Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by SYSTEM on MININT-6JDJ8M5 on 15-12-2013 15:59:59
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMan] - C:\Windows\SOUNDMAN.EXE [604704 2009-04-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Amal\...\Run: [EPSON SX110 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE /FU "C:\Windows\TEMP\E_S44CE.tmp" /EF "HKCU"
HKU\Amal\...\Run: [Spotify Web Helper] - C:\Users\Amal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-11-17] (Spotify Ltd)
HKU\Amal\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\Amal\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Amal\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\Amal\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe [524680 2013-10-09] (Adobe Systems Incorporated)
Startup: C:\Users\Amal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)

==================== Drivers (Whitelisted) ====================

S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC64.SYS [3491616 2009-06-18] (Realtek Semiconductor Corp.)
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-27] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-27] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-27] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] ()
S3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-13] (Microsoft Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-13 23:26 - 2013-12-13 23:26 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2013-12-07 16:16 - 2013-12-07 16:16 - 00000000 ____D C:\FRST
2013-11-26 06:53 - 2013-11-26 06:55 - 00004232 _____ C:\Windows\IE11_main.log
2013-11-16 07:33 - 2013-11-16 07:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-12-15 07:36 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 07:35 - 2013-07-14 02:44 - 00018323 _____ C:\Windows\setupact.log
2013-12-14 16:06 - 2011-09-02 14:52 - 01621986 _____ C:\Windows\WindowsUpdate.log
2013-12-13 23:26 - 2013-12-13 23:26 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2013-12-07 16:16 - 2013-12-07 16:16 - 00000000 ____D C:\FRST
2013-12-07 07:24 - 2013-09-04 08:22 - 00000000 ____D C:\Users\Amal\AppData\Local\HTC MediaHub
2013-12-06 11:36 - 2013-07-14 02:44 - 00114092 _____ C:\Windows\PFRO.log
2013-12-06 10:31 - 2009-07-13 20:45 - 00015344 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-06 10:31 - 2009-07-13 20:45 - 00015344 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-26 06:55 - 2013-11-26 06:53 - 00004232 _____ C:\Windows\IE11_main.log
2013-11-26 06:45 - 2012-04-12 02:10 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-23 14:27 - 2011-11-21 15:43 - 00000000 ____D C:\Users\Amal\AppData\Roaming\Spotify
2013-11-23 06:27 - 2012-09-18 08:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-22 13:08 - 2011-09-04 11:28 - 00000133 _____ C:\Users\Amal\AppData\Roaming\default.pls
2013-11-22 12:43 - 2011-09-03 07:53 - 00000000 ____D C:\Users\Amal\AppData\Roaming\Azureus
2013-11-19 13:15 - 2011-09-02 14:52 - 00000000 ____D C:\users\Amal
2013-11-19 12:02 - 2013-06-12 10:22 - 00000000 ____D C:\Users\Amal\AppData\Roaming\Skype
2013-11-19 02:21 - 2011-09-02 15:19 - 00267936 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-11-18 17:11 - 2011-09-02 16:19 - 00001945 _____ C:\Windows\epplauncher.mif
2013-11-18 17:10 - 2012-04-30 14:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-18 17:10 - 2011-09-02 16:17 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-18 12:34 - 2011-11-21 15:44 - 00000000 ____D C:\Users\Amal\AppData\Local\Spotify
2013-11-17 03:13 - 2011-09-07 10:19 - 00000000 ____D C:\Users\Amal\AppData\Local\Adobe
2013-11-17 03:10 - 2012-04-12 02:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-17 03:10 - 2012-04-12 02:10 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-17 03:10 - 2011-09-02 16:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-17 02:59 - 2012-04-25 13:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-16 07:33 - 2013-11-16 07:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-11-06 11:15:46
Restore point made on: 2013-11-10 05:44:00
Restore point made on: 2013-11-13 13:27:31
Restore point made on: 2013-11-14 07:01:36
Restore point made on: 2013-11-17 07:22:32
Restore point made on: 2013-11-18 17:09:41
Restore point made on: 2013-11-22 12:45:04

==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 3071.3 MB
Available physical RAM: 2496.27 MB
Total Pagefile: 3069.45 MB
Available Pagefile: 2493.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:279.38 GB) (Free:135.84 GB) NTFS
Drive e: (GRMCHPXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
Drive f: () (Removable) (Total:0.95 GB) (Free:0.95 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 279 GB) (Disk ID: C0C57E73)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=279 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 977 MB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=976 MB) - (Type=06)


LastRegBack: 2013-11-20 10:31

==================== End Of Log ============================