Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 12-06-2012 02
Ran by SYSTEM at 14-06-2012 11:07:23
Running from H:\
Windows 7 Home Basic (X86) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe [141848 2009-11-06] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe [175128 2009-11-06] (Intel Corporation)
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe [166936 2009-11-06] (Intel Corporation)
HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [282624 2009-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe [495708 2009-10-20] (IDT, Inc.)
HKLM\...\Run: [HPCam_Menu] "c:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam" [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [567864 2009-08-25] ()
HKLM\...\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe [842816 2009-07-01] (DigitalPersona, Inc.)
HKLM\...\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [322104 2009-08-20] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NortonOnlineBackupReminder] "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED [600936 2009-06-29] (Symantec Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [37296 2011-09-07] (Adobe Systems Incorporated)
HKLM\...\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM\...\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [31072 2008-10-24] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [111856 2009-02-23] (Yahoo! Inc)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [FileServe Manager Task] "C:\Program Files\FileServe Manager\FSStarter.exe" [954648 2011-06-20] (FileServe Limited)
HKLM\...\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE [1698744 2011-09-19] (MusicLab, LLC)
HKLM\...\Run: [] [x]
HKLM\...\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe" [992648 2012-05-25] (Spigot, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKU\SHARBARI\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2363392 2009-10-16] (Hewlett-Packard Company)
HKU\SHARBARI\...\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [1685048 2009-09-29] (Hewlett-Packard)
HKU\SHARBARI\...\Run: [BitTorrent DNA] "C:\Users\SHARBARI\Program Files\DNA\btdna.exe" [323392 2010-05-16] (BitTorrent, Inc.)
HKU\SHARBARI\...\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" [395640 2011-01-16] (BitTorrent, Inc.)
HKU\SHARBARI\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-08-16] (Google Inc.)
HKU\SHARBARI\...\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet [5252408 2010-05-31] (Yahoo! Inc.)
HKU\SHARBARI\...\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKU\SHARBARI\...\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme [x]
HKU\SHARBARI\...\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray [1479680 2010-05-13] (Nokia)
Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~1\SEARCH~1\SEARCH~1\IEBHO.dll
Tcpip\..\Interfaces\{7CEE0C2C-1FA1-4527-A85D-65C23D4E06AF}: [NameServer]10.10.0.1,4.2.2.2
Lsa: [Notification Packages] scecli
DPPWDFLT
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Kaspersky Security Scan.lnk
ShortcutTarget: Kaspersky Security Scan.lnk -> C:\Program Files\Kaspersky Security Scan\KSS.exe ()
Startup: C:\Users\SHARBARI\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\SHARBARI\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
ShortcutTarget: Picture Motion Browser Media Check Tool.lnk -> C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
================================ Services (Whitelisted) ==================
2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe [81920 2009-03-03] (Andrea Electronics Corporation)
2 Application Updater; "C:\Program Files\Application Updater\ApplicationUpdater.exe" [785344 2012-05-25] (Spigot, Inc.)
3 Boonty Games; "C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe" [69120 2010-09-20] (BOONTY)
2 btwdins; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [582944 2009-07-30] (Broadcom Corporation.)
2 DvmMDES; "C:\SPLASH.SYS\config\DVMExportService.exe" [323584 2009-07-08] (DeviceVM, Inc.)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
3 GameConsoleService; "C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe" [246520 2010-06-18] (WildTangent, Inc.)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation)
2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [120832 2009-10-15] (Hewlett-Packard)
3 NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG)
2 RichVideo; "C:\Program Files\CyberLink\Shared files\RichVideo.exe" [247152 2009-07-06] ()
2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\STacSV.exe [221266 2009-10-20] (IDT, Inc.)
2 vcsFPService; C:\Windows\system32\vcsFPService.exe [1656112 2009-07-12] (Validity Sensors, Inc.)
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [x]
========================== Drivers (Whitelisted) =============
1 DVMIO; \??\C:\SPLASH.SYS\config\dvmio.sys [17624 2009-09-29] (DeviceVM, Inc.)
1 ElRawDisk; \??\C:\Windows\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation)
0 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [41040 2009-07-13] (Intel Corp./ICP vortex GmbH)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [74112 2012-03-20] (Microsoft Corporation)
3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [18816 2008-08-25] (Nokia)
3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2011-01-16] (VSO Software)
3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [150048 2009-11-12] (Realtek Semiconductor Corp.)
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [181792 2009-11-12] (Realtek Semiconductor Corp.)
3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_i386.sys [39808 2007-07-25] ()
3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.)
3 usbser; C:\Windows\system32\drivers\usbser.sys [27648 2010-11-20] (Microsoft Corporation)
3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2010-12-01] (Nokia)
3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [311296 2009-07-13] (Marvell)
1 bprrenqy; \??\C:\Windows\system32\drivers\bprrenqy.sys [x]
1 enkcykrx; \??\C:\Windows\system32\drivers\enkcykrx.sys [x]
1 hhtxggve; \??\C:\Windows\system32\drivers\hhtxggve.sys [x]
3 RTSTOR; C:\Windows\System32\drivers\RTSTOR.SYS [x]
1 tsbohyrq; \??\C:\Windows\system32\drivers\tsbohyrq.sys [x]
1 ttbrkkxa; \??\C:\Windows\system32\drivers\ttbrkkxa.sys [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-06-13 21:31 - 2012-06-14 11:07 - 00000000 ____D C:\FRST
2012-06-12 12:23 - 2012-06-12 12:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-12 12:06 - 2012-06-13 21:30 - 03241472 ____A C:\Windows\ntbtlog.txt
2012-06-10 08:08 - 2012-06-10 08:08 - 00000000 ____D C:\bc65a29436444c4a565c91f029
2012-06-10 08:00 - 2012-06-10 08:07 - 00000000 ____D C:\Users\SHARBARI\Downloads\Real Steel (2011)
2012-06-10 07:42 - 2012-06-10 07:42 - 00000000 ____D C:\Users\SHARBARI\Downloads\Mission Impossible 4 Ghost Protocol (2011) DVDRip XviD-MAXSPEED
2012-06-10 07:34 - 2012-06-10 07:35 - 00000000 ____D C:\Users\SHARBARI\Downloads\The.Mist[2007]DvDrip[Eng]-aXXo
2012-06-10 07:26 - 2012-06-10 07:37 - 00000000 ____D C:\Users\All Users\B7E8586B0023961C01404F54B4EB23C1
2012-05-22 00:44 - 2012-06-06 21:11 - 00000000 ____D C:\Users\SHARBARI\AppData\Local\WinZip
2012-05-22 00:44 - 2012-05-22 00:44 - 00000000 ____D C:\Users\All Users\Tarma Installer
2012-05-22 00:44 - 2012-05-22 00:44 - 00000000 ____D C:\Program Files\Yontoo
2012-05-22 00:41 - 2012-05-22 00:41 - 00002205 ____A C:\Users\Public\Desktop\WinZip.lnk
2012-05-22 00:30 - 2012-05-22 00:30 - 00001229 ____A C:\Users\SHARBARI\Desktop\Play HP Games.lnk
2012-05-22 00:20 - 2012-05-22 00:40 - 54314312 ____A C:\Users\SHARBARI\Desktop\winzip160.exe
2012-05-22 00:18 - 2012-05-22 00:19 - 00000000 ____D C:\Program Files\YouTube Downloader Toolbar
2012-05-22 00:18 - 2012-05-22 00:19 - 00000000 ____D C:\Program Files\Application Updater
2012-05-22 00:18 - 2012-05-22 00:18 - 00000000 ____D C:\Program Files\Common Files\Spigot
============ 3 Months Modified Files and Folders ===============
2012-06-14 11:00 - 2010-04-14 04:11 - 00000000 ____D C:\Users\All Users\Recovery
2012-06-13 21:31 - 2011-08-08 10:09 - 00000000 ____D C:\Users\SHARBARI\AppData\Local\FileServe Manager
2012-06-13 21:31 - 2010-05-24 10:02 - 00000000 ____D C:\Users\SHARBARI\AppData\Roaming\uTorrent
2012-06-13 21:31 - 2010-05-16 04:15 - 00000000 ____D C:\Users\SHARBARI\AppData\Roaming\DNA
2012-06-13 21:31 - 2010-03-12 02:47 - 00000177 ____H C:\dvmexp.idx
2012-06-13 21:30 - 2012-06-12 12:06 - 03241472 ____A C:\Windows\ntbtlog.txt
2012-06-13 21:30 - 2011-05-05 21:32 - 00056505 ____A C:\Windows\setupact.log
2012-06-13 21:30 - 2010-08-16 09:22 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-06-13 21:30 - 2010-04-14 04:01 - 00000174 ____A C:\Users\All Users\HPWALog.txt
2012-06-13 21:30 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-12 12:40 - 2010-03-12 02:12 - 01753639 ____A C:\Windows\WindowsUpdate.log
2012-06-12 12:23 - 2012-06-12 12:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-12 12:23 - 2011-02-23 04:47 - 00000000 __SHD C:\Config.Msi
2012-06-12 12:23 - 2011-01-31 10:09 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-12 12:23 - 2009-09-06 15:02 - 00722802 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-12 12:21 - 2011-03-01 12:26 - 00000000 ____D C:\Users\SHARBARI\AppData\Roaming\Orbit
2012-06-12 12:08 - 2012-01-11 08:36 - 00000000 __SHD C:\Users\SHARBARI\AppData\Local\{59549a40-78be-6076-8cf5-2cd7e244131a}
2012-06-12 12:07 - 2010-08-16 09:22 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-06-12 12:06 - 2009-07-13 20:53 - 00032620 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-06-10 08:08 - 2012-06-10 08:08 - 00000000 ____D C:\bc65a29436444c4a565c91f029
2012-06-10 08:07 - 2012-06-10 08:00 - 00000000 ____D C:\Users\SHARBARI\Downloads\Real Steel (2011)
2012-06-10 08:03 - 2010-04-24 11:12 - 00129024 ____A C:\Users\SHARBARI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-10 07:58 - 2009-12-21 18:10 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-06-10 07:42 - 2012-06-10 07:42 - 00000000 ____D C:\Users\SHARBARI\Downloads\Mission Impossible 4 Ghost Protocol (2011) DVDRip XviD-MAXSPEED
2012-06-10 07:41 - 2011-10-02 07:13 - 00000000 ____D C:\Users\SHARBARI\AppData\Roaming\vlc
2012-06-10 07:37 - 2012-06-10 07:26 - 00000000 ____D C:\Users\All Users\B7E8586B0023961C01404F54B4EB23C1
2012-06-10 07:35 - 2012-06-10 07:34 - 00000000 ____D C:\Users\SHARBARI\Downloads\The.Mist[2007]DvDrip[Eng]-aXXo
2012-06-10 07:33 - 2009-07-13 20:34 - 00021248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-10 07:33 - 2009-07-13 20:34 - 00021248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-06 21:11 - 2012-05-22 00:44 - 00000000 ____D C:\Users\SHARBARI\AppData\Local\WinZip
2012-06-06 20:25 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF
2012-06-06 20:19 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2012-05-22 00:55 - 2010-04-14 03:57 - 00000000 ____D C:\users\SHARBARI
2012-05-22 00:44 - 2012-05-22 00:44 - 00000000 ____D C:\Users\All Users\Tarma Installer
2012-05-22 00:44 - 2012-05-22 00:44 - 00000000 ____D C:\Program Files\Yontoo
2012-05-22 00:43 - 2012-01-23 03:35 - 00000000 ____D C:\Program Files\WinZipBar
2012-05-22 00:43 - 2010-11-25 11:05 - 00000000 ____D C:\Users\All Users\WinZip
2012-05-22 00:41 - 2012-05-22 00:41 - 00002205 ____A C:\Users\Public\Desktop\WinZip.lnk
2012-05-22 00:41 - 2010-04-14 05:59 - 00000000 ____D C:\Program Files\WinZip
2012-05-22 00:40 - 2012-05-22 00:20 - 54314312 ____A C:\Users\SHARBARI\Desktop\winzip160.exe
2012-05-22 00:30 - 2012-05-22 00:30 - 00001229 ____A C:\Users\SHARBARI\Desktop\Play HP Games.lnk
2012-05-22 00:19 - 2012-05-22 00:18 - 00000000 ____D C:\Program Files\YouTube Downloader Toolbar
2012-05-22 00:19 - 2012-05-22 00:18 - 00000000 ____D C:\Program Files\Application Updater
2012-05-22 00:19 - 2010-04-14 03:57 - 00000000 ____D C:\Users\SHARBARI\AppData\LocalLow
2012-05-22 00:18 - 2012-05-22 00:18 - 00000000 ____D C:\Program Files\Common Files\Spigot
2012-05-22 00:17 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public
2012-05-22 00:11 - 2011-07-30 20:42 - 00017020 ____A C:\Windows\PFRO.log
2012-04-26 06:38 - 2011-11-10 08:31 - 55656824 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-04-22 10:17 - 2009-12-21 19:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-04-22 10:12 - 2010-04-15 08:25 - 00000000 ____D C:\Users\SHARBARI\AppData\Roaming\dvdcss
2012-04-22 09:42 - 2009-07-13 20:33 - 00418208 ____A C:\Windows\System32\FNTCACHE.DAT
2012-03-30 20:39 - 2012-04-22 10:21 - 03968368 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2012-03-30 20:39 - 2012-04-22 10:21 - 03913072 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-30 18:36 - 2012-04-22 10:21 - 02343424 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-30 02:23 - 2012-04-22 10:22 - 01291632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-20 07:14 - 2012-03-20 07:14 - 00171064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\MpFilter.sys
2012-03-20 07:14 - 2012-03-20 07:14 - 00074112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\NisDrvWFP.sys
ZeroAccess:
C:\Windows\Installer\{59549a40-78be-6076-8cf5-2cd7e244131a}
C:\Windows\Installer\{59549a40-78be-6076-8cf5-2cd7e244131a}\@
C:\Windows\Installer\{59549a40-78be-6076-8cf5-2cd7e244131a}\L
C:\Windows\Installer\{59549a40-78be-6076-8cf5-2cd7e244131a}\n
C:\Windows\Installer\{59549a40-78be-6076-8cf5-2cd7e244131a}\U
ZeroAccess:
C:\Users\SHARBARI\AppData\Local\{59549a40-78be-6076-8cf5-2cd7e244131a}
C:\Users\SHARBARI\AppData\Local\{59549a40-78be-6076-8cf5-2cd7e244131a}\@
C:\Users\SHARBARI\AppData\Local\{59549a40-78be-6076-8cf5-2cd7e244131a}\L
C:\Users\SHARBARI\AppData\Local\{59549a40-78be-6076-8cf5-2cd7e244131a}\U
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) A302BBFF2A7278C0E239EE5D471D86A9
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
========================= Memory info ======================
Percentage of memory in use: 27%
Total physical RAM: 1910.84 MB
Available physical RAM: 1378.87 MB
Total Pagefile: 1910.84 MB
Available Pagefile: 1385.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.62 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:142.28 GB) (Free:69.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: () (Fixed) (Total:155.51 GB) (Free:30.88 GB) NTFS
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32
4 Drive g: (Recovery14) (CDROM) (Total:4.2 GB) (Free:0 GB) UDF
5 Drive h: () (Removable) (Total:1.9 GB) (Free:0.01 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 1024 KB
Disk 1 Online 1953 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 142 GB 200 MB
Partition 0 Extended 155 GB 142 GB
Partition 4 Logical 155 GB 142 GB
Partition 3 Primary 103 MB 297 GB
======================================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 142 GB Healthy
======================================================================================================
Disk: 0
Partition 4
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D NTFS Partition 155 GB Healthy
======================================================================================================
Disk: 0
Partition 3
Type : 0C
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1952 MB 122 KB
======================================================================================================
Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 H FAT32 Removable 1952 MB Healthy
======================================================================================================
==========================================================
Last Boot: 2012-03-02 10:12
======================= End Of Log ==========================