Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2012
Ran by SYSTEM at 05-01-2013 18:32:41
Running from G:\
Windows Vista (TM) Home Premium  Service Pack 1 (X86) OS Language: English(US) 
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start [413696 2007-10-25] (Chicony)
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [431456 2008-01-17] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [54608 2007-10-31] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [448080 2007-06-15] (TOSHIBA Corporation)
HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [712704 2008-01-22] (TOSHIBA Corporation)
HKLM\...\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" [398728 2008-01-29] (Symantec Corporation)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [413696 2009-01-05] (Apple Inc.)
HKLM\...\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 [106496 2006-10-15] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Skytel] Skytel.exe [x]
HKLM\...\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800 [283792 2010-03-09] (Carbonite, Inc.)
HKLM\...\Run: [Zune Launcher] "c:\Program Files\Zune\ZuneLauncher.exe" [159472 2010-09-24] (Microsoft Corporation)
HKLM\...\Run: [Conime] %windir%\system32\conime.exe [69120 2009-04-10] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x]
HKLM\...\Run: [EKStatusMonitor] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-01-29] ()
HKU\J EeZy\...\Run: [TOSCDSPD] TOSCDSPD.EXE [x]
HKU\J EeZy\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\J EeZy\...\Run: [AdobeUpdater6] "C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe" [2521464 2009-01-08] (Adobe Systems Incorporated)
HKU\J EeZy\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-13] (Microsoft Corporation)
HKU\J EeZy\...\Run: [Singlesnet] C:\Program Files\Singlesnet\Singlesnet\Singlesnet.exe [x]
HKU\J EeZy\...\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h [x]
HKU\J EeZy\...\Run: [{19FC32EB-AF92-4C3A-95E1-DF79FE23AED4}] rundll32 "C:\Users\JEEZY~1\AppData\Local\Temp\{19FC32EB-AF92-4C3A-95E1-DF79FE23AED4}\3304.dll",DllGetClassObject yeah secret 18285 [x]
HKU\J EeZy\...\Run: [ZumoCast] C:\Program Files\Zecter\ZumoCast\ZumoLauncher.lnk [1736 2012-03-16] ()
HKU\J EeZy\...\Run: [Facebook Update] "C:\Users\J EeZy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-09-05] (Facebook Inc.)
HKU\J EeZy\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\J EeZy\...\Winlogon: [Shell] explorer.exe [x]
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL crtclient. crt

==================== Services (Whitelisted) ===================

2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [40960 2007-12-25] (TOSHIBA CORPORATION)
2 dlcx_device; C:\Windows\system32\dlcxcoms.exe -service [537480 2006-11-03] ( )
2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
2 Kodak AiO Status Monitor Service; "C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe" [779200 2012-10-15] (Eastman Kodak Company)
3 LiveUpdate; "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" [2999664 2007-09-12] (Symantec Corporation)
2 LiveUpdate Notice Service; "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" [537992 2008-04-10] (Symantec Corporation)
2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
2 pinger; C:\TOSHIBA\IVP\ISM\pinger.exe [136816 2007-01-25] ()
2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [431456 2008-01-17] (TOSHIBA Corporation)
2 TOSHIBA SMART Log Service; "C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [126976 2007-12-03] (TOSHIBA Corporation)
2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)
2 Viewpoint Manager Service; "C:\Program Files\Viewpoint\Common\ViewpointService.exe" [24652 2007-01-04] (Viewpoint Corporation)
2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 LiveUpdate Notice Ex; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
2 MsMpSvc; "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [x]
3 NisSrv; "c:\Program Files\Microsoft Security Client\NisSrv.exe" [x]
2 Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [x]
3 WMZuneComm; "c:\Program Files\Zune\WMZuneComm.exe" [x]
3 ZuneNetworkSvc; "c:\Program Files\Zune\ZuneNss.exe" [x]
3 ZuneWlanCfgSvc; c:\Windows\system32\ZuneWlanCfgSvc.exe [x]

==================== Drivers (Whitelisted) ====================

1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-10-04] (Sonic Solutions)
1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-10-04] (Sonic Solutions)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [193552 2012-08-30] (Microsoft Corporation)
3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-11] (LG Electronics Inc.)
3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-11] (LG Electronics Inc.)
3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-11] (LG Electronics Inc.)
3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-17] (Chicony Electronics Co., Ltd.)
3 .netbt; \* [x]
1 hqwlylei; \??\C:\Windows\system32\drivers\hqwlylei.sys [x]
3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [x]
3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x]
1 lyrlvxdz; \??\C:\Windows\system32\drivers\lyrlvxdz.sys [x]
1 MpKsl51d5b011; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1744064F-E5D7-4EF7-AD46-D1086D95785A}\MpKsl51d5b011.sys [x]
1 MpKsled9e765d; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1744064F-E5D7-4EF7-AD46-D1086D95785A}\MpKsled9e765d.sys [x]
1 nsfikfah; \??\C:\Windows\system32\drivers\nsfikfah.sys [x]
3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x]
3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x]
1 pdshsesa; \??\C:\Windows\system32\drivers\pdshsesa.sys [x]
3 RapportIaso; \??\c:\programdata\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys [x]
3 SVRPEDRV; \??\C:\Windows\System32\sysprep\UP_date\PEDrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-01-05 14:40 - 2013-01-05 14:42 - 00017929 ____A C:\Users\J EeZy\Downloads\FRST.txt
2013-01-05 14:40 - 2013-01-05 14:42 - 00000000 ____D C:\FRST
2013-01-05 12:47 - 2013-01-05 12:47 - 00909508 ____A (Farbar) C:\Users\J EeZy\Downloads\FRST.exe
2013-01-05 10:59 - 2013-01-05 10:59 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{EAAD6A6F-8489-4EB9-BFF7-DB5BA12310AA}
2013-01-01 15:57 - 2013-01-01 16:00 - 00000000 ____D C:\Users\J EeZy\Desktop\Big.Bad.Mamas.03
2013-01-01 15:53 - 2013-01-01 15:53 - 00000000 ____D C:\Users\J EeZy\AppData\Local\ZumoCast
2013-01-01 15:02 - 2013-01-01 15:02 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D92F835B-666F-4268-9E42-B32428EC2C3C}
2012-12-31 15:42 - 2012-12-31 15:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{A9ACC184-E929-4911-BD27-F876BCE25A04}
2012-12-30 07:02 - 2012-12-30 07:02 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{F789FC8D-44E0-488C-8217-9E0A7C50CFEF}
2012-12-29 06:58 - 2012-12-29 06:58 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{EFB21A61-DA8D-4E09-AAD6-3DE35FDBBDC7}
2012-12-28 14:19 - 2012-12-28 14:19 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{5D3F6ABF-0A80-414F-9F7D-8672441AEF09}
2012-12-23 07:57 - 2012-12-23 07:57 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D1665B87-F04E-4C3C-B0AE-E73320D69608}
2012-12-22 07:06 - 2012-12-22 07:06 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{28BFA309-1DB5-4BB2-8C8D-872E79099C90}
2012-12-21 00:05 - 2012-12-16 05:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 00:05 - 2012-12-16 02:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-19 14:37 - 2012-12-19 14:37 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{49485608-E734-4F0B-A32B-7DE0C1B05514}
2012-12-18 14:06 - 2012-12-18 14:06 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{82A2CDE6-84AA-4253-A748-1D0814612F23}
2012-12-17 12:50 - 2012-12-17 12:50 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{671912DC-BC93-414A-B628-97E95C4A8EB7}
2012-12-16 19:29 - 2012-12-16 19:29 - 00695816 ____A (Setup) C:\Users\J EeZy\Downloads\FLV PlayerInstaller(1).exe
2012-12-16 19:21 - 2012-12-16 19:26 - 00131072 ____A (Setup) C:\Users\J EeZy\Downloads\FLV PlayerInstaller.exe
2012-12-16 12:42 - 2012-12-16 12:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{0F20CCAA-0EDD-48BF-ADD0-1302AB91CA8E}
2012-12-15 10:52 - 2012-12-15 10:52 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{FB877348-D6D8-4911-AA95-42B3A1DAB598}
2012-12-15 05:49 - 2012-12-15 05:49 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D02EF1E8-62F2-4D22-8B7C-E08A494FE4B4}
2012-12-14 09:22 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-14 09:22 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-14 09:22 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-14 09:22 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-14 09:22 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-14 09:22 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-14 09:22 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-14 09:22 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-14 09:22 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-14 09:22 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-14 09:22 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-14 09:22 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-14 09:22 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-14 09:22 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-14 09:22 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-14 09:22 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-14 09:18 - 2012-07-25 19:39 - 00526952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-14 09:18 - 2012-07-25 19:39 - 00047720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-14 09:18 - 2012-07-25 19:21 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-12-14 09:18 - 2012-07-25 19:20 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-12-14 09:18 - 2012-07-25 19:20 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-12-14 09:18 - 2012-07-25 19:20 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-12-14 09:18 - 2012-07-25 19:20 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-12-14 09:18 - 2012-07-25 18:46 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-14 09:18 - 2012-07-25 18:33 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-12-14 09:18 - 2012-07-25 18:32 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-12-14 09:18 - 2012-06-02 06:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-12-14 09:18 - 2012-06-02 06:34 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-14 09:18 - 2009-07-14 04:12 - 00016896 ____A (Microsoft Corporation) C:\Windows\System32\winusb.dll
2012-12-14 09:18 - 2009-07-13 15:51 - 00034944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\winusb.sys
2012-12-14 09:14 - 2012-12-14 09:14 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{10A2CADF-14CE-46FB-8AFA-BEE19C1B8217}
2012-12-13 12:53 - 2012-11-12 17:36 - 02048000 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-13 12:52 - 2012-11-12 17:29 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-13 12:52 - 2012-11-02 02:18 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-13 12:52 - 2012-11-02 00:26 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2012-12-13 12:52 - 2012-09-28 08:11 - 00892928 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-13 12:52 - 2012-08-21 03:47 - 00224640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2012-12-12 18:04 - 2012-12-12 18:04 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{6EAF4F87-35DD-48EF-AEC7-29D6B7A9375A}
2012-12-11 18:07 - 2012-12-11 18:07 - 00259376 ____A C:\Users\J EeZy\Desktop\space the final frontier.pptx
2012-12-11 16:57 - 2012-12-11 17:53 - 01947995 ____A C:\Users\J EeZy\Desktop\Virtual Poster.pptx
2012-12-11 16:57 - 2012-12-11 16:57 - 01907165 ____A C:\Users\J EeZy\Documents\Virtual Poster.pptx
2012-12-11 14:51 - 2012-12-11 14:51 - 16363960 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2012-12-09 06:42 - 2012-12-09 06:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{776F6815-491A-4C06-9CA9-B712AF6B7209}
2012-12-08 12:54 - 2012-12-08 12:54 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{AC706C91-DB00-4CE1-85C3-A7E7C58C8D84}
2012-12-06 17:27 - 2013-01-01 15:21 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders ========

2013-01-05 15:24 - 2012-02-09 14:04 - 00000000 ____D C:\Users\All Users\Kodak
2013-01-05 15:24 - 2006-11-02 05:01 - 00032604 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-05 15:24 - 2006-11-02 05:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-05 15:24 - 2006-11-02 04:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-05 15:24 - 2006-11-02 04:47 - 00003744 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-05 15:23 - 2012-03-16 10:30 - 00000000 ____D C:\Users\J EeZy\AppData\Roaming\ZumoCast
2013-01-05 15:23 - 2008-06-22 05:12 - 01442790 ____A C:\Windows\WindowsUpdate.log
2013-01-05 15:23 - 2006-11-02 02:33 - 00703388 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-05 15:21 - 2012-03-16 10:31 - 00000000 ____D C:\Users\J EeZy\.gstreamer-0.10
2013-01-05 15:20 - 2006-11-02 04:52 - 00178652 ____A C:\Windows\setupact.log
2013-01-05 15:19 - 2009-12-08 07:07 - 00000000 ___HD C:\Users\J EeZy\Tracing
2013-01-05 14:42 - 2013-01-05 14:40 - 00017929 ____A C:\Users\J EeZy\Downloads\FRST.txt
2013-01-05 14:42 - 2013-01-05 14:40 - 00000000 ____D C:\FRST
2013-01-05 13:50 - 2012-09-22 13:14 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-05 13:00 - 2012-09-05 17:53 - 00000932 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3233983023-946578580-818234654-1000UA.job
2013-01-05 12:47 - 2013-01-05 12:47 - 00909508 ____A (Farbar) C:\Users\J EeZy\Downloads\FRST.exe
2013-01-05 10:59 - 2013-01-05 10:59 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{EAAD6A6F-8489-4EB9-BFF7-DB5BA12310AA}
2013-01-02 15:00 - 2009-09-13 16:14 - 00000476 ____A C:\Windows\Tasks\Norton Security Scan for J EeZy.job
2013-01-01 20:17 - 2008-08-13 12:04 - 00089600 ____A C:\Users\J EeZy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-01 19:00 - 2012-09-05 17:53 - 00000910 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3233983023-946578580-818234654-1000Core.job
2013-01-01 16:22 - 2008-10-07 08:57 - 00000000 ____D C:\Users\J EeZy\Downloads\process_transaction_commuter.asp_files
2013-01-01 16:00 - 2013-01-01 15:57 - 00000000 ____D C:\Users\J EeZy\Desktop\Big.Bad.Mamas.03
2013-01-01 15:53 - 2013-01-01 15:53 - 00000000 ____D C:\Users\J EeZy\AppData\Local\ZumoCast
2013-01-01 15:21 - 2012-12-06 17:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-01-01 15:02 - 2013-01-01 15:02 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D92F835B-666F-4268-9E42-B32428EC2C3C}
2012-12-31 18:38 - 2008-08-13 06:46 - 00000000 ____D C:\users\J EeZy
2012-12-31 18:38 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\spool
2012-12-31 18:38 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\registration
2012-12-31 18:38 - 2006-11-02 02:22 - 50593792 ____A C:\Windows\System32\config\system_previous
2012-12-31 18:38 - 2006-11-02 02:22 - 47185920 ____A C:\Windows\System32\config\software_previous
2012-12-31 18:34 - 2006-11-02 02:22 - 35651584 ____A C:\Windows\System32\config\components_previous
2012-12-31 18:34 - 2006-11-02 02:22 - 00262144 ____A C:\Windows\System32\config\sam_previous
2012-12-31 15:42 - 2012-12-31 15:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{A9ACC184-E929-4911-BD27-F876BCE25A04}
2012-12-30 07:34 - 2006-11-02 02:22 - 00524288 ____A C:\Windows\System32\config\default_previous
2012-12-30 07:02 - 2012-12-30 07:02 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{F789FC8D-44E0-488C-8217-9E0A7C50CFEF}
2012-12-30 07:00 - 2006-11-02 02:22 - 00262144 ____A C:\Windows\System32\config\security_previous
2012-12-29 06:58 - 2012-12-29 06:58 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{EFB21A61-DA8D-4E09-AAD6-3DE35FDBBDC7}
2012-12-28 14:32 - 2008-08-26 16:09 - 00000000 ____D C:\Users\J EeZy\AppData\Local\Microsoft Help
2012-12-28 14:19 - 2012-12-28 14:19 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{5D3F6ABF-0A80-414F-9F7D-8672441AEF09}
2012-12-23 07:57 - 2012-12-23 07:57 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D1665B87-F04E-4C3C-B0AE-E73320D69608}
2012-12-22 07:06 - 2012-12-22 07:06 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{28BFA309-1DB5-4BB2-8C8D-872E79099C90}
2012-12-21 00:10 - 2006-11-02 04:47 - 00326144 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-19 14:37 - 2012-12-19 14:37 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{49485608-E734-4F0B-A32B-7DE0C1B05514}
2012-12-18 14:06 - 2012-12-18 14:06 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{82A2CDE6-84AA-4253-A748-1D0814612F23}
2012-12-17 12:50 - 2012-12-17 12:50 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{671912DC-BC93-414A-B628-97E95C4A8EB7}
2012-12-16 19:29 - 2012-12-16 19:29 - 00695816 ____A (Setup) C:\Users\J EeZy\Downloads\FLV PlayerInstaller(1).exe
2012-12-16 19:26 - 2012-12-16 19:21 - 00131072 ____A (Setup) C:\Users\J EeZy\Downloads\FLV PlayerInstaller.exe
2012-12-16 15:38 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\Msdtc
2012-12-16 12:42 - 2012-12-16 12:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{0F20CCAA-0EDD-48BF-ADD0-1302AB91CA8E}
2012-12-16 05:12 - 2012-12-21 00:05 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 02:50 - 2012-12-21 00:05 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-15 10:52 - 2012-12-15 10:52 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{FB877348-D6D8-4911-AA95-42B3A1DAB598}
2012-12-15 05:49 - 2012-12-15 05:49 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{D02EF1E8-62F2-4D22-8B7C-E08A494FE4B4}
2012-12-14 20:37 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\rescache
2012-12-14 09:21 - 2008-06-22 05:20 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-14 09:14 - 2012-12-14 09:14 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{10A2CADF-14CE-46FB-8AFA-BEE19C1B8217}
2012-12-13 12:47 - 2006-11-02 02:24 - 65087872 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2012-12-12 18:04 - 2012-12-12 18:04 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{6EAF4F87-35DD-48EF-AEC7-29D6B7A9375A}
2012-12-11 18:07 - 2012-12-11 18:07 - 00259376 ____A C:\Users\J EeZy\Desktop\space the final frontier.pptx
2012-12-11 17:53 - 2012-12-11 16:57 - 01947995 ____A C:\Users\J EeZy\Desktop\Virtual Poster.pptx
2012-12-11 16:57 - 2012-12-11 16:57 - 01907165 ____A C:\Users\J EeZy\Documents\Virtual Poster.pptx
2012-12-11 16:41 - 2008-06-22 05:23 - 00002555 ____A C:\Users\J EeZy\Desktop\Microsoft Office PowerPoint 2007.lnk
2012-12-11 16:41 - 2008-06-22 05:23 - 00000000 ____D C:\Users\J EeZy\Desktop\Microsoft Office
2012-12-11 16:40 - 2012-06-11 11:42 - 00000000 ____D C:\Users\J EeZy\AppData\Roaming\uTorrent
2012-12-11 16:18 - 2008-06-22 05:23 - 00002587 ____A C:\Users\J EeZy\Desktop\Microsoft Office Word 2007.lnk
2012-12-11 14:51 - 2012-12-11 14:51 - 16363960 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2012-12-11 14:51 - 2012-03-28 09:41 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-12-11 14:51 - 2011-05-14 12:27 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-12-09 06:42 - 2012-12-09 06:42 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{776F6815-491A-4C06-9CA9-B712AF6B7209}
2012-12-08 12:54 - 2012-12-08 12:54 - 00000000 ____D C:\Users\J EeZy\AppData\Local\{AC706C91-DB00-4CE1-85C3-A7E7C58C8D84}
2012-12-08 12:50 - 2012-05-06 06:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service


ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3233983023-946578580-818234654-1000\$616d2c63cfa290446cc0cc3988972e2d

ZeroAccess:
C:\Users\J EeZy\AppData\Local\{616d2c63-cfa2-9044-6cc0-cc3988972e2d}
C:\Users\J EeZy\AppData\Local\{616d2c63-cfa2-9044-6cc0-cc3988972e2d}\L
C:\Users\J EeZy\AppData\Local\{616d2c63-cfa2-9044-6cc0-cc3988972e2d}\U

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-13 12:52] - [2012-08-21 03:47] - 0224640 ____A (Microsoft Corporation) 786DB5771F05EF300390399F626BF30A


==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2012-12-03 17:55:05
Restore point made on: 2012-12-07 12:24:28
Restore point made on: 2012-12-09 12:26:06
Restore point made on: 2012-12-11 14:22:59
Restore point made on: 2012-12-13 12:46:52
Restore point made on: 2012-12-14 09:17:48
Restore point made on: 2012-12-14 22:09:47
Restore point made on: 2012-12-16 20:22:19
Restore point made on: 2012-12-17 12:58:30
Restore point made on: 2012-12-18 19:26:46
Restore point made on: 2012-12-20 18:43:20
Restore point made on: 2012-12-21 00:05:36
Restore point made on: 2012-12-21 12:53:52
Restore point made on: 2012-12-22 06:57:45
Restore point made on: 2012-12-22 07:10:57
Restore point made on: 2012-12-24 13:42:03
Restore point made on: 2012-12-27 22:36:46
Restore point made on: 2012-12-31 15:52:41
Restore point made on: 2013-01-04 15:37:03

==================== Memory info =========================== 

Percentage of memory in use: 13%
Total physical RAM: 3061.22 MB
Available physical RAM: 2633.22 MB
Total Pagefile: 2850.81 MB
Available Pagefile: 2709.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.95 MB

==================== Partitions =============================

1 Drive c: (SQ004725V01) (Fixed) (Total:231.42 GB) (Free:90.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
3 Drive e: (TOSHIBA SYSTEM VOLUME) (Fixed) (Total:1.46 GB) (Free:1.31 GB) NTFS
5 Drive g: () (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online       233 GB      0 B         
  Disk 1    No Media        0 B      0 B         
  Disk 2    Online       963 MB      0 B         

Partitions of Disk 0:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM               1500 MB  1024 KB
  Partition 2    Primary            231 GB  1501 MB

=========================================================

Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4     E   TOSHIBA SYS  NTFS   Partition   1500 MB  Healthy    Hidden  

=========================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   SQ004725V01  NTFS   Partition    231 GB  Healthy            

=========================================================

Partitions of Disk 2:
===============

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            963 MB    16 KB

=========================================================

Disk: 2
Partition 1
Type  : 06
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     G                FAT    Removable    963 MB  Healthy            

=========================================================

Last Boot: 2013-01-05 15:23

==================== End Of Log ============================