Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2012
Ran by Lilspree at 31-10-2012 11:59:49
Running from E:\
Service Pack 1 (X86) OS Language: English(US)
Attention: Could not load system hive.ERROR: The process cannot access the file because it is being used by another process.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
==================== One Month Created Files and Folders ========
2012-10-31 12:34 - 2012-10-31 11:59 - 00000000 ____D C:\FRST
2012-10-31 10:58 - 2012-10-31 10:58 - 00179712 ____A C:\Users\Lilspree\0.2162811992472986.exe
2012-10-31 10:01 - 2012-10-31 10:01 - 00000165 ___AH C:\Users\Lilspree\Documents\~$Growth.xlsx
2012-10-30 16:32 - 2012-10-30 16:32 - 00000988 ____A C:\Users\Lilspree\Desktop\PDF Reader.lnk
2012-10-30 16:32 - 2012-10-30 16:32 - 00000000 ____D C:\Users\Lilspree\AppData\Roaming\SumatraPDF
2012-10-30 16:32 - 2012-10-30 16:32 - 00000000 ____D C:\Program Files\PDFReader
2012-10-30 08:58 - 2012-10-31 09:14 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{01F261AA-5BD8-4799-A15D-E5F4FDAA2BAE}
2012-10-29 15:40 - 2012-10-31 10:03 - 00008372 ____A C:\Users\Lilspree\Documents\Growth.xlsx
2012-10-29 09:01 - 2012-10-29 09:01 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{F116F998-DC91-42A6-B7B3-1FCDA19ED306}
2012-10-28 10:56 - 2012-10-28 10:56 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{6D2B0818-2DA2-4CEF-9EEE-920590046FDB}
2012-10-27 09:56 - 2012-10-27 09:56 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{875EEA64-6C66-4DAE-A19F-74CDA78F97C9}
2012-10-26 08:16 - 2012-10-26 08:16 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{528068A4-A0C8-4CD3-8112-AABDA1196A7D}
2012-10-25 07:26 - 2012-10-25 07:27 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{6B435009-1C5C-4A71-AE3B-F60AD95A33A8}
2012-10-24 15:26 - 2012-10-24 15:26 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{9722674C-89ED-4C3C-B208-9F6FA3E06A99}
2012-10-23 10:18 - 2012-10-23 22:19 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{B7F1B23D-CA71-4480-BA12-906F78083992}
2012-10-23 08:26 - 2012-10-31 10:25 - 00009779 ____A C:\Users\Lilspree\Documents\Nani at Melissa.xlsx
2012-10-22 09:55 - 2012-10-22 09:55 - 00001092 ____A C:\Users\Public\Desktop\Eyeline Video System.lnk
2012-10-21 09:16 - 2012-10-22 22:17 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{345E75FC-002A-49A6-8427-12F90A3C344D}
2012-10-20 08:25 - 2012-10-20 08:25 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{2D47070D-277B-43A8-BC6B-5003B5597699}
2012-10-19 11:54 - 2012-10-19 11:54 - 00000000 ____D C:\Users\Lilspree\Documents\Symantec
2012-10-19 11:54 - 2012-10-19 11:54 - 00000000 ____D C:\Users\All Users\PCSettings
2012-10-19 11:48 - 2012-10-19 11:48 - 00001324 ____A C:\Users\Lilspree\Desktop\Norton Installation Files.lnk
2012-10-19 11:48 - 2012-10-19 11:48 - 00000000 ____D C:\Users\Public\Downloads\Norton
2012-10-19 07:25 - 2012-10-19 07:25 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{A10DB677-41CD-4DA1-9522-661862EC6D97}
2012-10-18 16:25 - 2012-10-18 16:25 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{E3C41681-030A-47CF-8240-D755B2D443F1}
2012-10-17 11:47 - 2012-10-17 23:47 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{2459405D-0476-4C75-8DA8-7FFCC62B3DB8}
2012-10-15 05:30 - 2012-10-16 19:09 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{C442A178-0EF7-42DD-BAB9-18F55865D2C9}
2012-10-12 07:36 - 2012-10-13 21:03 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{F20B5518-F4D6-4E54-B591-A5B28045835A}
2012-10-11 15:52 - 2012-10-11 15:52 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{AC9AFEA6-AC12-4D2D-8C02-9A12B2FABF61}
2012-10-10 09:42 - 2012-09-14 11:28 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-10 09:42 - 2012-08-24 09:57 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-10 09:41 - 2012-08-20 10:40 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-10 09:41 - 2012-08-20 10:40 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-10 09:41 - 2012-08-20 10:40 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-10 09:41 - 2012-08-20 10:37 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-10 09:41 - 2012-08-20 10:32 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 10:32 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 08:33 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 08:33 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 08:33 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-10 09:41 - 2012-08-20 08:33 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-10 09:40 - 2012-06-01 21:36 - 01159680 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-10 09:40 - 2012-06-01 21:36 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-10 09:40 - 2012-06-01 21:36 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-10 09:39 - 2012-08-31 10:18 - 01211760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-10 09:39 - 2012-08-10 16:56 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-10 09:38 - 2012-08-30 10:12 - 03968880 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-10-10 09:38 - 2012-08-30 10:12 - 03914096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-09 10:41 - 2012-10-09 10:41 - 10220472 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2012-10-07 08:19 - 2012-10-10 09:09 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{95D724F7-F300-4827-B940-4E06C19C3072}
2012-10-05 06:34 - 2012-10-06 07:05 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{7B24CBC2-5430-48CF-A272-081427C1CCFC}
2012-10-01 07:25 - 2012-10-04 10:01 - 00000000 ____D C:\Users\Lilspree\AppData\Local\{095C4DC8-D12B-4172-A3CC-4EF2003FA223}
==================== 3 Months Modified Files ==================
2012-10-31 11:55 - 2009-07-13 21:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-31 11:55 - 2009-07-13 21:39 - 00094902 ____A C:\Windows\setupact.log
2012-10-31 11:20 - 2011-02-08 15:06 - 01372016 ____A C:\Windows\WindowsUpdate.log
2012-10-31 11:19 - 2012-01-08 15:04 - 00000384 ____A C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2012-10-31 11:19 - 2011-08-11 01:04 - 00262123 ____A C:\Users\Lilspree\AppData\Roaming\Error.log
2012-10-31 11:19 - 2011-08-08 05:10 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-31 10:58 - 2012-10-31 10:58 - 00179712 ____A C:\Users\Lilspree\0.2162811992472986.exe
2012-10-31 10:36 - 2012-07-29 16:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-31 10:28 - 2012-09-03 09:08 - 00000920 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113721583-2875127098-2475180794-1000UA.job
2012-10-31 10:28 - 2012-09-03 09:08 - 00000868 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3113721583-2875127098-2475180794-1000Core.job
2012-10-31 10:28 - 2011-08-08 05:10 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-31 10:25 - 2012-10-23 08:26 - 00009779 ____A C:\Users\Lilspree\Documents\Nani at Melissa.xlsx
2012-10-31 10:21 - 2011-09-19 07:36 - 00000940 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3113721583-2875127098-2475180794-1000UA.job
2012-10-31 10:03 - 2012-10-29 15:40 - 00008372 ____A C:\Users\Lilspree\Documents\Growth.xlsx
2012-10-31 10:01 - 2012-10-31 10:01 - 00000165 ___AH C:\Users\Lilspree\Documents\~$Growth.xlsx
2012-10-31 09:27 - 2011-03-09 10:11 - 00000052 ____A C:\Windows\System32\DOErrors.log
2012-10-30 16:32 - 2012-10-30 16:32 - 00000988 ____A C:\Users\Lilspree\Desktop\PDF Reader.lnk
2012-10-30 16:31 - 2011-09-19 07:36 - 00000918 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3113721583-2875127098-2475180794-1000Core.job
2012-10-30 09:05 - 2009-07-13 21:34 - 00014128 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-30 09:05 - 2009-07-13 21:34 - 00014128 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-24 15:24 - 2012-03-06 20:03 - 00000332 ____A C:\Windows\Tasks\HPCeeScheduleForLilspree.job
2012-10-23 07:36 - 2011-03-06 22:17 - 00000132 ____A C:\Users\Lilspree\AppData\Local\mv_Photo.xml
2012-10-23 07:36 - 2011-03-06 22:17 - 00000123 ____A C:\Users\Lilspree\AppData\Local\mv_music.xml
2012-10-22 09:55 - 2012-10-22 09:55 - 00001092 ____A C:\Users\Public\Desktop\Eyeline Video System.lnk
2012-10-22 09:34 - 2011-03-13 11:34 - 00000330 ____A C:\Windows\Tasks\HPCeeScheduleForASSASSIN$.job
2012-10-20 12:30 - 2011-03-07 06:00 - 01149706 ____A C:\Windows\PFRO.log
2012-10-19 12:10 - 2009-09-06 16:02 - 00727310 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-19 11:48 - 2012-10-19 11:48 - 00001324 ____A C:\Users\Lilspree\Desktop\Norton Installation Files.lnk
2012-10-11 18:30 - 2012-09-03 09:09 - 00002464 ____A C:\Users\Lilspree\Desktop\Google Chrome.lnk
2012-10-11 16:05 - 2011-03-15 08:07 - 62968832 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-09 10:41 - 2012-10-09 10:41 - 10220472 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2012-10-09 10:41 - 2012-04-28 10:23 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-10-09 10:41 - 2011-07-02 05:04 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-09-21 16:20 - 2012-09-21 16:20 - 00039765 ____A C:\Users\Lilspree\Desktop\myfile.htm
2012-09-14 11:28 - 2012-10-10 09:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-10 14:33 - 2012-09-10 14:32 - 00057856 ____A C:\Users\Lilspree\Downloads\DrPsCu9_0200.wiz
2012-09-04 09:06 - 2012-09-04 09:06 - 00027496 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys
2012-08-31 10:18 - 2012-10-10 09:39 - 01211760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 10:12 - 2012-10-10 09:38 - 03968880 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-08-30 10:12 - 2012-10-10 09:38 - 03914096 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-26 10:03 - 2009-07-13 21:53 - 00032584 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-24 09:57 - 2012-10-10 09:42 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 00:27 - 2012-09-23 16:35 - 12319744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 00:03 - 2012-09-23 16:35 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-23 23:59 - 2012-09-23 16:35 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-08-23 23:51 - 2012-09-23 16:35 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-08-23 23:51 - 2012-09-23 16:35 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-23 23:51 - 2012-09-23 16:35 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-23 23:49 - 2012-09-23 16:35 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-23 23:48 - 2012-09-23 16:35 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-23 23:47 - 2012-09-23 16:35 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-08-23 23:47 - 2012-09-23 16:35 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-08-23 23:47 - 2012-09-23 16:35 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-08-23 23:45 - 2012-09-23 16:35 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-23 23:44 - 2012-09-23 16:35 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-23 23:44 - 2012-09-23 16:35 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-23 23:43 - 2012-09-23 16:36 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-23 23:40 - 2012-09-23 16:35 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-23 03:32 - 2009-07-13 21:33 - 00413904 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-22 10:16 - 2012-09-12 09:49 - 01292144 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-08-22 10:16 - 2012-09-12 09:49 - 00712048 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2012-08-22 10:16 - 2012-09-12 09:49 - 00240496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2012-08-22 10:16 - 2012-09-12 09:49 - 00187760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2012-08-21 13:12 - 2012-09-26 06:47 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\OxpsConverter.exe
2012-08-20 10:40 - 2012-10-10 09:41 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-20 10:40 - 2012-10-10 09:41 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-20 10:40 - 2012-10-10 09:41 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-20 10:37 - 2012-10-10 09:41 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-20 10:32 - 2012-10-10 09:41 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 10:32 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 08:33 - 2012-10-10 09:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 08:33 - 2012-10-10 09:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 08:33 - 2012-10-10 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 08:33 - 2012-10-10 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-10 16:56 - 2012-10-10 09:39 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3113721583-2875127098-2475180794-1000\$d953e828d7e4d94de0c0b3243b22ee4e
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 1011.87 MB
Available physical RAM: 577.12 MB
Total Pagefile: 2035.87 MB
Available Pagefile: 1623.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1953.84 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:214.58 GB) (Free:61.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (RECOVERY) (Fixed) (Total:18 GB) (Free:2.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (USB20FD) (Removable) (Total:3.77 GB) (Free:2.95 GB) FAT32
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 103 MB
Disk 1 Online 3864 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 214 GB 200 MB
Partition 3 Primary 18 GB 214 GB
=========================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 SYSTEM NTFS Partition 199 MB Healthy System (partition with boot components)
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 214 GB Healthy Boot
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVERY NTFS Partition 18 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3863 MB 31 KB
=========================================================
Disk: 1
Partition 1
Type : 0C
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E USB20FD FAT32 Removable 3863 MB Healthy
=========================================================
Last Boot: 2012-10-26 08:52
==================== End Of Log ============================