Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-04-2013 Ran by SYSTEM on 24-04-2013 00:19:03 Running from G:\ Microsoft Windows XP (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Recovery The current controlset is ControlSet003 ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe [59392 2004-08-10] (Microsoft Corporation) HKLM\...\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company) HKLM\...\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe [49152 2004-06-07] (Hewlett-Packard) HKLM\...\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe [659456 2004-06-07] (Hewlett-Packard) HKLM\...\Run: [KBD] C:\HP\KBD\KBD.EXE [61440 2003-02-12] (Hewlett-Packard Company) HKLM\...\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE [233472 2004-04-15] () HKLM\...\Run: [AGRSMMSG] AGRSMMSG.exe [x] HKLM\...\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2004-09-10] (ATI Technologies, Inc.) HKLM\...\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [253952 2004-10-15] (Hewlett-Packard Company) HKLM\...\Run: [SoundMan] SOUNDMAN.EXE [x] HKLM\...\Run: [AlcWzrd] ALCWZRD.EXE [x] HKLM\...\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [221184 2005-07-19] (Logitech Inc.) HKLM\...\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe [458752 2005-06-08] (Logitech Inc.) HKLM\...\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe [217088 2005-06-08] (Logitech Inc.) HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [282624 2007-12-05] (Apple Computer, Inc.) HKLM\...\Run: [PS2] C:\WINDOWS\system32\ps2.exe [81920 2002-10-16] (Hewlett-Packard Company) HKLM\...\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" [1219248 2013-03-25] () HKLM\...\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation) HKLM\...\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot [296096 2012-10-24] (RealNetworks, Inc.) HKLM\...\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY [4394032 2013-03-13] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SoundDrivers] "C:\Documents and Settings\All Users\Application Data\f34rfcdsfwe.exe" [124928 2013-04-22] (Hilgraeve, Inc.) HKLM\...\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k [x] HKLM\...\Winlogon: [System] Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X] Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.) Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation) Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess HKU\Administrator\...\RunOnce: [avg_spchecker] "C:\Program Files\AVG\AVG8\Notification\SPChecker.exe" /start [x] HKU\HP_Administrator\...\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [ 2006-05-18] (Logitech) HKU\HP_Administrator\...\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot [ 2005-06-08] (Logitech Inc.) HKU\HP_Administrator\...\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup [ 2012-09-03] (Exent Technologies Ltd.) HKU\HP_Administrator\...\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background [ 2008-04-13] (Microsoft Corporation) HKU\HP_Administrator\...\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart [ 2013-03-07] (Google) HKU\HP_Administrator\...\Run: [q] "xidpwooedd.exe" [x] HKU\HP_Administrator\...\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1 [ 2006-03-30] (Adobe Systems Incorporated) HKU\HP_Administrator\...\Run: [SoundDrivers] "C:\Documents and Settings\All Users\Application Data\f34rfcdsfwe.exe" [x] HKU\HP_Administrator\...\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 3.1)" -"http://clubgames.pogo.com/online2/pogop/AncientTripeaks2/index.aspx?code=112265127&origin=pAllGames_lnk" [x] Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk ShortcutTarget: NkbMonitor.exe.lnk -> C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation) Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk ShortcutTarget: Updates from HP.lnk -> C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe (No File) Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\AutoTBar.exe (Hewlett-Packard) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart ========================== Services (Whitelisted) ================= S2 AOL ACS; C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe [1434848 2004-04-21] (America Online, Inc.) S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4937264 2013-02-27] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [282624 2013-02-19] (AVG Technologies CZ, s.r.o.) S2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [352248 2012-08-03] (Verizon) S3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [401408 2004-06-04] (Apple Computer, Inc.) S2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [38912 2004-09-23] () S2 PGMTrusted; C:\Program Files\Pogo Games\PGMTrusted.exe [519920 2012-10-29] (iWin Inc.) S2 vToolbarUpdater15.0.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [990896 2013-03-25] () S2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) S2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x] ==================== Drivers (Whitelisted) ==================== S3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [798208 2004-09-10] (ATI Technologies Inc.) S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-02-26] (AVG Technologies CZ, s.r.o.) S0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-03-01] (AVG Technologies CZ, s.r.o.) S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [170808 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [245048 2013-02-08] (AVG Technologies CZ, s.r.o.) S0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-02-08] (AVG Technologies CZ, s.r.o.) S1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-02-14] (AVG Technologies CZ, s.r.o.) S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [33624 2013-03-25] (AVG Technologies) S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) S2 CX23880; C:\Windows\System32\drivers\cx88vid.sys [160256 2004-10-13] (Conexant Systems, Inc.) S2 CX88ENC; C:\Windows\System32\drivers\cx88enc.sys [297344 2004-10-13] (Conexant Systems, Inc.) S3 CXAVXBAR; C:\Windows\System32\drivers\cxavxbar.sys [9472 2004-10-13] (Conexant Systems, Inc.) S2 CXTUNE; C:\Windows\System32\drivers\CX88TUNE.sys [31616 2004-10-13] (Conexant Systems, Inc.) S3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider) S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [51088 2004-03-19] (HP) S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2004-03-19] (HP) S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21744 2004-03-19] (HP) S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [737874 2004-08-21] (Intel Corporation) S3 IrBus; C:\Windows\System32\DRIVERS\IrBus.sys [46592 2008-04-13] (Microsoft Corporation) S3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.) S3 LVUSBSta; C:\Windows\System32\drivers\lvusbsta.sys [22016 2005-05-27] (Logitech Inc.) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\mbamswissarmy.sys [40776 2013-04-22] (Malwarebytes Corporation) S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [7136 2005-05-27] (Logitech Inc.) S3 Pfc; C:\Windows\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.) S3 rtl8139; C:\Windows\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation ) S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [9968 2010-02-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [4096 2006-02-16] (SuperAdBlocker, Inc.) S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [74480 2010-02-10] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SiS315; C:\Windows\System32\DRIVERS\sisgrp.sys [229888 2004-09-30] (Silicon Integrated Systems Corporation) S1 SiSkp; C:\Windows\System32\DRIVERS\srvkp.sys [12928 2004-09-24] (Silicon Integrated Systems Corporation) S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation) S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) S3 utc0mzuw; C:\WINDOWS\system32\Drivers\utc0mzuw.sys [7168 2010-07-07] () S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.) S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) S2 X4HSEx_Pr143; C:\Program Files\Free Ride Games\X4HSEx_Pr143.Sys [58696 2012-08-02] (Exent Technologies Ltd.) S4 Abiosdsk; No ImagePath S4 abp480n5; No ImagePath S4 adpu160m; No ImagePath S4 Aha154x; No ImagePath S4 aic78u2; No ImagePath S4 aic78xx; No ImagePath S4 AliIde; No ImagePath S4 amsint; No ImagePath S4 asc; No ImagePath S4 asc3350p; No ImagePath S4 asc3550; No ImagePath S4 Atdisk; No ImagePath S3 catchme; \??\C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\catchme.sys [x] S4 cd20xrnt; No ImagePath S1 Changer; No ImagePath S4 CmdIde; No ImagePath S4 Cpqarray; No ImagePath S4 dac2w2k; No ImagePath S4 dac960nt; No ImagePath S4 dpti2o; No ImagePath S4 hpn; No ImagePath S1 i2omgmt; No ImagePath S4 i2omp; No ImagePath S4 ini910u; No ImagePath S1 lbrtfdc; No ImagePath S4 mraid35x; No ImagePath S1 PCIDump; No ImagePath S3 PDCOMP; No ImagePath S3 PDFRAME; No ImagePath S3 PDRELI; No ImagePath S3 PDRFRAME; No ImagePath S4 perc2; No ImagePath S4 perc2hib; No ImagePath S4 ql1080; No ImagePath S4 Ql10wnt; No ImagePath S4 ql12160; No ImagePath S4 ql1240; No ImagePath S4 ql1280; No ImagePath S4 Simbad; No ImagePath S4 Sparrow; No ImagePath S4 symc810; No ImagePath S4 symc8xx; No ImagePath S4 sym_hi; No ImagePath S4 sym_u3; No ImagePath S4 TosIde; No ImagePath S4 ultra; No ImagePath S3 WDICA; No ImagePath S1 WS2IFSL; S2 X4HS32Ex; \??\C:\Program Files\Free Ride Games\X4HS32Ex.Sys [x] S2 X4HSEx; \??\C:\Program Files\Free Ride Games\X4HSEx.Sys [x] ========================== Drivers MD5 ======================= C:\Windows\System32\DRIVERS\ACPI.sys 8FD99680A539792A30E97944FDAECF17 C:\Windows\System32\Drivers\ACPIEC.sys 9859C0F6936E723E4892D7141B1327D5 C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557 C:\Windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9 C:\Windows\System32\DRIVERS\AGRSM.sys 593AEFC67283D409F34CC1245D00A509 C:\Windows\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674 C:\Windows\System32\DRIVERS\ati2mtag.sys 5658B0F5C6BD9D77723B93398E48F0F3 C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159 C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68 C:\Windows\System32\DRIVERS\avgidsdriverx.sys 1A2213B7D94944861449CB07BF2D099E C:\Windows\System32\DRIVERS\avgidshx.sys B0DEF92F4E1E6B9242E6C8FAB82703F7 C:\Windows\System32\DRIVERS\avgidsshimx.sys A426B2DC795531D99E2EE1952AEC051A C:\Windows\System32\DRIVERS\avgldx86.sys 08FA13787D77A75DC413E27FD92B44E8 C:\Windows\System32\DRIVERS\avglogx.sys 3E587EE55C70E6DB78A98D7121D3052E C:\Windows\System32\DRIVERS\avgmfx86.sys 5AC56B2CF8EE751796C5A8FC5C631B66 C:\Windows\System32\DRIVERS\avgtdix.sys 52448A41CF1769CB3627677A0509627B C:\WINDOWS\system32\drivers\avgtpx86.sys 635F9426BFDC8CFA95243B269FE0552B C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9 C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9 C:\Windows\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32 C:\Windows\System32\DRIVERS\cdrom.sys 4B0A100EAF5C49EF3CCA8C641431EACC C:\Windows\System32\drivers\cx88vid.sys 81BB470DD999DF035774345F1DFE06FD C:\Windows\System32\drivers\cx88enc.sys 9BA8538F3DAED99F43036D5516DD1290 C:\Windows\System32\drivers\cxavxbar.sys 7D5E89C7747A25E54450701C8840B2B1 C:\Windows\System32\drivers\CX88TUNE.sys 69FDE5609E173607F884A9641155EBA5 C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25 C:\Windows\System32\drivers\dmboot.sys D992FE1274BDE0F84AD826ACAE022A41 C:\Windows\System32\drivers\dmio.sys 7C824CF7BBDE77D95C08005717A95F6F C:\Windows\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45 C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8 C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E C:\Windows\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81 C:\Windows\System32\Drivers\Fips.sys D45926117EB9FA946A6AF572FBE1CAA3 C:\Windows\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0 C:\Windows\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0 C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A C:\Windows\System32\DRIVERS\ftdisk.sys 6AC26732762483366C3969C9E4D2259D C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8210B0B16E674586D331E804F81635BD C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2 C:\Windows\System32\DRIVERS\HDAudBus.sys 573C7D0A32852B48F3058CFD8026F511 C:\Windows\System32\DRIVERS\hidir.sys BB1A6FB7D35A91E599973FA74A619056 C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1 C:\Windows\System32\DRIVERS\HPZid412.sys 5FABA4775D4C61E55EC669D643FFC71F C:\Windows\System32\DRIVERS\HPZipr12.sys A3C43980EE1F1BEAC778B44EA65DBDD4 C:\Windows\System32\DRIVERS\HPZius12.sys 2906949BD4E206F2BB0DD1896CE9F66F C:\Windows\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38 C:\Windows\System32\DRIVERS\i8042prt.sys 4A0B06AA8943C1E332520F7440C0AA30 C:\Windows\System32\DRIVERS\ialmnt5.sys 0ACEBB31989CBF9A5663FE4A33D28D21 C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E C:\Windows\System32\drivers\RtkHDAud.sys 44792CCBC7B41B42EC068C6416D17DE1 C:\Windows\System32\DRIVERS\intelide.sys B5466A9250342A7AA0CD1FBA13420678 C:\Windows\System32\DRIVERS\intelppm.sys 8C953733D8F36EB2133F5BB58808B66B C:\Windows\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0 C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182 C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5 C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91 C:\Windows\System32\DRIVERS\IrBus.sys B43B36B382AEA10861F7C7A37F9D4AE2 C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89 C:\Windows\System32\DRIVERS\isapnp.sys 05A299EC56E52649B1CF2FC52D20F2D7 C:\Windows\System32\drivers\iviaspi.sys F59C3569A2F2C464BB78CB1BDCDCA55E C:\Windows\System32\DRIVERS\kbdclass.sys 463C1EC80CD17420A542B7F36A36F128 C:\Windows\System32\DRIVERS\kbdhid.sys 9EF487A186DEA361AA06913A75B3FA99 C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378 C:\Windows\System32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1 C:\Windows\System32\drivers\lvusbsta.sys C5EFBD05A5195402121711A6EBBB271F C:\WINDOWS\system32\drivers\mbamswissarmy.sys 0DB7527DB188C7D967A37BB51BBF3963 C:\Windows\System32\DRIVERS\mhndrv.sys 7F2F1D2815A6449D346FCCCBC569FBD6 C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6 C:\Windows\System32\Drivers\Modem.sys DFCBAD3CEC1C5F964962AE10E0BCC8E1 C:\Windows\System32\DRIVERS\mouclass.sys 35C9E97194C8CFB8430125F8DBC34D04 C:\Windows\System32\DRIVERS\mouhid.sys B1C303E17FB9D46E87A98E4BA6769685 C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD C:\Windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0 C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027 C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1 C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136 C:\Windows\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D C:\Windows\System32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5 C:\Windows\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D C:\Windows\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97 C:\Windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22 C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849 C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB C:\Windows\System32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0 C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D C:\Windows\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57 C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9 C:\Windows\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F C:\Windows\System32\DRIVERS\parport.sys 5575FAF8F97CE5E713D108C2A58D7C7C C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6 C:\Windows\System32\Drivers\ParVdm.sys 70E98B3FD8E963A6A46A2E6247E0BEA1 C:\Windows\System32\DRIVERS\pci.sys A219903CCF74233761D92BEF471A07B1 C:\Windows\system32\DRIVERS\pciide.sys CCF5F451BB1A5A2A522A76E670000FF0 C:\Windows\System32\Drivers\Pcmcia.sys 9E89EF60E9EE05E3F2EEF2DA7397F1C1 C:\Windows\System32\DRIVERS\lv302af.sys 2A3EFD6C3F116675D149DA5E36A010A4 C:\Windows\System32\drivers\pfc.sys 444F122E68DB44C0589227781F3C8B3F C:\Windows\System32\DRIVERS\LV302AV.SYS CEBEFEAE6156F4FEE41F56BE89EA9C96 C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99 C:\Windows\System32\DRIVERS\processr.sys A32BEBAF723557681BFC6BD93E98BD26 C:\Windows\System32\DRIVERS\PS2.sys BFFDB363485501A38F0BCA83AEC810DB C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424 C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD C:\Windows\System32\Drivers\PxHelp20.sys 30CBAE0A34359F1CD19D1576245149ED C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6 C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242 C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332 C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1 C:\Windows\System32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7 C:\Windows\System32\DRIVERS\redbook.sys F828DD7E1419B6653894A8F97A0094C5 C:\Windows\System32\DRIVERS\R8139n51.SYS 2EF9C0DC26B30B2318B1FC3FAA1F0AE7 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS BFBC4BE8D6AC6D33AD93F3F5F2E11499 C:\Program Files\SUPERAntiSpyware\SASENUM.SYS 7F1085895E499907F68DF7731924122B C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys C7D81C10D3BEFEEE41F3408714637438 C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE C:\Windows\System32\DRIVERS\serial.sys CCA207A8896D4C6A0C9CE29A4AE411A7 C:\Windows\System32\DRIVERS\sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562 C:\Windows\System32\DRIVERS\sisgrp.sys 020467B4EE7F73C304943BF0E3E4D526 C:\Windows\System32\DRIVERS\SISAGPX.sys 61CA562DEF09A782D26B3E7EDEC5369A C:\Windows\System32\DRIVERS\srvkp.sys 02960A9C3F4E5178EDBD9C0D2D995B3B C:\Windows\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14 C:\Windows\System32\DRIVERS\SONYPVU1.SYS A1ECEEAA5C5E74B2499EB51D38185B84 C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F C:\Windows\System32\DRIVERS\sr.sys 76BB022C2FB6902FD5BDD4F78FC13A5D C:\Windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7 C:\Windows\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2 C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01 C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290 C:\Windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397 C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61 C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9 C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31 C:\Windows\System32\drivers\usbaudio.sys E919708DB44ED8543A7C017953148330 C:\Windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8 C:\Windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7 C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B C:\Windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00 C:\Windows\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4 C:\Windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9 C:\Windows\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6 C:\WINDOWS\system32\Drivers\utc0mzuw.sys 524D8D450622DB4A7875B111C299A76B C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1 C:\Windows\system32\DRIVERS\viaide.sys 3B3EFCDA263B8AC14FDF9CBDD0791B2E C:\Windows\System32\Drivers\VolSnap.sys 4C8FCB5CC53AAB716D810740FE59D025 C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6 C:\Windows\System32\DRIVERS\wanatw4.sys 0A716C08CB13C3A8F4F51E882DBF7416 C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F C:\Windows\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78 C:\Program Files\Free Ride Games\X4HSEx_Pr143.Sys BCDC438BF7429772D1AA25233705C585 ==================== NetSvcs (Whitelisted) =================== NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation) ==================== One Month Created Files and Folders ======== 2013-04-23 21:44 - 2013-04-23 21:44 - 00000000 ____D C:\FRST 2013-04-23 16:15 - 2013-04-23 16:15 - 00090112 ____A C:\Windows\Minidump\Mini042313-03.dmp 2013-04-23 16:11 - 2013-04-23 16:11 - 00090112 ____A C:\Windows\Minidump\Mini042313-02.dmp 2013-04-23 16:08 - 2013-04-23 16:08 - 00090112 ____A C:\Windows\Minidump\Mini042313-01.dmp 2013-04-22 18:08 - 2013-04-22 20:40 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2013-04-22 15:40 - 2013-04-22 15:40 - 00098304 ____A C:\Windows\Minidump\Mini042213-01.dmp 2013-04-22 10:23 - 2013-04-22 10:23 - 00124928 ____A (Hilgraeve, Inc.) C:\Documents and Settings\All Users\Application Data\f34rfcdsfwe.exe 2013-04-21 23:23 - 2013-04-21 23:21 - 00068320 ___AH C:\Windows\Minidump\Mini042113-01.dmp 2013-04-10 03:12 - 2013-04-10 03:13 - 00085769 ____A C:\Windows\KB2817183-IE8.log 2013-04-10 03:11 - 2013-04-10 03:11 - 00000215 ____A C:\Windows\System32\MRT.INI 2013-04-10 03:11 - 2013-04-10 03:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$ 2013-04-10 03:11 - 2013-04-10 03:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2808735$ 2013-04-10 03:03 - 2013-04-10 03:03 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$ 2013-04-10 03:02 - 2013-04-10 03:02 - 00000000 __HDC C:\Windows\$NtUninstallKB2813170$ 2013-04-09 16:40 - 2013-04-10 03:12 - 00150496 ____A C:\Windows\KB2808735.log 2013-04-09 16:40 - 2013-04-10 03:11 - 00149500 ____A C:\Windows\KB2820917.log 2013-04-09 16:40 - 2013-04-10 03:03 - 00149739 ____A C:\Windows\KB2813345.log 2013-04-01 19:19 - 2013-04-01 19:19 - 00000000 ____D C:\1fca4a979587afe1b176b92e79876fe7 2013-04-01 19:13 - 2013-04-01 19:12 - 00068320 ___AH C:\Windows\Minidump\Mini040113-01.dmp 2013-03-25 20:40 - 2013-03-25 20:40 - 00000000 ____D C:\Program Files\AVG Secure Search ==================== One Month Modified Files and Folders ======== 2013-04-23 21:44 - 2013-04-23 21:44 - 00000000 ____D C:\FRST 2013-04-23 20:25 - 2004-11-05 04:47 - 01951465 ____A C:\Windows\WindowsUpdate.log 2013-04-23 20:25 - 2004-11-05 03:25 - 00001158 ____A C:\Windows\System32\wpa.dbl 2013-04-23 20:24 - 2012-10-24 16:55 - 00000300 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2438911799-3484224873-888160877-1008.job 2013-04-23 20:24 - 2004-11-05 04:44 - 00000000 ____D C:\Windows\Registration 2013-04-23 20:23 - 2004-11-04 20:40 - 00000159 ____A C:\Windows\wiadebug.log 2013-04-23 20:23 - 2004-11-04 20:40 - 00000049 ____A C:\Windows\wiaservc.log 2013-04-23 20:22 - 2010-02-15 15:46 - 00000886 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-04-23 20:22 - 2010-02-15 15:46 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-04-23 20:22 - 2005-03-19 18:34 - 00000062 __ASH C:\Documents and Settings\HP_Administrator\Local Settings\desktop.ini 2013-04-23 20:22 - 2004-11-05 04:56 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini 2013-04-23 20:22 - 2004-11-05 04:56 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini 2013-04-23 20:22 - 2004-11-05 04:56 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-04-23 18:54 - 2011-09-12 01:52 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData 2013-04-23 16:15 - 2013-04-23 16:15 - 00090112 ____A C:\Windows\Minidump\Mini042313-03.dmp 2013-04-23 16:11 - 2013-04-23 16:11 - 00090112 ____A C:\Windows\Minidump\Mini042313-02.dmp 2013-04-23 16:08 - 2013-04-23 16:08 - 00090112 ____A C:\Windows\Minidump\Mini042313-01.dmp 2013-04-23 15:46 - 2012-10-24 16:48 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-04-22 23:55 - 2012-10-24 16:55 - 00000308 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2438911799-3484224873-888160877-1008.job 2013-04-22 23:55 - 2012-08-14 02:10 - 00000000 ___SD C:\Documents and Settings\HP_Administrator\My Documents\Google Drive 2013-04-22 20:59 - 2004-11-05 04:56 - 00032574 ____A C:\Windows\SchedLgU.Txt 2013-04-22 20:40 - 2013-04-22 18:08 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2013-04-22 15:40 - 2013-04-22 15:40 - 00098304 ____A C:\Windows\Minidump\Mini042213-01.dmp 2013-04-22 15:40 - 2006-03-03 20:26 - 00000000 ____D C:\Windows\Minidump 2013-04-22 10:23 - 2013-04-22 10:23 - 00124928 ____A (Hilgraeve, Inc.) C:\Documents and Settings\All Users\Application Data\f34rfcdsfwe.exe 2013-04-21 23:28 - 2005-03-19 18:34 - 00000278 ___SH C:\Documents and Settings\HP_Administrator\ntuser.ini 2013-04-21 23:21 - 2013-04-21 23:23 - 00068320 ___AH C:\Windows\Minidump\Mini042113-01.dmp 2013-04-12 21:22 - 2012-08-10 23:03 - 00000000 ____D C:\Documents and Settings\HP_Administrator\Desktop\Ferret Inn 2013-04-10 03:30 - 2004-11-04 20:36 - 00282928 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-10 03:13 - 2013-04-10 03:12 - 00085769 ____A C:\Windows\KB2817183-IE8.log 2013-04-10 03:13 - 2004-11-04 20:37 - 03184341 ____A C:\Windows\FaxSetup.log 2013-04-10 03:13 - 2004-11-04 20:37 - 01533685 ____A C:\Windows\ocgen.log 2013-04-10 03:13 - 2004-11-04 20:37 - 01461881 ____A C:\Windows\tsoc.log 2013-04-10 03:13 - 2004-11-04 20:37 - 01001693 ____A C:\Windows\iis6.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00975208 ____A C:\Windows\msmqinst.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00901212 ____A C:\Windows\comsetup.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00571198 ____A C:\Windows\netfxocm.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00547958 ____A C:\Windows\ntdtcsetup.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00361999 ____A C:\Windows\plusoc.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00267952 ____A C:\Windows\MedCtrOC.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00172531 ____A C:\Windows\ehOCGen.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00160060 ____A C:\Windows\tabletoc.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00157953 ____A C:\Windows\msgsocm.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00149192 ____A C:\Windows\ocmsn.log 2013-04-10 03:13 - 2004-11-04 20:37 - 00001374 ____A C:\Windows\imsins.log 2013-04-10 03:12 - 2013-04-09 16:40 - 00150496 ____A C:\Windows\KB2808735.log 2013-04-10 03:12 - 2010-09-05 10:25 - 00000000 ____D C:\Windows\ie8updates 2013-04-10 03:12 - 2005-07-08 23:22 - 00354788 ____A C:\Windows\updspapi.log 2013-04-10 03:12 - 2005-07-08 19:07 - 00000000 ___HD C:\Windows\$hf_mig$ 2013-04-10 03:12 - 2004-11-04 20:37 - 00001374 ____A C:\Windows\imsins.BAK 2013-04-10 03:11 - 2013-04-10 03:11 - 00000215 ____A C:\Windows\System32\MRT.INI 2013-04-10 03:11 - 2013-04-10 03:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2820917$ 2013-04-10 03:11 - 2013-04-10 03:11 - 00000000 __HDC C:\Windows\$NtUninstallKB2808735$ 2013-04-10 03:11 - 2013-04-09 16:40 - 00149500 ____A C:\Windows\KB2820917.log 2013-04-10 03:04 - 2006-04-15 07:29 - 70490256 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-04-10 03:03 - 2013-04-10 03:03 - 00000000 __HDC C:\Windows\$NtUninstallKB2813345$ 2013-04-10 03:03 - 2013-04-09 16:40 - 00149739 ____A C:\Windows\KB2813345.log 2013-04-10 03:02 - 2013-04-10 03:02 - 00000000 __HDC C:\Windows\$NtUninstallKB2813170$ 2013-04-05 08:20 - 2012-10-31 15:26 - 00000713 ____A C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk 2013-04-03 22:07 - 2011-01-10 19:12 - 00000000 ____D C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Turbine 2013-04-01 19:19 - 2013-04-01 19:19 - 00000000 ____D C:\1fca4a979587afe1b176b92e79876fe7 2013-04-01 19:12 - 2013-04-01 19:13 - 00068320 ___AH C:\Windows\Minidump\Mini040113-01.dmp 2013-03-25 20:40 - 2013-03-25 20:40 - 00000000 ____D C:\Program Files\AVG Secure Search 2013-03-25 20:40 - 2012-09-04 01:14 - 00033624 ____A (AVG Technologies) C:\Windows\System32\Drivers\avgtpx86.sys 2013-03-25 20:40 - 2011-12-19 10:49 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\AVG Secure Search 2013-03-25 20:39 - 2012-06-21 22:15 - 00059238 ____A C:\Windows\setupapi.log ==================== Known DLLs (ALL) ========================= ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points (XP) ===================== RP: -> 2013-04-21 19:02 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2020 RP: -> 2013-04-20 13:52 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2019 RP: -> 2013-04-18 21:04 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2018 RP: -> 2013-04-17 17:41 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2017 RP: -> 2013-04-16 13:47 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2016 RP: -> 2013-04-15 12:54 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2015 RP: -> 2013-04-14 08:09 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2014 RP: -> 2013-04-13 07:56 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2013 RP: -> 2013-04-11 05:21 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2012 RP: -> 2013-04-10 03:01 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2011 RP: -> 2013-04-10 01:44 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2010 RP: -> 2013-04-08 19:29 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2009 RP: -> 2013-04-07 13:21 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2008 RP: -> 2013-04-06 13:15 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2007 RP: -> 2013-04-05 07:49 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2006 RP: -> 2013-04-04 07:25 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2005 RP: -> 2013-04-02 21:17 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2004 RP: -> 2013-04-01 19:19 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2003 RP: -> 2013-04-01 00:49 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2002 RP: -> 2013-03-30 12:59 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2001 RP: -> 2013-03-29 12:00 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP2000 RP: -> 2013-03-28 10:11 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1999 RP: -> 2013-03-27 09:42 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1998 RP: -> 2013-03-25 20:42 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1997 RP: -> 2013-03-25 20:38 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1996 RP: -> 2013-03-25 20:37 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1995 RP: -> 2013-03-25 20:37 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1994 RP: -> 2013-03-25 12:31 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1993 RP: -> 2013-03-24 09:08 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1992 RP: -> 2013-03-23 07:13 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1991 RP: -> 2013-03-22 03:00 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1990 RP: -> 2013-03-22 00:33 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1989 RP: -> 2013-03-21 00:33 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1988 RP: -> 2013-03-19 21:48 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1987 RP: -> 2013-03-18 02:10 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1986 RP: -> 2013-03-16 09:42 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1985 RP: -> 2013-03-15 09:39 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1984 RP: -> 2013-03-14 07:41 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1983 RP: -> 2013-03-13 03:00 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1982 RP: -> 2013-03-12 20:00 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1981 RP: -> 2013-03-11 18:55 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1980 RP: -> 2013-03-10 16:29 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1979 RP: -> 2013-03-09 00:38 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1978 RP: -> 2013-03-07 23:37 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1977 RP: -> 2013-03-04 10:23 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1976 RP: -> 2013-03-03 06:45 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1975 RP: -> 2013-03-01 21:47 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1974 RP: -> 2013-02-25 07:59 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1973 RP: -> 2013-02-23 15:40 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1972 RP: -> 2013-02-22 08:12 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1971 RP: -> 2013-02-21 03:04 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1970 RP: -> 2013-02-18 22:09 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1969 RP: -> 2013-02-15 22:28 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1968 RP: -> 2013-02-14 19:15 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1967 RP: -> 2013-02-13 04:01 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1966 RP: -> 2013-02-12 12:56 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1965 RP: -> 2013-02-11 11:42 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1964 RP: -> 2013-02-10 10:17 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1963 RP: -> 2013-02-09 08:56 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1962 RP: -> 2013-02-07 23:18 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1961 RP: -> 2013-02-06 22:09 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1960 RP: -> 2013-02-05 11:23 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1959 RP: -> 2013-02-03 12:38 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1958 RP: -> 2013-02-02 12:22 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1957 RP: -> 2013-02-01 12:06 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1956 RP: -> 2013-01-31 11:49 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1955 RP: -> 2013-01-30 06:35 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1954 RP: -> 2013-01-29 01:34 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1953 RP: -> 2013-01-27 12:38 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1952 RP: -> 2013-01-26 09:24 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1951 RP: -> 2013-01-25 01:37 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1950 RP: -> 2013-01-23 21:50 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1949 RP: -> 2013-01-22 18:45 - 028672 _restore{6F354F18-CACC-49BA-8A22-3DF3CA9BD55B}\RP1948 ==================== Memory info =========================== Percentage of memory in use: 14% Total physical RAM: 2047.3 MB Available physical RAM: 1760.48 MB Total Pagefile: 1877.92 MB Available Pagefile: 1809.38 MB Total Virtual: 2047.88 MB Available Virtual: 1993.38 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS Drive c: (HP_PAVILION) (Fixed) (Total:272.7 GB) (Free:221.12 GB) NTFS ==>[Drive with boot components (Windows XP)] Drive e: (HP_RECOVERY) (Fixed) (Total:6.74 GB) (Free:0.67 GB) FAT32 ==>[Drive with boot components (Windows XP)] Drive g: (DISKGO) (Removable) (Total:14.93 GB) (Free:14.87 GB) NTFS Drive x: (ReatogoPE) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 279 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 Primary 6918 MB 32 KB Partition 2 Primary 273 GB 6918 MB ================================================================================== Disk: 0 Partition 1 Type : 0B Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 E HP_RECOVERY FAT32 Partition 6918 MB Healthy ========================================================= Disk: 0 Partition 2 Type : 07 Hidden: No Active: Yes Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 3 C HP_PAVILION NTFS Partition 273 GB Healthy ========================================================= ============================== MBR & Partition Table ================== ==================================================================== Disk: 0 (Size: 279 GB) (Disk ID: 5FE34B69) Partition 1: (Not Active) - (Size=7 GB) - (Type=0B) Partition 2: (Active) - (Size=273 GB) - (Type=07) (NTFS) Partition 3: (Active) - (Size=0 byte) - (Type=00) ==================================================================== Disk: 2 (Size: 15 GB) (Disk ID: DD63145A) Partition 1: (Not Active) - (Size=15 GB) - (Type=07) (NTFS) ==================== End Of Log ============================