Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-03-2013 01 Ran by SYSTEM at 07-03-2013 18:30:29 Running from H:\Recovery Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ==================== Registry (Whitelisted) =================== HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-09-30] (Synaptics Incorporated) HKLM\...\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-10-29] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [630912 2012-02-10] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-04-08] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [SSDMonitor] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [104480 2012-09-29] (Symantec) HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE [1683008 2012-12-05] (Bandoo Media Inc) HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x] HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll ==================== Services (Whitelisted) =================== 3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1147424 2012-09-29] (Symantec Corporation) 2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\diMaster.dll" /prefetch:1 [303544 2011-08-11] (Symantec Corporation) 2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [792608 2012-09-29] (Symantec) 3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1160224 2012-09-29] (Symantec Corporation) ==================== Drivers (Whitelisted) ===================== 0 amdkmpfd; C:\Windows\System32\Drivers\amdkmpfd.sys [31872 2012-02-02] (Advanced Micro Devices, Inc.) 3 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation) 3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation) 3 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-10] (Symantec Corporation) 3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-09-11] (Symantec Corporation) 3 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121107.001\IDSvia64.sys [513184 2012-09-07] (Symantec Corporation) 3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\ENG64.SYS [126112 2012-11-08] (Symantec Corporation) 3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121108.002\EX64.SYS [2084000 2012-11-08] (Symantec Corporation) 3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [258664 2011-09-21] (Realtek Semiconductor Corp.) 3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation) 3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation) 3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation) 3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation) 3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-07-29] (Symantec Corporation) 3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation) 3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation) ==================== NetSvcs (Whitelisted) ==================== ==================== One Month Created Files and Folders ======== 2013-03-07 08:06 - 2013-03-07 08:06 - 00000000 ___AD C:\TRK-INFECTED 2013-03-07 03:22 - 2013-03-07 08:01 - 00136063 ____A C:\clamscan-sda2.log 2013-03-04 14:46 - 2013-03-05 08:19 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-03-04 11:23 - 2013-03-04 23:54 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2013-03-04 11:04 - 2013-03-04 11:04 - 00000000 ____D C:\Users\raoday\AppData\Roaming\Malwarebytes 2013-03-04 11:03 - 2013-03-05 08:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-04 11:03 - 2013-03-04 11:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-02-20 18:22 - 2013-02-23 07:53 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-02-20 18:22 - 2013-02-23 07:53 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-02-16 06:35 - 2013-02-16 06:35 - 00275576 ____A C:\Windows\Minidump\021613-46956-01.dmp 2013-02-15 18:45 - 2013-02-15 18:45 - 00000000 ____D C:\0be73b68f3e1d465cc12dd04 2013-02-15 18:45 - 2013-02-04 19:49 - 70004024 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-02-15 17:49 - 2013-02-15 17:49 - 00275576 ____A C:\Windows\Minidump\021513-71510-01.dmp 2013-02-15 17:31 - 2013-02-15 18:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-02-15 17:11 - 2013-01-08 17:04 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-02-15 17:10 - 2013-01-08 17:48 - 17812992 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-02-15 17:10 - 2013-01-08 17:22 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-02-15 17:10 - 2013-01-08 17:19 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-02-15 17:10 - 2013-01-08 17:12 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-02-15 17:10 - 2013-01-08 17:12 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-02-15 17:10 - 2013-01-08 17:11 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-02-15 17:10 - 2013-01-08 17:10 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-02-15 17:10 - 2013-01-08 17:09 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-02-15 17:10 - 2013-01-08 17:07 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-02-15 17:10 - 2013-01-08 17:07 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-02-15 17:10 - 2013-01-08 17:07 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-02-15 17:10 - 2013-01-08 17:06 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-02-15 17:10 - 2013-01-08 17:05 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-02-15 17:10 - 2013-01-08 17:04 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-02-15 17:10 - 2013-01-08 17:00 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-02-15 17:10 - 2013-01-08 14:23 - 12321280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-02-15 17:10 - 2013-01-08 14:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-02-15 17:10 - 2013-01-08 14:09 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-02-15 17:10 - 2013-01-08 14:03 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-02-15 17:10 - 2013-01-08 14:03 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-02-15 17:10 - 2013-01-08 14:03 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-02-15 17:10 - 2013-01-08 14:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-02-15 17:10 - 2013-01-08 14:00 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-02-15 17:10 - 2013-01-08 13:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-02-15 17:10 - 2013-01-08 13:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-02-15 17:10 - 2013-01-08 13:58 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-02-15 17:10 - 2013-01-08 13:57 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-02-15 17:10 - 2013-01-08 13:56 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-02-15 17:10 - 2013-01-08 13:56 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-02-15 17:10 - 2013-01-08 13:56 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-02-15 17:10 - 2013-01-08 13:53 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-02-14 11:49 - 2013-01-03 21:46 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2013-02-14 11:49 - 2013-01-03 20:51 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-02-14 11:49 - 2013-01-03 19:26 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-02-14 11:49 - 2013-01-03 18:47 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-02-14 11:49 - 2013-01-03 18:47 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-02-14 11:49 - 2013-01-03 18:47 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-02-14 11:49 - 2013-01-03 18:47 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-02-14 11:49 - 2013-01-02 22:00 - 01913192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-02-14 11:49 - 2013-01-02 22:00 - 00288088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2013-02-14 11:45 - 2012-11-21 21:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll 2013-02-14 11:45 - 2012-11-21 20:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll ==================== One Month Modified Files and Folders ======= 2013-03-07 11:07 - 2012-09-09 10:22 - 00000000 ____D C:\users\raoday 2013-03-07 11:05 - 2012-09-09 10:25 - 00000000 ____D C:\Users\raoday\AppData\Local\Hewlett-Packard 2013-03-07 11:05 - 2012-07-29 01:56 - 00000000 ____D C:\ProgramData\Norton 2013-03-07 11:05 - 2012-07-29 01:56 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared 2013-03-07 11:05 - 2012-07-29 01:56 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security 2013-03-07 11:05 - 2012-07-29 01:43 - 00000000 ____D C:\Program Files\Synaptics 2013-03-07 11:05 - 2012-03-01 11:21 - 00000000 ____D C:\ProgramData\Hewlett-Packard 2013-03-07 11:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-03-07 11:02 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-03-07 08:06 - 2013-03-07 08:06 - 00000000 ___AD C:\TRK-INFECTED 2013-03-07 08:01 - 2013-03-07 03:22 - 00136063 ____A C:\clamscan-sda2.log 2013-03-05 08:19 - 2013-03-04 14:46 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-03-05 08:19 - 2013-03-04 11:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-03-04 23:54 - 2013-03-04 11:23 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0 2013-03-04 13:05 - 2012-10-07 15:15 - 00000000 ____D C:\Users\raoday\AppData\Local\CrashDumps 2013-03-04 11:04 - 2013-03-04 11:04 - 00000000 ____D C:\Users\raoday\AppData\Roaming\Malwarebytes 2013-03-04 11:03 - 2013-03-04 11:03 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-03-01 06:54 - 2013-02-01 03:05 - 00000000 ____D C:\Program Files (x86)\Ask.com 2013-02-23 07:58 - 2013-01-17 13:06 - 00696389 ____A C:\Windows\WindowsUpdate.log 2013-02-23 07:53 - 2013-02-20 18:22 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-02-23 07:53 - 2013-02-20 18:22 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-02-23 07:53 - 2013-01-17 13:03 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-02-23 07:53 - 2009-07-13 20:51 - 00062135 ____A C:\Windows\setupact.log 2013-02-16 06:35 - 2013-02-16 06:35 - 00275576 ____A C:\Windows\Minidump\021613-46956-01.dmp 2013-02-16 06:35 - 2012-11-11 07:30 - 326143478 ____A C:\Windows\MEMORY.DMP 2013-02-16 06:35 - 2012-11-11 07:30 - 00000000 ____D C:\Windows\Minidump 2013-02-15 18:45 - 2013-02-15 18:45 - 00000000 ____D C:\0be73b68f3e1d465cc12dd04 2013-02-15 18:38 - 2012-09-09 10:42 - 00000000 ____D C:\Users\raoday\AppData\Local\Microsoft Help 2013-02-15 18:37 - 2012-09-09 10:42 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-02-15 18:31 - 2013-02-15 17:31 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-02-15 18:14 - 2009-07-13 21:13 - 00730320 ____A C:\Windows\System32\PerfStringBackup.INI 2013-02-15 18:07 - 2009-07-13 20:45 - 00031472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-02-15 18:07 - 2009-07-13 20:45 - 00031472 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-02-15 17:52 - 2009-07-13 20:45 - 00416688 ____A C:\Windows\System32\FNTCACHE.DAT 2013-02-15 17:49 - 2013-02-15 17:49 - 00275576 ____A C:\Windows\Minidump\021513-71510-01.dmp 2013-02-15 17:05 - 2012-09-09 10:29 - 00109296 ____A C:\Users\raoday\AppData\Local\GDIPFONTCACHEV1.DAT 2013-02-14 14:35 - 2012-09-09 10:43 - 00000000 ____D C:\Windows\SHELLNEW 2013-02-14 14:35 - 2012-03-01 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2013-02-14 14:35 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-02-12 15:58 - 2012-09-09 10:42 - 00000000 __RHD C:\MSOCache 2013-02-07 16:49 - 2013-02-01 03:05 - 00000000 ____D C:\Firefox ATTENTION: ========> Check for possible partition/boot infection: C:\Windows\svchost.exe ==================== Known DLLs (Whitelisted) ================= ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit TDL4: custom:26000022 <===== ATTENTION! ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-02-23 07:58:10 Restore point made on: 2013-02-25 15:19:57 Restore point made on: 2013-02-26 14:29:59 Restore point made on: 2013-02-27 14:18:41 Restore point made on: 2013-02-28 17:54:25 Restore point made on: 2013-02-28 18:14:16 Restore point made on: 2013-03-01 04:02:37 Restore point made on: 2013-03-02 04:50:23 Restore point made on: 2013-03-04 11:03:24 Restore point made on: 2013-03-04 13:25:24 ==================== Memory info =========================== Percentage of memory in use: 19% Total physical RAM: 3561.37 MB Available physical RAM: 2862.83 MB Total Pagefile: 3559.52 MB Available Pagefile: 2846.82 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ==================== Partitions ============================= 1 Drive c: () (Fixed) (Total:445.43 GB) (Free:393.29 GB) NTFS ==>[System with boot components (obtained from reading drive)] 2 Drive e: (Recovery) (Fixed) (Total:20.03 GB) (Free:2.17 GB) NTFS ==>[System with boot components (obtained from reading drive)] 3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 5 Drive h: () (Removable) (Total:3.73 GB) (Free:2.84 GB) FAT32 6 Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS 7 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)] ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection. Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 465 GB 0 B Disk 1 Online 3819 MB 0 B Partitions of Disk 0: =============== Disk ID: 915B52F3 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 199 MB 1024 KB Partition 2 Primary 445 GB 200 MB Partition 3 Primary 20 GB 445 GB Partition 4 Primary 103 MB 465 GB ================================================================================== Disk: 0 Partition 1 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 Y SYSTEM NTFS Partition 199 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 C NTFS Partition 445 GB Healthy ========================================================= Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 E Recovery NTFS Partition 20 GB Healthy ========================================================= Disk: 0 Partition 4 Type : 0C Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 4 F HP_TOOLS FAT32 Partition 103 MB Healthy ========================================================= Partitions of Disk 1: =============== Disk ID: 00000000 Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 3818 MB 16 KB ================================================================================== Disk: 1 Partition 1 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 5 H FAT32 Removable 3818 MB Healthy ========================================================= Last Boot: 2013-01-28 06:07 ==================== End Of Log =============================