09 16:26 - 2012-08-18 01:07 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-09 16:25 - 2012-08-10 16:53 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-09 16:25 - 2012-08-10 15:54 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 01462784 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 01157632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-09 15:13 - 2012-10-09 15:13 - 00963984 ____A (BitTorrent, Inc.) C:\Users\Amber\Downloads\uTorrent.exe
2012-10-07 17:20 - 2012-10-07 17:21 - 00000000 ____D C:\Users\All Users\EPSON
2012-10-07 17:20 - 2012-10-07 17:20 - 10212664 ____A C:\Users\Amber\Downloads\epson13308.exe
2012-10-07 17:20 - 2007-12-06 22:08 - 00108032 ____A (SEIKO EPSON CORPORATION) C:\Windows\System32\E_ILMEEA.DLL
2012-10-07 17:20 - 2007-12-06 22:01 - 00081408 ____A (SEIKO EPSON CORPORATION) C:\Windows\System32\E_IBCBEEA.DLL
2012-10-05 17:31 - 2012-10-05 17:31 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45 (1).exe
2012-10-05 17:22 - 2012-10-05 17:22 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45.exe
2012-10-03 15:02 - 2012-10-03 15:09 - 52276136 ____A C:\Users\Amber\Downloads\DJ3050_J610_231.exe
2012-10-01 21:02 - 2012-10-01 21:02 - 00000693 ____A C:\Users\Amber\Desktop\Amber - Shortcut.lnk
2012-09-27 21:42 - 2012-10-23 09:41 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-09-27 10:50 - 2012-09-27 10:50 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Thomson Learning
2012-09-27 10:50 - 2012-09-27 10:50 - 00000000 ____D C:\Users\Amber\AppData\Local\Thomson Learning
2012-09-27 10:48 - 2012-10-04 09:47 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Diet Analysis Plus 8.0.1
2012-09-27 10:47 - 2012-09-27 10:49 - 00001143 ____A C:\Users\Amber\Desktop\Diet Analysis Plus 8.0.1.lnk
2012-09-27 10:47 - 2012-09-27 10:47 - 00039414 ____A C:\Users\Amber\Desktop\uninst.exe
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\xtras
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\jre1.5.0_07
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\dwsmedia
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\DAplusRunner
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\apache-tomcat-5.5.17


==================== 3 Months Modified Files ==================

2012-10-27 17:43 - 2009-07-13 20:51 - 00048141 ____A C:\Windows\setupact.log
2012-10-27 10:34 - 2010-08-29 20:44 - 00002235 ____A C:\Users\Amber\Desktop\Google Chrome.lnk
2012-10-24 09:23 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-24 01:40 - 2011-01-16 12:49 - 01189976 ____A C:\Windows\WindowsUpdate.log
2012-10-23 09:41 - 2012-09-27 21:42 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-23 09:41 - 2011-12-01 10:50 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001UA.job
2012-10-23 09:41 - 2011-08-20 13:06 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001UA.job
2012-10-23 09:41 - 2010-08-29 20:44 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-22 23:09 - 2009-07-13 20:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-22 23:08 - 2009-07-13 20:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-22 22:18 - 2010-08-29 20:44 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-21 16:08 - 2011-12-01 10:49 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001Core.job
2012-10-20 22:46 - 2011-08-20 13:06 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001Core.job
2012-10-10 18:29 - 2009-07-13 21:13 - 00780196 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-10 06:15 - 2012-05-03 19:33 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-10 06:15 - 2011-10-13 06:51 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-09 23:05 - 2011-07-28 17:34 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-09 23:05 - 2009-07-13 18:34 - 00000499 ____A C:\Windows\win.ini
2012-10-09 15:13 - 2012-10-09 15:13 - 00963984 ____A (BitTorrent, Inc.) C:\Users\Amber\Downloads\uTorrent.exe
2012-10-07 17:20 - 2012-10-07 17:20 - 10212664 ____A C:\Users\Amber\Downloads\epson13308.exe
2012-10-05 17:31 - 2012-10-05 17:31 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45 (1).exe
2012-10-05 17:22 - 2012-10-05 17:22 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45.exe
2012-10-03 15:09 - 2012-10-03 15:02 - 52276136 ____A C:\Users\Amber\Downloads\DJ3050_J610_231.exe
2012-10-01 21:02 - 2012-10-01 21:02 - 00000693 ____A C:\Users\Amber\Desktop\Amber - Shortcut.lnk
2012-09-27 10:49 - 2012-09-27 10:47 - 00001143 ____A C:\Users\Amber\Desktop\Diet Analysis Plus 8.0.1.lnk
2012-09-27 10:47 - 2012-09-27 10:47 - 00039414 ____A C:\Users\Amber\Desktop\uninst.exe
2012-09-26 16:31 - 2011-01-16 13:57 - 00066232 ____A C:\Users\Amber\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-23 14:51 - 2012-09-23 14:51 - 00015625 ____A C:\Users\Amber\Downloads\[kat.ph]rio.2011.r5.xvid.maxspeed.torrent
2012-09-23 14:50 - 2012-09-23 14:50 - 00014766 ____A C:\Users\Amber\Downloads\[kat.ph]30.minutes.or.less.2011.bdrip.xvid.hdt (1).torrent
2012-09-23 14:49 - 2012-09-23 14:49 - 00029653 ____A C:\Users\Amber\Downloads\[kat.ph]the.lucky.one.2012.bdrip.xvid.amiable.torrent
2012-09-23 14:49 - 2012-09-23 14:49 - 00014885 ____A C:\Users\Amber\Downloads\[kat.ph]the.five.year.engagement.2012.unrated.dvdrip.xvid.absurdity.torrent
2012-09-23 14:48 - 2012-09-23 14:48 - 00114880 ____A C:\Users\Amber\Downloads\[kat.ph]snow.white.and.the.huntsman.2012.extended.bdrip.xvid.amiable.torrent
2012-09-23 14:44 - 2012-09-23 14:44 - 00094999 ____A C:\Users\Amber\Downloads\[kat.ph]the.avengers.2012.dvdrip.xvid.nydic.torrent
2012-09-23 14:44 - 2012-09-23 14:44 - 00058612 ____A C:\Users\Amber\Downloads\[kat.ph]the.amazing.spiderman.2012.hdcam.x264.aac.unique.torrent
2012-09-23 14:43 - 2012-09-23 14:43 - 00029442 ____A C:\Users\Amber\Downloads\[kat.ph]magic.mike.2012.r5.dvdrip.xvid.resistance.torrent
2012-09-23 14:42 - 2012-09-23 14:42 - 00015078 ____A C:\Users\Amber\Downloads\[kat.ph]50.shades.of.grey.mobi.reader.included.torrent
2012-09-21 23:27 - 2012-09-21 23:27 - 00271480 ____A C:\Windows\Minidump\092212-34569-01.dmp
2012-09-21 23:27 - 2011-03-29 14:24 - 312792182 ____A C:\Windows\MEMORY.DMP
2012-09-18 23:40 - 2010-08-29 21:00 - 00019516 ____A C:\Windows\PFRO.log
2012-09-16 13:04 - 2012-09-16 13:04 - 00010654 ____A C:\Users\Amber\Downloads\rss
2012-09-14 11:23 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:30 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-12 18:28 - 2012-09-12 18:28 - 03129856 ____A C:\Users\Amber\Downloads\Chapter_1.ppt
2012-09-05 06:02 - 2011-11-03 16:29 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-31 10:02 - 2012-10-09 16:26 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 10:11 - 2012-10-09 16:26 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:18 - 2012-10-09 16:26 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:18 - 2012-10-09 16:26 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-28 17:48 - 2012-08-28 17:48 - 01130614 ____A C:\Users\Amber\Downloads\Bradford Dissolvable Agent (2).exe
2012-08-24 10:05 - 2012-10-09 16:26 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 01501696 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 01197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 10:03 - 2012-09-21 20:23 - 01026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 09375744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00736256 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 12404736 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 02458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-24 09:59 - 2012-09-21 20:23 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-08-24 09:10 - 2012-10-09 16:26 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 01230848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 06029824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 11019776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 02072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-08-24 09:06 - 2012-09-21 20:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-08-24 08:45 - 2012-09-21 20:23 - 00482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-08-24 08:02 - 2012-09-21 20:23 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 08:01 - 2012-09-21 20:23 - 00386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-08-24 07:27 - 2012-09-21 20:23 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 20:25 - 2012-06-06 07:43 - 00001200 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-08-22 23:53 - 2012-08-22 23:53 - 73906837 ____A C:\Users\Amber\Downloads\acorns are yum. - Acorns Are YUM.zip
2012-08-18 07:43 - 2012-10-09 16:26 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-18 07:43 - 2012-10-09 16:26 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-18 07:43 - 2012-10-09 16:26 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-18 07:42 - 2012-10-09 16:26 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-18 07:40 - 2012-10-09 16:26 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-18 07:37 - 2012-10-09 16:26 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-18 07:37 - 2012-10-09 16:26 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-18 07:34 - 2012-10-09 16:26 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-18 07:22 - 2012-10-09 16:26 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-18 03:22 - 2012-10-09 16:26 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-18 03:19 - 2012-10-09 16:26 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-18 03:17 - 2012-10-09 16:26 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-18 03:17 - 2012-10-09 16:26 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-18 03:17 - 2012-10-09 16:26 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-18 01:12 - 2012-10-09 16:26 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-18 01:12 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-18 01:07 - 2012-10-09 16:26 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-15 23:39 - 2009-07-13 20:45 - 00296256 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-14 07:59 - 2012-08-14 07:59 - 00358779 ____A (${TXT_VI_COMPANY_NAME}) C:\Users\Amber\Downloads\DtsFilterSetup.exe
2012-08-10 16:53 - 2012-10-09 16:25 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:54 - 2012-10-09 16:25 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-02 17:35 - 2012-08-02 17:35 - 00359643 ____A C:\Users\Amber\Downloads\[kat.ph]50.50.2011.720p.bluray.x264.refined.torrent
2012-08-02 17:34 - 2012-08-02 17:34 - 00057745 ____A C:\Users\Amber\Downloads\[kat.ph]all.good.things.2010.proper.limited.bdrip.xvid.nodlabs.torrent
2012-08-02 17:32 - 2012-08-02 17:32 - 00015176 ____A C:\Users\Amber\Downloads\[kat.ph]brothers.2009.720p.brrip.x264.700mb.yify.torrent
2012-08-02 17:29 - 2012-08-02 17:29 - 00045541 ____A C:\Users\Amber\Downloads\[kat.ph]the.bounty.hunter.2010.720p.bluray.x264.metis.torrent
2012-08-02 17:25 - 2012-08-02 17:25 - 00014954 ____A C:\Users\Amber\Downloads\[kat.ph]twelve.2010.dvdrip.eng.fxg.torrent
2012-08-02 17:25 - 2012-08-02 17:25 - 00014740 ____A C:\Users\Amber\Downloads\[kat.ph]raising.helen.2004.dvdrip.xvid.blitzkrieg.avi.torrent
2012-08-02 17:24 - 2012-08-02 17:24 - 00012950 ____A C:\Users\Amber\Downloads\[kat.ph]the-next-three-days-2010-dvdrip-xvid-maxspeed.torrent
2012-08-02 09:55 - 2012-09-12 13:59 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 09:05 - 2012-09-12 13:59 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 3890.67 MB
Available physical RAM: 3338.06 MB
Total Pagefile: 3888.82 MB
Available Pagefile: 3326.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (TI105957W0F) (Fixed) (Total:452.7 GB) (Free:136.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:7.45 GB) (Free:6.24 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          465 GB      0 B         
  Disk 1    Online         7648 MB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery          1500 MB  1024 KB
  Partition 2    Primary            452 GB  1501 MB
  Partition 3    Primary             11 GB   454 GB

==================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     D   System       NTFS   Partition   1500 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   TI105957W0F  NTFS   Partition    452 GB  Healthy            

=========================================================

Disk: 0
Partition 3
Type  : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Partitions of Disk 1:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           7646 MB  1132 KB

==================================================================================

Disk: 1
Partition 1
Type  : 0B
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     F                FAT32  Removable   7646 MB  Healthy            

=========================================================

Last Boot: 2012-10-22 02:52

==================== End Of Log =============================