Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 02-09-2012 03
Ran by SYSTEM at 03-09-2012 21:33:49
Running from F:\
Windows Vista (TM) Business   (X86) OS Language: English(US) 
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2007-03-07] (Synaptics, Inc.)
HKLM\...\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [317280 2008-04-03] (Sony Corporation)
HKLM\...\Run: [VWLASU] "C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [24576 2008-02-19] (Sony Electronics, Inc.)
HKLM\...\Run: [SmartWiHelper] "C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup [77824 2008-06-27] (Sony Electronics Corporation)
HKLM\...\Run: [VAIO Help and Support Demo] "C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [290816 2007-08-27] ()
HKLM\...\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe" -startup [367128 2008-06-13] (Intel Corporation)
HKLM\...\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup [48904 2008-04-03] (UPEK Inc.)
HKLM\...\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" [65256 2010-02-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Athan] C:\Program Files\Athan\Athan.exe [1146880 2010-03-27] (www.IslamicFinder.org)
HKLM\...\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [288080 2009-07-17] (Microsoft Corporation)
HKLM\...\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot [273544 2011-08-12] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3508624 2011-11-29] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [x]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [HTC Sync Loader] "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [651264 2012-04-17] ()
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray [462920 2012-07-03] (Malwarebytes Corporation)
HKU\AFSHEEN KHAN\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4280184 2012-03-08] (Microsoft Corporation)
HKU\AFSHEEN KHAN\...\Run: [AdobeBridge]  [x]
HKU\AFSHEEN KHAN\...\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\AFSHEEN KHAN\...\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\AFSHEEN KHAN\...\Run: [Google Update] "C:\Users\AFSHEEN KHAN\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-06-09] (Google Inc.)
HKU\AFSHEEN KHAN\...\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [4686848 2012-06-05] (Veoh Networks)
HKU\AFSHEEN KHAN\...\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s [935312 2011-11-29] (Samsung)
HKU\AFSHEEN KHAN\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2011-11-29] ()
HKU\AFSHEEN KHAN\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\AFSHEEN KHAN\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-07-02] (Google Inc.)
HKU\AFSHEEN KHAN\...\Run: [Windows Update Server] C:\Users\AFSHEEN KHAN\f50313d9-5762.exe [x]
HKU\Guest\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKU\Guest\...\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe -update plugin [686792 2012-08-14] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1085000 2012-07-03] (Malwarebytes Corporation)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Lsa: [Notification Packages] scecli psqlpwd
Startup: C:\Users\AFSHEEN KHAN\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\AFSHEEN KHAN\Start Menu\Programs\Startup\_uninst_.lnk
ShortcutTarget: _uninst_.lnk ->  (No File)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

========================== Services (Whitelisted) ========================

2 Giraffic; C:\Program Files\Giraffic\Veoh_GirafficWatchdog.exe --service [2232504 2012-07-02] (Giraffic)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [655944 2012-07-03] (Malwarebytes Corporation)
3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 msfwsvc; "C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe" [869952 2007-11-27] (Microsoft Corporation)
2 OcHealthMon; "C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe" [26120 2010-02-05] (Microsoft Corporation)
2 OneCareMP; "C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe" [18704 2008-07-09] (Microsoft Corporation)
2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2008-06-13] (Intel Corporation)
2 USB Access Restriction; C:\Program Files\Sony\USB Access Restriction Setting\USB Access Restriction.exe [59232 2008-03-31] (Sony Corporation)
2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-10] (Sony Corporation)
2 winss; C:\Program Files\Microsoft Windows OneCare Live\winss.exe [1141112 2010-02-05] (Microsoft Corporation)
2 FastUserSwitchingCompatibility; C:\Windows\system32\FastUserSwitchingCompatibilityex.dll [x]
2 IviRegMgr; c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [x]
3 MSSQL$MSSMLBIZ; "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [x]
4 MSSQLServerADHelper; "c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [x]
2 SQLBrowser; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [x]
2 SQLWriter; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [x]

==================== Drivers (Whitelisted) ===================

3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2009-12-18] ()
2 cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [12672 2009-03-26] (Windows (R) Codename Longhorn DDK provider)
0 d85819b532b8f062; C:\Windows\System32\Drivers\d85819b532b8f062.sys [68864 2012-08-05] () ATTENTION =====> Rootkit?
3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20032 2011-11-29] (Devguru Co., Ltd)
3 hitmanpro35; \??\C:\Windows\system32\drivers\hitmanpro35.sys [20552 2011-06-23] ()
3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [23040 2010-06-23] (Windows (R) Win 7 DDK provider)
3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [103424 2009-01-23] (QUALCOMM Incorporated)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22344 2012-07-03] (Malwarebytes Corporation)
3 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [53168 2008-05-15] (Microsoft Corporation)
2 MSFWDrv; C:\Windows\System32\DRIVERS\msfwdrv.sys [91200 2007-11-27] (Microsoft Corporation)
1 MSFWHLPR; C:\Windows\System32\DRIVERS\msfwhlpr.sys [37440 2007-11-27] (Microsoft Corporation)
3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [6680064 2010-07-14] (Intel Corporation)
3 PTUMWBus; C:\Windows\System32\DRIVERS\PTUMWBus.sys [54544 2009-10-26] (DEVGURU Co., LTD.)
3 PTUMWCDF; C:\Windows\System32\DRIVERS\PTUMWCDF.sys [22032 2009-10-26] (DEVGURU Co., LTD.)
3 PTUMWFLT; C:\Windows\System32\DRIVERS\PTUMWFLT.sys [12048 2009-10-26] (DEVGURU Co., LTD.)
3 PTUMWMdm; C:\Windows\System32\DRIVERS\PTUMWMdm.sys [160400 2009-10-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
3 PTUMWNET; C:\Windows\System32\DRIVERS\PTUMWNET.sys [115216 2009-10-26] (DEVGURU Co., LTD.)
3 PTUMWVsp; C:\Windows\System32\DRIVERS\PTUMWVsp.sys [160400 2009-10-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45648 2010-08-11] (Sonic Solutions)
0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [21408 2007-10-09] (Sony Corporation)
3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2011-10-26] (DEVGURU Co., LTD.(www.devguru.co.kr))
3 TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys [14080 2012-07-31] ()
2 5762; \??\C:\Users\AFSHEE~1\AppData\Local\Temp\5762.sys [x]
3 anvsoftf2v; C:\Windows\System32\drivers\anvsoftf2v.sys [x]
3 catchme; \??\C:\Users\AFSHEE~1\AppData\Local\Temp\catchme.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
3 NETw5v32; C:\Windows\System32\DRIVERS\NETw5v32.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
4 UIUSys; C:\Windows\System32\DRIVERS\UIUSYS.SYS [x]

==================== NetSvcs (Whitelisted) =================


============ One Month Created Files and Folders ==============

2012-09-03 21:33 - 2012-09-03 21:33 - 00000000 ____D C:\FRST
2012-08-28 10:41 - 2012-08-28 10:41 - 00134928 ____A C:\Windows\Minidump\Mini082812-01.dmp
2012-08-26 12:11 - 2012-08-26 12:11 - 00462848 ____A C:\Users\AFSHEEN KHAN\AppData\Local\vewcnmov.exe
2012-08-26 10:33 - 2012-08-26 10:33 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{F8FB9F80-BCE1-4110-A67E-884F9C2A21D9}
2012-08-26 08:55 - 2012-08-26 08:55 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2012-08-25 22:17 - 2012-08-25 22:18 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{32BE119F-92C0-47B5-B108-7AF5E9B76A0D}
2012-08-25 21:57 - 2012-08-25 21:57 - 00000000 ____D C:\Users\AFSHEEN KHAN\Documents\BatmanBeginsAllLanguages
2012-08-25 21:54 - 2012-08-25 21:55 - 00000000 ____D C:\Users\AFSHEEN KHAN\Documents\A.Reham Sudais + Urdu Translation 2.1 GB
2012-08-25 21:50 - 2012-08-25 21:50 - 00000000 ____D C:\Users\AFSHEEN KHAN\Documents\Batman.Begins.2005.720p.BluRay.DTS.x264-ESiR [PublicHD]
2012-08-25 20:02 - 2012-08-25 20:02 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{2CF69A43-AA04-49BF-88F9-776447113F55}
2012-08-25 20:00 - 2012-08-25 20:00 - 00135416 ____A C:\Windows\Minidump\Mini082512-01.dmp
2012-08-24 09:55 - 2012-08-24 09:56 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{9EE67DB5-CB89-4725-998F-F1001F99E4F1}
2012-08-23 21:23 - 2012-08-23 21:23 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{67930A5B-DA90-13E6-12CD-D566F2A4AE3E}
2012-08-23 12:24 - 2012-08-23 12:24 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{78977124-8428-5D2A-0C81-D825EC4EB62D}
2012-08-23 10:39 - 2012-08-23 10:39 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{A84F220C-F631-0CC7-F8FF-2079D8D5A6B4}
2012-08-23 10:11 - 2012-08-23 10:12 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{66A564E9-DF55-407A-8DDB-4F35CEAB2DB3}
2012-08-22 16:38 - 2012-08-22 16:38 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{95503354-C031-4499-A3FF-95BB1AA199EF}
2012-08-22 13:42 - 2012-08-22 13:42 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{5728EEBD-5C83-41E5-8015-998F936082FA}
2012-08-21 19:37 - 2012-08-21 19:38 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{80E0AF51-BB4E-42D2-95F3-9892BAB2F1D5}
2012-08-21 00:02 - 2012-08-21 00:02 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{D2AD190F-5AC9-4C0C-8459-F79D227C6B4A}
2012-08-17 15:56 - 2012-08-17 15:57 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{77DB4F6D-96E2-43A5-AE15-066717451B1A}
2012-08-17 15:56 - 2012-08-17 15:56 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{2DF3CE21-19E1-4B5F-A1CB-35CF1A37D2EF}
2012-08-17 15:52 - 2012-08-17 15:52 - 00139048 ____A C:\Windows\Minidump\Mini081712-01.dmp
2012-08-16 09:09 - 2012-08-16 09:10 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{115A89D5-FEB4-495B-8D29-1F870C6C388E}
2012-08-16 09:09 - 2012-08-16 09:09 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{A1A997FB-6B34-4113-AEE0-914619D53BB0}
2012-08-14 09:03 - 2012-08-14 09:03 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{ED060A17-67AC-4602-A0C4-1B3AE0C0D5F4}
2012-08-14 09:02 - 2012-08-14 09:03 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{8B1FD8BD-3958-4FFE-96F5-D98736C6F95F}
2012-08-12 12:26 - 2012-08-12 12:27 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{89F0B8D8-83A5-4406-A44D-E96095C75930}
2012-08-12 12:26 - 2012-08-12 12:26 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{3855079B-F2B0-4517-90B9-BF52FA29742D}
2012-08-11 10:38 - 2012-08-11 10:38 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{049966C3-A8A9-4216-85BF-103D45D87EB3}
2012-08-11 10:37 - 2012-08-11 10:38 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{3601E2C7-06F1-431E-B316-14DF225DE662}
2012-08-09 23:29 - 2012-08-09 23:29 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{DAF11C1E-ABBB-F52E-2427-D20D0408BB92}
2012-08-09 22:07 - 2012-08-26 10:32 - 00000000 ___RD C:\Users\AFSHEEN KHAN\Dropbox
2012-08-09 22:07 - 2012-08-09 22:07 - 00000948 ____A C:\Users\AFSHEEN KHAN\Desktop\Dropbox.lnk
2012-08-09 22:05 - 2012-08-09 22:05 - 00000000 ____D C:\Program Files\Dropbox
2012-08-09 22:02 - 2012-08-26 10:32 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Roaming\Dropbox
2012-08-09 14:50 - 2012-08-09 14:50 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{076B2363-4C75-49F2-9A3D-195A6D0296E4}
2012-08-09 14:49 - 2012-08-09 14:50 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{6025605F-19CF-4C9E-B93F-A1235AAFB20B}
2012-08-08 21:24 - 2012-08-08 21:27 - 01560670 ____A C:\Users\AFSHEEN KHAN\Desktop\Tickets.ai
2012-08-08 19:22 - 2012-08-08 19:22 - 00013229 ____A C:\Users\AFSHEEN KHAN\Documents\mom's fall 2012.txt
2012-08-08 19:07 - 2012-08-08 19:08 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{F17F1C53-F7AE-47CB-9D96-1815496BD1FA}
2012-08-08 19:07 - 2012-08-08 19:07 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{5ABB6E50-104F-4D77-A77C-CE4B55EE33A6}
2012-08-08 14:51 - 2012-08-08 14:52 - 03941299 ____A C:\Users\AFSHEEN KHAN\Desktop\Final_Poster.jpg.dwg
2012-08-08 12:04 - 2012-08-08 12:04 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{BBAB8E51-E2A3-40F1-8FBA-DF426F7D40EC}
2012-08-08 00:54 - 2012-08-08 00:54 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{57F90403-0617-4E3E-AA36-1529F9D3882A}
2012-08-08 00:53 - 2012-08-08 00:54 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{283993B8-4D9E-441E-8E2E-A817A05B3617}
2012-08-07 21:15 - 2012-08-07 21:15 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{C5CC97C8-5BA0-C72D-5E0E-B9FC3DE5BF96}
2012-08-07 18:52 - 2012-08-07 18:52 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{E76C31F5-78A8-7AA5-0586-9BF0E54876E8}
2012-08-07 18:40 - 2012-08-08 15:20 - 03585527 ____A C:\Users\AFSHEEN KHAN\Desktop\dinner flyer.ai
2012-08-07 14:43 - 2012-08-08 12:27 - 01422193 ____A C:\Users\AFSHEEN KHAN\Desktop\label.ai
2012-08-07 13:41 - 2012-08-07 13:34 - 01543982 ____A C:\Users\AFSHEEN KHAN\Desktop\realistic_water.rar
2012-08-07 09:00 - 2012-08-07 09:00 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{41AC36AB-CC84-4785-8498-F3BF6479393A}
2012-08-07 08:57 - 2012-08-07 08:58 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{9A050CA2-9EF4-4B39-94FE-2A291395A61E}
2012-08-07 08:57 - 2012-08-07 08:57 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{31F45EB9-0A8F-4548-A07D-FC6BBEB0FF8B}
2012-08-06 23:01 - 2012-08-06 23:01 - 00818096 ____A C:\Users\AFSHEEN KHAN\Desktop\h2o logo.ai
2012-08-06 15:56 - 2012-08-06 15:56 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{77E94A4D-1E83-46F9-BD5A-E36358F73138}
2012-08-06 15:55 - 2012-08-06 15:56 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{679590E1-70B4-40D7-83C0-0D6C7F5B7F2C}
2012-08-06 11:35 - 2012-08-06 11:35 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{965BEA8E-6DB8-4B25-865B-3D5A2BE62E5C}
2012-08-06 00:53 - 2012-08-06 02:32 - 03629820 ____A C:\Users\AFSHEEN KHAN\Untitled-1.ai
2012-08-05 22:49 - 2012-08-05 22:49 - 03602781 ____A C:\Users\AFSHEEN KHAN\Documents\Untitled-1.ai
2012-08-05 20:33 - 2012-08-05 20:33 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{E01F2952-D181-49B1-B04B-D523BF91A276}
2012-08-05 12:34 - 2012-08-05 11:26 - 14985298 ____A C:\Users\AFSHEEN KHAN\Desktop\globes.eps
2012-08-05 11:23 - 2012-08-05 11:23 - 00000000 ____D C:\Users\AFSHEEN KHAN\Documents\Adobe Scripts
2012-08-05 11:21 - 2012-07-26 07:54 - 00000906 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-08-05 08:41 - 2012-08-05 12:41 - 00000368 ____A C:\Users\All Users\lpSv5bowgfReTj
2012-08-05 08:41 - 2012-08-05 12:41 - 00000072 ____A C:\Users\All Users\-lpSv5bowgfReTjr
2012-08-05 08:41 - 2012-08-05 12:41 - 00000072 ____A C:\Users\All Users\-lpSv5bowgfReTj
2012-08-05 08:39 - 2012-08-05 08:39 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{3B509B4B-2F8A-A4F7-4617-55FC25F7F338}
2012-08-05 07:47 - 2012-08-05 07:47 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{0B0805B4-D88B-49A0-8FCA-3648EEEF2081}
2012-08-05 07:46 - 2012-08-05 07:47 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{40407ED4-255E-4D59-B0B9-220102A080F1}
2012-08-05 07:27 - 2012-08-05 07:27 - 00000000 ____D C:\Users\AFSHEEN KHAN\AppData\Local\{8671455E-CBF6-4A19-8025-E809F989F34D}
2012-08-05 07:23 - 2012-08-05 07:23 - 00068864 ____A C:\Windows\System32\Drivers\d85819b532b8f062.sys

============ 3 Months Modified Files ========================

2012-08-29 10:23 - 2010-10-26 17:24 - 207284363 ____A C:\Windows\MEMORY.DMP
2012-08-29 10:23 - 2006-11-02 05:00 - 00122804 ____A C:\Windows\PFRO.log
2012-08-28 10:42 - 2012-05-16 23:28 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-28 10:42 - 2008-07-31 10:31 - 00002140 ____A C:\Windows\bthservsdp.dat
2012-08-28 10:42 - 2006-11-02 05:01 - 00032618 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-08-28 10:42 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-28 10:41 - 2012-08-28 10:41 - 00134928 ____A C:\Windows\Minidump\Mini082812-01.dmp
2012-08-28 10:41 - 2011-06-15 18:14 - 00000318 __ASH C:\Windows\Tasks\Thnqb.job
2012-08-28 10:41 - 2006-11-02 04:47 - 00003744 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-28 10:41 - 2006-11-02 04:47 - 00003744 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-27 12:07 - 2010-08-30 21:23 - 00001356 ____A C:\Users\AFSHEEN KHAN\AppData\Local\d3d9caps.dat
2012-08-26 12:11 - 2012-08-26 12:11 - 00462848 ____A C:\Users\AFSHEEN KHAN\AppData\Local\vewcnmov.exe
2012-08-26 12:01 - 2010-07-03 07:40 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-08-26 11:53 - 2011-06-09 18:01 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1340476193-1627373412-1124528107-1003UA.job
2012-08-26 10:40 - 2012-06-24 11:31 - 15339346 ____A C:\Users\AFSHEEN KHAN\Desktop\outdoor_travel_theme_icon_vector_153217.zip
2012-08-26 10:40 - 2012-06-18 22:40 - 07805548 ____A C:\Users\AFSHEEN KHAN\Desktop\FreeVector-Ants-Vector.zip
2012-08-26 10:31 - 2010-07-03 07:40 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-08-26 10:25 - 2010-01-13 10:02 - 01390709 ____A C:\Windows\WindowsUpdate.log
2012-08-25 20:00 - 2012-08-25 20:00 - 00135416 ____A C:\Windows\Minidump\Mini082512-01.dmp
2012-08-23 16:31 - 2006-11-02 02:33 - 00810286 ____A C:\Windows\System32\PerfStringBackup.INI
2012-08-22 16:30 - 2011-06-09 18:01 - 00000884 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1340476193-1627373412-1124528107-1003Core.job
2012-08-17 15:52 - 2012-08-17 15:52 - 00139048 ____A C:\Windows\Minidump\Mini081712-01.dmp
2012-08-14 10:42 - 2012-07-26 20:42 - 09826504 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2012-08-14 10:42 - 2012-05-16 23:27 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-08-14 10:42 - 2011-09-01 19:05 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-08-11 12:47 - 2012-06-25 22:44 - 117117376 ____A C:\Users\AFSHEEN KHAN\Desktop\BBQ_Invitation_1.avi
2012-08-11 12:47 - 2010-08-04 00:42 - 00137728 ____A C:\Users\AFSHEEN KHAN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-09 22:07 - 2012-08-09 22:07 - 00000948 ____A C:\Users\AFSHEEN KHAN\Desktop\Dropbox.lnk
2012-08-08 21:27 - 2012-08-08 21:24 - 01560670 ____A C:\Users\AFSHEEN KHAN\Desktop\Tickets.ai
2012-08-08 19:22 - 2012-08-08 19:22 - 00013229 ____A C:\Users\AFSHEEN KHAN\Documents\mom's fall 2012.txt
2012-08-08 15:20 - 2012-08-07 18:40 - 03585527 ____A C:\Users\AFSHEEN KHAN\Desktop\dinner flyer.ai
2012-08-08 14:52 - 2012-08-08 14:51 - 03941299 ____A C:\Users\AFSHEEN KHAN\Desktop\Final_Poster.jpg.dwg
2012-08-08 12:27 - 2012-08-07 14:43 - 01422193 ____A C:\Users\AFSHEEN KHAN\Desktop\label.ai
2012-08-07 13:34 - 2012-08-07 13:41 - 01543982 ____A C:\Users\AFSHEEN KHAN\Desktop\realistic_water.rar
2012-08-06 23:01 - 2012-08-06 23:01 - 00818096 ____A C:\Users\AFSHEEN KHAN\Desktop\h2o logo.ai
2012-08-06 02:32 - 2012-08-06 00:53 - 03629820 ____A C:\Users\AFSHEEN KHAN\Untitled-1.ai
2012-08-05 22:49 - 2012-08-05 22:49 - 03602781 ____A C:\Users\AFSHEEN KHAN\Documents\Untitled-1.ai
2012-08-05 14:27 - 2012-07-26 09:12 - 00014668 ____A C:\Users\AFSHEEN KHAN\Desktop\unhide.txt
2012-08-05 12:41 - 2012-08-05 08:41 - 00000368 ____A C:\Users\All Users\lpSv5bowgfReTj
2012-08-05 12:41 - 2012-08-05 08:41 - 00000072 ____A C:\Users\All Users\-lpSv5bowgfReTjr
2012-08-05 12:41 - 2012-08-05 08:41 - 00000072 ____A C:\Users\All Users\-lpSv5bowgfReTj
2012-08-05 11:26 - 2012-08-05 12:34 - 14985298 ____A C:\Users\AFSHEEN KHAN\Desktop\globes.eps
2012-08-05 07:23 - 2012-08-05 07:23 - 00068864 ____A C:\Windows\System32\Drivers\d85819b532b8f062.sys
2012-08-03 22:31 - 2012-08-03 22:31 - 00000368 ____A C:\Users\All Users\eftt3Gi6riJKnq
2012-08-03 22:31 - 2012-08-03 22:31 - 00000072 ____A C:\Users\All Users\-eftt3Gi6riJKnqr
2012-08-03 22:31 - 2012-08-03 22:31 - 00000072 ____A C:\Users\All Users\-eftt3Gi6riJKnq
2012-08-01 23:01 - 2012-08-01 22:57 - 141980320 ____A C:\Users\AFSHEEN KHAN\Desktop\setup_11.0.0.1245.x01_2012_08_02_09_06.exe
2012-08-01 19:45 - 2012-08-01 19:45 - 04722680 ____R (Swearware) C:\Users\AFSHEEN KHAN\Desktop\ComboFix.exe
2012-07-31 15:05 - 2012-07-31 15:05 - 00001232 ____A C:\Users\AFSHEEN KHAN\Desktop\RKreport[3].txt
2012-07-31 14:56 - 2012-07-31 14:56 - 00004206 ____A C:\Users\AFSHEEN KHAN\Desktop\RKreport[2].txt
2012-07-31 14:51 - 2012-07-31 14:51 - 00003277 ____A C:\Users\AFSHEEN KHAN\Desktop\RKreport[1].txt
2012-07-31 14:43 - 2012-07-31 14:43 - 00014080 ____A C:\Windows\System32\Drivers\TrueSight.sys
2012-07-30 10:59 - 2012-07-25 20:49 - 00000366 ____A C:\rkill.log
2012-07-28 23:54 - 2012-07-24 10:01 - 00000087 ___SH C:\Users\AFSHEEN KHAN\AppData\Roaming\winset.ini
2012-07-28 17:16 - 2012-07-28 17:16 - 00139096 ____A C:\Windows\Minidump\Mini072812-01.dmp
2012-07-27 00:08 - 2012-07-27 00:08 - 00143528 ____A C:\Windows\Minidump\Mini072712-01.dmp
2012-07-26 16:17 - 2006-11-02 04:52 - 00081372 ____A C:\Windows\setupact.log
2012-07-26 10:20 - 2012-07-26 10:20 - 00000987 ____A C:\Users\AFSHEEN KHAN\systemlog
2012-07-26 07:54 - 2012-08-05 11:21 - 00000906 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-26 02:42 - 2012-07-26 02:42 - 00140128 ____A C:\Windows\Minidump\Mini072612-01.dmp
2012-07-26 01:03 - 2012-07-26 01:03 - 00178692 ____A C:\Windows\System32\c_726522.nls
2012-07-25 19:58 - 2012-07-25 19:58 - 00140920 ____A C:\Windows\Minidump\Mini072512-01.dmp
2012-07-22 21:27 - 2012-07-22 21:09 - 00000112 ____A C:\Users\All Users\lKoZb6nps1b8zh
2012-07-22 21:18 - 2012-07-22 21:09 - 00000096 ____A C:\Users\All Users\-lKoZb6nps1b8zhr
2012-07-22 21:18 - 2012-07-22 21:09 - 00000096 ____A C:\Users\All Users\-lKoZb6nps1b8zh
2012-07-22 21:09 - 2012-07-22 21:09 - 00000607 ____A C:\Users\AFSHEEN KHAN\Desktop\File_Recovery.lnk
2012-07-18 12:32 - 2012-07-18 12:32 - 00001131 ____A C:\Users\Guest\Desktop\Stories of The Prophets.lnk
2012-07-18 12:32 - 2012-07-18 12:32 - 00001131 ____A C:\Users\AFSHEEN KHAN\Desktop\Stories of The Prophets.lnk
2012-07-18 11:41 - 2012-07-18 11:41 - 00000140 ____A C:\Windows\winamp.ini
2012-07-14 16:36 - 2006-11-02 04:47 - 03753512 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-13 00:07 - 2006-11-02 02:23 - 00000377 ____A C:\Windows\win.ini
2012-07-13 00:02 - 2006-11-02 02:24 - 57442464 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-07-13 00:01 - 2012-07-13 00:01 - 00271150 ____A C:\Windows\msxml4-KB2721691-enu.LOG
2012-07-09 22:18 - 2012-07-09 22:18 - 31898392 ____A C:\Users\AFSHEEN KHAN\Desktop\Mehndi mix.wav
2012-07-09 22:09 - 2012-07-09 22:09 - 31781868 ____A C:\Users\AFSHEEN KHAN\Desktop\aaja nachle.wav
2012-07-09 20:09 - 2012-07-09 20:07 - 36501072 ____A C:\Users\AFSHEEN KHAN\Desktop\Naureen Appi Mehndi Mix for Anum.wav
2012-07-08 07:02 - 2012-07-08 06:55 - 00002377 ____A C:\Users\Guest\Desktop\Skype.lnk
2012-07-03 10:46 - 2012-07-26 07:53 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-29 09:58 - 2012-06-29 09:58 - 00000132 ____A C:\Users\AFSHEEN KHAN\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-06-29 09:58 - 2012-06-19 21:07 - 07009750 ____A C:\Users\AFSHEEN KHAN\Desktop\3_food_pyramid_vector_155207.zip
2012-06-26 21:34 - 2012-06-26 21:34 - 00001992 ____A C:\Users\AFSHEEN KHAN\Desktop\Veoh Web Player.lnk
2012-06-26 11:39 - 2012-06-26 11:39 - 00013465 ____A C:\Users\AFSHEEN KHAN\Desktop\girl photo toms carpet cleaning_full.jpeg
2012-06-25 22:43 - 2012-06-25 21:04 - 00000038 ____A C:\Windows\camcodec100.ini
2012-06-25 22:41 - 2012-06-25 22:42 - 36699136 ____A C:\Users\AFSHEEN KHAN\Desktop\BBQ_Invitation.avi
2012-06-25 22:41 - 2012-06-25 22:39 - 00000067 ____A C:\Users\AFSHEEN KHAN\Desktop\BBQ_Invitation.txt
2012-06-25 21:22 - 2012-06-25 21:21 - 01707366 ____A C:\Users\AFSHEEN KHAN\Desktop\VirtualDub-1.9.11.zip
2012-06-25 21:00 - 2012-06-25 21:00 - 00034510 ____A C:\Users\AFSHEEN KHAN\Desktop\CamStudioCodec-1.4-w32.zip
2012-06-25 20:41 - 2012-06-25 20:31 - 00000067 ____A C:\Windows\swf2avi.INI
2012-06-25 20:31 - 2012-06-25 20:31 - 00000885 ____A C:\Users\AFSHEEN KHAN\Desktop\iWisoft Flash SWF to Video Converter.lnk
2012-06-25 16:15 - 2012-06-25 16:15 - 07302429 ____A C:\Users\AFSHEEN KHAN\Desktop\Obaid_BBQ.mov
2012-06-25 15:36 - 2012-07-26 09:26 - 00000887 ____A C:\Users\Public\Desktop\AnvSoft Flash to Video Converter.lnk
2012-06-25 14:51 - 2012-07-26 09:26 - 00001124 ____A C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk
2012-06-25 14:50 - 2012-06-25 14:50 - 00000914 ____A C:\Users\AFSHEEN KHAN\Desktop\Free FLV Converter.lnk
2012-06-25 14:27 - 2012-06-25 14:27 - 00000816 ____A C:\Users\Guest\Desktop\Handbrake.lnk
2012-06-25 13:04 - 2012-06-25 13:04 - 01394248 ____A (Microsoft Corporation) C:\Windows\System32\msxml4.dll
2012-06-24 11:29 - 2012-06-24 11:29 - 01706056 ____A C:\Users\AFSHEEN KHAN\Desktop\barbecue-grill.rar
2012-06-19 21:43 - 2012-06-19 21:43 - 06067448 ____A C:\Users\AFSHEEN KHAN\Desktop\food_quality_vectors_146768.zip
2012-06-19 21:10 - 2012-06-19 21:09 - 31792430 ____A C:\Users\AFSHEEN KHAN\Desktop\set_of_fruits_vector_graphics_147976.zip
2012-06-19 21:09 - 2012-06-19 21:08 - 11446502 ____A C:\Users\AFSHEEN KHAN\Desktop\green_detailed_vector_icons_146806.zip
2012-06-19 21:06 - 2012-06-19 21:05 - 03272835 ____A C:\Users\AFSHEEN KHAN\Desktop\food_cooking_vector_art_5380.zip
2012-06-19 21:05 - 2012-06-19 21:05 - 02977182 ____A C:\Users\AFSHEEN KHAN\Desktop\birthday_vector_goods_and_fast_food_153194.zip
2012-06-19 20:56 - 2012-06-19 20:56 - 04424306 ____A C:\Users\AFSHEEN KHAN\Desktop\cartoon_basket_04_vector_156493.zip
2012-06-18 22:37 - 2012-06-18 22:37 - 00045964 ____A C:\Users\AFSHEEN KHAN\Desktop\ant_55940.zip
2012-06-18 21:19 - 2012-06-18 21:19 - 00565121 ____A C:\Users\AFSHEEN KHAN\Desktop\vector-grass.zip
2012-06-18 20:36 - 2012-06-18 20:36 - 00084137 ____A C:\Users\AFSHEEN KHAN\Desktop\BBQ.fxg
2012-06-13 05:40 - 2012-07-13 00:08 - 02047488 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-12 12:15 - 2012-07-26 09:26 - 00001664 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-06-08 09:47 - 2012-07-11 09:11 - 11586048 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-06 19:02 - 2012-07-26 09:26 - 00000947 ____A C:\Users\Public\Desktop\HTC Sync.lnk


ZeroAccess:
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L\00000004.@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L\201d3dde
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U\00000004.@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U\00000008.@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U\000000cb.@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U\80000000.@
C:\Windows\Installer\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U\80000032.@

ZeroAccess:
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\@
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\n
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U
C:\Users\AFSHEEN KHAN\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L\00000004.@

ZeroAccess:
C:\Users\Guest\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}
C:\Users\Guest\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\@
C:\Users\Guest\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\L
C:\Users\Guest\AppData\Local\{8aae17e6-5e51-4061-d77f-f0b85161e693}\U

ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2012-07-31 12:20:42
Restore point made on: 2012-08-07 20:13:21
Restore point made on: 2012-08-25 21:56:09
Restore point made on: 2012-08-25 22:19:53

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3003.36 MB
Available physical RAM: 2551.96 MB
Total Pagefile: 2787.36 MB
Available Pagefile: 2634.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1983.72 MB

==================== Partitions ============================

1 Drive c: () (Fixed) (Total:291.7 GB) (Free:74.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (2007.11.03_2329) (CDROM) (Total:0.12 GB) (Free:0 GB) UDF
3 Drive e: (Recovery) (Fixed) (Total:6.39 GB) (Free:0.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (UNTITLED) (Removable) (Total:1.89 GB) (Free:1.75 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online       298 GB   993 KB         
  Disk 1    Online      1937 MB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM               6540 MB  1024 KB
  Partition 2    Primary            292 GB  6541 MB
  Partition 3    Primary           1360 KB   298 GB

==================================================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     E   Recovery     NTFS   Partition   6540 MB  Healthy    Hidden  

==================================================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 0     C                NTFS   Partition    292 GB  Healthy            

==================================================================================

Disk: 0
Partition 3
Type  : 17 (Suspicious Type)
Hidden: Yes
Active: Yes

There is no volume associated with this partition.

==================================================================================

Partitions of Disk 1:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           1937 MB   1024 B

==================================================================================

Disk: 1
Partition 1
Type  : 0B
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 0     F   UNTITLED     FAT32  Removable   1937 MB  Healthy            

==================================================================================

Last Boot: 2012-08-28 11:42

==================== End Of Log =============================