Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2012 (ATTENTION: FRST version is 119 days old)
Ran by SYSTEM at 09-04-2013 12:53:12
Running from X:\
Microsoft Windows XP (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1512744 2009-05-26] (Synaptics Incorporated)
HKLM\...\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe [53248 2009-05-14] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [18432 2008-08-22] (Sony Electronics Inc)
HKLM\...\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [217088 2009-03-26] (Sony Corporation)
HKLM\...\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [503808 2008-07-22] (Sony Corporation)
HKLM\...\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [315392 2008-05-15] (Sony Corporation)
HKLM\...\Run: [VAIO Update 4] "C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe" /Stationary [866144 2008-06-11] (Sony Corporation)
HKLM\...\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [18432 2008-08-22] (Sony Electronics Inc)
HKLM\...\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [x]
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421160 2011-03-07] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [x]
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1259376 2011-07-28] ()
HKLM\...\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKU\Administrator\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\Marita XoXo\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Corporation)
HKU\Marita XoXo\...\Run: [Facebook Update] "C:\Documents and Settings\Marita XoXo\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)
HKU\Marita XoXo\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [18705664 2013-01-08] (Skype Technologies S.A.)
HKU\Marita XoXo\...\Winlogon: [Shell] explorer.exe [x]
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
Winlogon\Notify\WgaLogon: WgaLogon.dll (Microsoft Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 24.200.241.37 24.202.72.13
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
Startup: C:\Documents and Settings\Marita XoXo\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Services (Whitelisted) ===================
3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
2 Eventlog; C:\Windows\System32\services.exe [110592 2009-02-06] (Microsoft Corporation)
2 HitmanPro37CrusaderBoot; "C:\Documents and Settings\Marita XoXo\Desktop\HitmanPro.exe" /crusader:boot [9096848 2013-04-05] (SurfRight B.V.)
2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
2 RaAutoInstSrv_AM10; C:\Program Files\Cisco Systems\Cisco Valet Connector\CiscoAdapterSvc.exe [529024 2010-04-15] (Cisco Consumer Products LLC)
2 Skype C2C Service; "C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [3289208 2013-01-31] (Skype Technologies S.A.)
3 SOHCImp; "C:\Program Files\Common Files\Sony Shared\SOHLib\SOHCImp.exe" [120104 2009-03-25] (Sony Corporation)
3 SOHDBSvr; "C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe" [70952 2009-03-25] (Sony Corporation)
3 SOHDms; "C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe" [390440 2009-03-25] (Sony Corporation)
3 SOHDs; "C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDs.exe" [75048 2009-03-25] (Sony Corporation)
3 SOHPlMgr; "C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe" [91432 2009-03-25] (Sony Corporation)
2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
2 UTSCSI; C:\WINDOWS\system32\UTSCSI.EXE [45056 2012-12-25] ()
3 VAIO Entertainment TV Device Arbitration Service; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" [69632 2009-01-21] (Sony Corporation)
2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [176128 2009-03-18] (Sony Corporation)
2 VCFw; "C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe" [5184872 2009-01-14] (Sony Corporation)
3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -RunBySCM [313264 2009-01-21] (Sony Corporation)
2 VzCdbSvc; "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe" [192512 2009-01-21] (Sony Corporation)
3 AppMgmt; C:\Windows\System32\appmgmts.dll [x]
3 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [x]
3 idsvc; "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [x]
2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
4 NetTcpPortSharing; "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [x]
==================== Drivers (Whitelisted) ====================
3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [91776 2009-04-10] (Ricoh co.,Ltd.)
3 AM10; C:\Windows\System32\DRIVERS\AM10XP.sys [816672 2010-03-23] (Ralink Technology, Corp.)
3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1684736 2009-05-14] (Creative)
3 AR5416; C:\Windows\System32\DRIVERS\athw.sys [1529600 2009-03-28] (Atheros Communications, Inc.)
3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [14336 2008-04-25] (ArcSoft, Inc.)
3 AWINDIS5; \??\C:\WINDOWS\system32\AWINDIS5.SYS [16194 2002-04-12] (AMBIT Microsystems Corporation.)
3 btaudio; C:\Windows\System32\drivers\btaudio.sys [534312 2009-06-11] (Broadcom Corporation.)
3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37160 2009-06-11] (Broadcom Corporation.)
3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [991136 2009-06-11] (Broadcom Corporation.)
3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156816 2009-06-11] (Broadcom Corporation.)
3 btwhid; C:\Windows\System32\DRIVERS\btwhid.sys [56992 2009-06-11] (Broadcom Corporation.)
3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [47272 2009-06-11] (Broadcom Corporation.)
3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Windows ® Server 2003 DDK provider)
3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [39424 2009-05-26] (Atheros Communications, Inc.)
3 MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1389056 2009-05-14] (Creative Technology Ltd.)
3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
3 SNC; C:\Windows\System32\Drivers\SonyNC.sys [48896 2009-03-04] (Sony Corporation)
3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-16] (Sony Corporation)
3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
4 Abiosdsk; [x]
4 abp480n5; [x]
4 adpu160m; [x]
4 Aha154x; [x]
4 aic78u2; [x]
4 aic78xx; [x]
4 AliIde; [x]
4 amsint; [x]
4 asc; [x]
4 asc3350p; [x]
4 asc3550; [x]
4 Atdisk; [x]
4 cd20xrnt; [x]
1 Changer; [x]
4 CmdIde; [x]
4 Cpqarray; [x]
4 dac2w2k; [x]
4 dac960nt; [x]
4 dpti2o; [x]
4 hitmanpro37; \??\C:\WINDOWS\system32\drivers\hitmanpro37.sys [x]
4 hpn; [x]
1 i2omgmt; [x]
4 i2omp; [x]
4 ini910u; [x]
4 IntelIde; [x]
1 lbrtfdc; [x]
4 mraid35x; [x]
1 PCIDump; [x]
3 PDCOMP; [x]
3 PDFRAME; [x]
3 PDRELI; [x]
3 PDRFRAME; [x]
4 perc2; [x]
4 perc2hib; [x]
4 ql1080; [x]
4 Ql10wnt; [x]
4 ql12160; [x]
4 ql1240; [x]
4 ql1280; [x]
4 Simbad; [x]
4 Sparrow; [x]
4 symc810; [x]
4 symc8xx; [x]
4 sym_hi; [x]
4 sym_u3; [x]
4 TosIde; [x]
4 ultra; [x]
4 ViaIde; [x]
3 WDICA; [x]
========================== Drivers MD5 =======================
C:\Windows\System32\DRIVERS\5U876.sys 21e762887187cf03494104165f3c148d
C:\Windows\System32\DRIVERS\ACPI.sys d8fb7d1c3f5bfa3f53fe9cc6367e9e99
C:\Windows\System32\DRIVERS\ACPIEC.sys 9859c0f6936e723e4892d7141b1327d5
C:\Windows\System32\drivers\aec.sys 8bed39e3c35d6a489438b8141717a557
C:\Windows\System32\drivers\afd.sys 1e44bc1e83d8fd2305f8d452db109cf9
C:\Windows\System32\DRIVERS\AM10XP.sys 678c8fdb9d6094d41f322b7159853c54
C:\Windows\System32\drivers\Ambfilt.sys f6af59d6eee5e1c304f7f73706ad11d8
C:\Windows\System32\DRIVERS\athw.sys d3e782ad9dca4d6215222a43345f43b0
C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys 35a6a419d7526f5cf824afb23afa08d6
C:\Windows\System32\DRIVERS\asyncmac.sys b153affac761e7f5fcfa822b9c4e97bc
C:\Windows\System32\DRIVERS\atapi.sys 9f3a2f5aa6875c72bf062c712cfa2674
C:\Windows\System32\DRIVERS\atmarpc.sys 9916c1225104ba14794209cfa8012159
C:\Windows\System32\DRIVERS\audstub.sys d9f724aa26c010a217c97606b160ed68
C:\WINDOWS\system32\AWINDIS5.SYS f62b70d3209e38a6c19a03109a25b903
C:\Windows\System32\Drivers\Beep.sys da1f27d85e0d1525f6621372e7b685e9
C:\Windows\System32\drivers\btaudio.sys 2c04f295f7f40eb46f7accd3f6cdef4a
C:\Windows\System32\DRIVERS\btport.sys 2f9f111d31aa3fbbe5781d829a4524e6
C:\Windows\System32\DRIVERS\btkrnl.sys 75130181fa2fd6cbe83083c5311abe78
C:\Windows\System32\DRIVERS\btwdndis.sys 485020a1e1fc5c51a800ca69c618d881
C:\Windows\System32\DRIVERS\btwhid.sys c51d50cf24da69a9c499e65b0edb3bb7
C:\Windows\System32\Drivers\btwusb.sys 6b622612fe21b59faee2ca4385959778
C:\Windows\System32\Drivers\cbidf2k.sys 90a673fc8e12a79afbed2576f6a7aaf9
C:\Windows\System32\DRIVERS\CCDECODE.sys 0be5aef125be881c4f854c554f2b025c
C:\Windows\System32\Drivers\Cdaudio.sys c1b486a7658353d33a10cc15211a873b
C:\Windows\System32\Drivers\Cdfs.sys c885b02847f5d2fd45a24e219ed93b32
C:\Windows\System32\DRIVERS\cdrom.sys 1f4260cc5b42272d71f79e570a27a4fe
C:\Windows\System32\DRIVERS\CmBatt.sys 0f6c187d38d98f8df904589a5f94d411
C:\Windows\System32\DRIVERS\compbatt.sys 6e4c9f21f0fae8940661144f41b13203
C:\Windows\System32\DRIVERS\disk.sys 044452051f3e02e7963599fc8f4f3e25
C:\Windows\System32\drivers\dmboot.sys d992fe1274bde0f84ad826acae022a41
C:\Windows\System32\DRIVERS\DMICall.sys 526192bf7696f72e29777bf4a180513a
C:\Windows\System32\drivers\dmio.sys 7c824cf7bbde77d95c08005717a95f6f
C:\Windows\System32\drivers\dmload.sys e9317282a63ca4d188c0df5e09c6ac5f
C:\Windows\System32\drivers\DMusic.sys 8a208dfcf89792a484e76c40e5f50b45
C:\Windows\System32\drivers\drmkaud.sys 8f5fcff8e8848afac920905fbd9d33c8
C:\Windows\System32\Drivers\Fastfat.sys 38d332a6d56af32635675f132548343e
C:\Windows\System32\Drivers\Fdc.sys 92cdd60b6730b9f50f6a1a0c1f8cdc81
C:\Windows\System32\Drivers\Fips.sys d45926117eb9fa946a6af572fbe1caa3
C:\Windows\System32\Drivers\Flpydisk.sys 9d27e7b80bfcdf1cdd9b555862d5e7f0
C:\Windows\System32\drivers\fltmgr.sys b2cf4b0786f8212cb92ed2b50c6db6b0
C:\Windows\System32\Drivers\Fs_Rec.sys 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a
C:\Windows\System32\DRIVERS\ftdisk.sys 6ac26732762483366c3969c9e4d2259d
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msgpc.sys 0a02c63c8b144bd8c86b103dee7c86a2
C:\Windows\System32\DRIVERS\HDAudBus.sys 573c7d0a32852b48f3058cfd8026f511
C:\Windows\System32\DRIVERS\hidusb.sys ccf82c5ec8a7326c3066de870c06daf1
C:\Windows\System32\Drivers\HTTP.sys f80a415ef82cd06ffaf0d971528ead38
C:\Windows\System32\DRIVERS\i8042prt.sys 4a0b06aa8943c1e332520f7440c0aa30
C:\Windows\System32\DRIVERS\igxpmp32.sys 48846b31be5a4fa662ccfde7a1ba86b9
C:\Windows\System32\DRIVERS\imapi.sys 083a052659f5310dd8b6a6cb05edcf8e
C:\Windows\System32\drivers\RtkHDAud.sys 43b0b2d3d22afb63197fe011d02a977b
C:\Windows\System32\DRIVERS\intelppm.sys 8c953733d8f36eb2133f5bb58808b66b
C:\Windows\System32\drivers\ip6fw.sys 3bb22519a194418d5fec05d800a19ad0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731f22ba402ee4b62748adaf6363c182
C:\Windows\System32\DRIVERS\ipinip.sys b87ab476dcf76e72010632b5550955f5
C:\Windows\System32\DRIVERS\ipnat.sys cc748ea12c6effde940ee98098bf96bb
C:\Windows\System32\DRIVERS\ipsec.sys 23c74d75e36e7158768dd63d92789a91
C:\Windows\System32\DRIVERS\irenum.sys c93c9ff7b04d772627a3646d89f7bf89
C:\Windows\System32\DRIVERS\isapnp.sys 05a299ec56e52649b1cf2fc52d20f2d7
C:\Windows\System32\DRIVERS\kbdclass.sys 463c1ec80cd17420a542b7f36a36f128
C:\Windows\System32\drivers\kmixer.sys 692bcf44383d056aed41b045a323d378
C:\Windows\System32\Drivers\KSecDD.sys b467646c54cc746128904e1654c750c1
C:\Windows\System32\DRIVERS\l1c51x86.sys 1e256e6541ddd97a1931a2a300317166
C:\WINDOWS\system32\drivers\mbam.sys 629cabb0421668c9d3d402a3c3d77e14
C:\Windows\System32\Drivers\mnmdd.sys 4ae068242760a1fb6e1a44bf4e16afa6
C:\Windows\System32\Drivers\Modem.sys dfcbad3cec1c5f964962ae10e0bcc8e1
C:\Windows\System32\drivers\Monfilt.sys 9fa7207d1b1adead88ae8eed9cdbbaa5
C:\Windows\System32\DRIVERS\mouclass.sys 35c9e97194c8cfb8430125f8dbc34d04
C:\Windows\System32\DRIVERS\mouhid.sys b1c303e17fb9d46e87a98e4ba6769685
C:\Windows\System32\Drivers\MountMgr.sys a80b9a0bad1b73637dbcbba7df72d3fd
C:\Windows\System32\DRIVERS\mrxdav.sys 11d42bb6206f33fbb3ba0288d3ef81bd
C:\Windows\System32\Drivers\Msfs.sys c941ea2454ba8350021d774daf0f1027
C:\Windows\System32\drivers\MSKSSRV.sys d1575e71568f4d9e14ca56b7b0453bf1
C:\Windows\System32\drivers\MSPCLOCK.sys 325bb26842fc7ccc1fcce2c457317f3e
C:\Windows\System32\drivers\MSPQM.sys bad59648ba099da4a17680b39730cb3d
C:\Windows\System32\DRIVERS\mssmbios.sys af5f4f3f14a8ea2c26de30f7a1e17136
C:\Windows\System32\drivers\MSTEE.sys e53736a9e30c45fa9e7b5eac55056d1d
C:\Windows\System32\Drivers\Mup.sys de6a75f5c270e756c5508d94b6cf68f5
C:\Windows\System32\DRIVERS\NABTSFEC.sys 5b50f1b2a2ed47d560577b221da734db
C:\Windows\System32\Drivers\NDIS.sys 1df7f42665c94b825322fae71721130d
C:\Windows\System32\DRIVERS\NdisIP.sys 7ff1f1fd8609c149aa432f95a8163d97
C:\Windows\System32\DRIVERS\ndistapi.sys 0109c4f3850dfbab279542515386ae22
C:\Windows\System32\DRIVERS\ndisuio.sys f927a4434c5028758a842943ef1a3849
C:\Windows\System32\DRIVERS\ndiswan.sys edc1531a49c80614b2cfda43ca8659ab
C:\Windows\System32\Drivers\NDProxy.sys 9282bd12dfb069d3889eb3fcc1000a9b
C:\Windows\System32\DRIVERS\netaapl.sys 29c45722e20572b6440b57e3359e73ee
C:\Windows\System32\DRIVERS\netbt.sys 74b2b2f5bea5e9a3dc021d685551bd3d
C:\Windows\System32\Drivers\Npfs.sys 3182d64ae053d6fb034f44b6def8034a
C:\Windows\System32\Drivers\Ntfs.sys 78a08dd6a8d65e697c18e1db01c5cdca
C:\Windows\System32\Drivers\Null.sys 73c1e1f395918bc2c6dd67af7591a3ad
C:\Windows\System32\DRIVERS\nwlnkflt.sys b305f3fad35083837ef46a0bbce2fc57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys c99b3415198d1aab7227f2c88fd664b9
C:\Windows\System32\Drivers\Parport.sys 5575faf8f97ce5e713d108c2a58d7c7c
C:\Windows\System32\Drivers\PartMgr.sys beb3ba25197665d82ec7065b724171c6
C:\Windows\System32\Drivers\ParVdm.sys 70e98b3fd8e963a6a46a2e6247e0bea1
C:\Windows\System32\DRIVERS\pci.sys a219903ccf74233761d92bef471a07b1
C:\Windows\System32\DRIVERS\pciide.sys ccf5f451bb1a5a2a522a76e670000ff0
C:\Windows\System32\Drivers\Pcmcia.sys 9e89ef60e9ee05e3f2eef2da7397f1c1
C:\Windows\System32\DRIVERS\raspptp.sys efeec01b1d3cf84f16ddd24d9d9d8f99
C:\Windows\System32\DRIVERS\psched.sys 09298ec810b07e5d582cb3a3f9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80d317bd1c3dbc5d4fe7b1678c60cadd
C:\Windows\System32\Drivers\PxHelp20.sys 153d02480a0a2f45785522e814c634b6
C:\Windows\System32\DRIVERS\rasacd.sys fe0d99d6f31e4fad8159f690d68ded9c
C:\Windows\System32\DRIVERS\rasl2tp.sys 11b4a627bc9614b885c4969bfa5ff8a6
C:\Windows\System32\DRIVERS\raspppoe.sys 5bc962f2654137c9909c3d4603587dee
C:\Windows\System32\DRIVERS\raspti.sys fdbb1d60066fcfbb7452fd8f9829b242
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912d5b403614ce99c28420f75353332
C:\Windows\System32\Drivers\RDPWD.sys 43af5212bd8fb5ba6eed9754358bd8f7
C:\Windows\System32\DRIVERS\redbook.sys f828dd7e1419b6653894a8f97a0094c5
C:\Windows\System32\DRIVERS\rimsptsk.sys d0c2a0ce1091e08efb7ccba6cea4c3f9
C:\Windows\System32\Drivers\RimUsb.sys 4f4a4c09cc5be58a76cac1c337e004e6
C:\Windows\System32\DRIVERS\RimSerial.sys 3a5633ad615e2b15291bd0b1b97ccd8a
C:\Windows\System32\DRIVERS\risdptsk.sys bff70b98423f5b33d14f8438ecebf650
C:\Windows\System32\Drivers\RootMdm.sys d8b0b4ade32574b2d9c5cc34dc0dbbe7
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Serial.sys cca207a8896d4c6a0c9ce29a4ae411a7
C:\Windows\System32\DRIVERS\sfloppy.sys 8e6b8c671615d126fdc553d1e2de5562
C:\Windows\System32\DRIVERS\SLIP.sys 866d538ebe33709a5c9f5c62b73b7d14
C:\Windows\System32\Drivers\SonyNC.sys be6038e0a7d2e2fe69107e41a0265831
C:\Windows\System32\DRIVERS\sonypvs1.sys dfadfc2c86662f40759bf02add27d569
C:\Windows\System32\DRIVERS\SONYPVU1.SYS a1eceeaa5c5e74b2499eb51d38185b84
C:\Windows\System32\drivers\splitter.sys ab8b92451ecb048a4d1de7c3ffcb4a9f
C:\Windows\System32\DRIVERS\sr.sys 76bb022c2fb6902fd5bdd4f78fc13a5d
C:\Windows\System32\DRIVERS\srv.sys 47ddfc2f003f7f9f0592c6874962a2e7
C:\Windows\System32\DRIVERS\StreamIP.sys 77813007ba6265c4b6098187e6ed79d2
C:\Windows\System32\DRIVERS\swenum.sys 3941d127aef12e93addf6fe6ee027e0f
C:\Windows\System32\drivers\swmidi.sys 8ce882bcc6cf8a62f2b2323d95cb3d01
C:\Windows\System32\DRIVERS\SynTP.sys 7576e391184a4581dd06d3bd93fd146c
C:\Windows\System32\drivers\sysaudio.sys 8b83f3ed0f1688b4958f77cd6d2bf290
C:\Windows\System32\DRIVERS\tcpip.sys 9aefa14bd6b182d61e3119fa5f436d3d
C:\Windows\System32\Drivers\TDPIPE.sys 6471a66807f5e104e4885f5b67349397
C:\Windows\System32\Drivers\TDTCP.sys c56b6d0402371cf3700eb322ef3aaf61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429d9e
C:\Windows\System32\Drivers\Udfs.sys 5787b80c2e3c5e2f56c2a233d91fa2c9
C:\Windows\System32\DRIVERS\update.sys 402ddc88356b1bac0ee3dd1580c76a31
C:\Windows\System32\Drivers\usbaapl.sys d4fb6ecc60a428564ba8768b0e23c0fc
C:\Windows\System32\drivers\usbaudio.sys e919708db44ed8543a7c017953148330
C:\Windows\System32\DRIVERS\usbccgp.sys 173f317ce0db8e21322e71b7e60a27e8
C:\Windows\System32\DRIVERS\usbehci.sys 65dcf09d0e37d4c6b11b5b0b76d470a7
C:\Windows\System32\DRIVERS\usbhub.sys 1ab3cdde553b6e064d2e754efe20285c
C:\Windows\System32\DRIVERS\usbscan.sys a0b8cf9deb1184fbdd20784a58fa75d4
C:\Windows\System32\DRIVERS\USBSTOR.SYS a32426d9b14a089eaa1d922e0c5801a9
C:\Windows\System32\DRIVERS\usbuhci.sys 26496f9dee2d787fc3e61ad54821ffe6
C:\Windows\System32\Drivers\usbvideo.sys 63bbfca7f390f4c49ed4b96bfb1633e0
C:\Windows\System32\drivers\vga.sys 0d3a8fafceacd8b7625cd549757a7df1
C:\Windows\System32\Drivers\VolSnap.sys 4c8fcb5cc53aab716d810740fe59d025
C:\Windows\System32\DRIVERS\wanarp.sys e20b95baedb550f32dd489265c1da1f6
C:\Windows\System32\Drivers\wdf01000.sys bbcfeab7e871cddac2d397ee7fa91fdc
C:\Windows\System32\drivers\wdmaud.sys 6768acf64b18196494413695f0c3a00f
C:\Windows\System32\DRIVERS\wpdusb.sys cf4def1bf66f06964dc0d91844239104
C:\Windows\System32\Drivers\WS2IFSL.sys 6abe6e225adb5a751622a9cc3bc19ce8
C:\Windows\System32\DRIVERS\WSTCODEC.SYS c98b39829c2bbd34e454150633c62c78
C:\Windows\System32\DRIVERS\WudfPf.sys f15feafffbb3644ccc80c5da584e6311
C:\Windows\System32\DRIVERS\wudfrd.sys 28b524262bce6de1f7ef9f510ba3985b
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-04-07 16:26 - 2013-04-07 19:53 - 00000000 ____D C:\i386
2013-04-07 14:03 - 2013-04-07 14:03 - 00000000 ____D C:\_OTL
2013-04-07 14:03 - 2011-07-12 18:55 - 02237440 ____A (OldTimer Tools) C:\OTLPE.exe
2013-04-07 13:57 - 2013-04-07 13:52 - 331527048 ____A C:\WindowsXP-KB936929-SP3-x86-ENU.rar
2013-04-07 13:55 - 2013-04-07 10:37 - 331805736 ____A (Microsoft Corporation) C:\WindowsXP-KB936929-SP3-x86-ENU.exe
2013-04-06 22:49 - 2013-04-08 18:42 - 00088478 ____A C:\OTL.Txt
2013-04-06 19:56 - 2013-04-06 19:56 - 00000000 ____D C:\FRST
2013-04-05 23:48 - 2013-04-05 23:48 - 00034432 ____A C:\Windows\System32\.crusader
2013-04-05 23:48 - 2013-04-05 23:48 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-04-05 23:48 - 2013-04-05 23:48 - 00000528 ____A C:\Windows\System32\bootdelete.lst
2013-04-05 23:40 - 2013-04-05 23:48 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2013-04-05 22:08 - 2013-04-05 22:09 - 09096848 ____A (SurfRight B.V.) C:\Documents and Settings\Marita XoXo\Desktop\HitmanPro.exe
2013-04-05 22:03 - 2013-04-05 22:03 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Application Data\Malwarebytes
2013-04-05 21:37 - 2013-04-05 21:37 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2013-04-05 21:36 - 2013-04-05 21:36 - 00000784 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-05 21:36 - 2013-04-05 21:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-04-05 21:36 - 2013-04-05 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-04-05 21:36 - 2012-12-14 19:49 - 00021104 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-04-05 21:27 - 2013-04-05 21:27 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia
2013-04-05 21:26 - 2013-04-05 21:28 - 00004848 ____A C:\Documents and Settings\Administrator\Desktop\Rkill.txt
2013-04-05 21:25 - 2013-04-05 21:25 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-04-05 21:25 - 2013-04-05 21:25 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Adobe
2013-04-05 21:23 - 2013-04-05 21:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2013-04-05 21:23 - 2013-04-05 21:23 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
2013-04-05 21:22 - 2013-04-05 21:22 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-04-05 21:21 - 2013-04-05 22:01 - 00000178 __ASH C:\Documents and Settings\Administrator\ntuser.ini
2013-04-05 21:21 - 2013-04-05 21:21 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2013-04-05 21:21 - 2009-06-24 08:41 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
2013-04-05 21:21 - 2009-06-24 08:41 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Adobe
2013-04-05 21:21 - 2009-06-24 08:31 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
2013-04-05 21:21 - 2009-06-24 07:36 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Seven Zip
2013-04-05 21:21 - 2009-06-24 07:32 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
2013-04-05 21:21 - 2009-06-24 07:07 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Macromedia
2013-04-05 21:21 - 2009-06-24 06:48 - 00013104 ___AH C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2013-04-05 21:21 - 2009-06-24 06:46 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\TempRAID
2013-04-05 21:21 - 2009-06-24 06:46 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Sony Corporation
2013-04-05 21:21 - 2009-06-24 06:43 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
2013-04-05 21:21 - 2009-06-24 06:26 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150070}
2013-04-05 21:21 - 2009-06-24 06:14 - 00000000 ___HD C:\Documents and Settings\Administrator\My Documents\Bluetooth Exchange Folder
2013-04-05 21:21 - 2009-06-24 06:14 - 00000000 ____D C:\Documents and Settings\Administrator\Bluetooth Software
2013-04-05 21:21 - 2009-06-24 05:33 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\InstallShield
2013-04-05 21:21 - 2009-06-23 05:57 - 00000062 __ASH C:\Documents and Settings\Administrator\Application Data\desktop.ini
2013-04-04 22:13 - 2013-04-04 22:13 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Macromedia
2013-04-04 22:11 - 2013-04-04 22:11 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Adobe
2013-04-04 22:08 - 2013-04-05 19:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\E0413FE940FCAC790000E0405FB0B44C
2013-03-17 20:09 - 2013-03-31 16:00 - 00002265 ____A C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-03-17 20:09 - 2013-03-17 20:09 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-03-10 14:45 - 2013-03-10 14:46 - 00000000 ____D C:\Program Files\Common Files\Adobe
==================== One Month Modified Files and Folders ========
2013-04-08 18:42 - 2013-04-06 22:49 - 00088478 ____A C:\OTL.Txt
2013-04-07 19:53 - 2013-04-07 16:26 - 00000000 ____D C:\i386
2013-04-07 14:03 - 2013-04-07 14:03 - 00000000 ____D C:\_OTL
2013-04-07 13:52 - 2013-04-07 13:57 - 331527048 ____A C:\WindowsXP-KB936929-SP3-x86-ENU.rar
2013-04-07 10:37 - 2013-04-07 13:55 - 331805736 ____A (Microsoft Corporation) C:\WindowsXP-KB936929-SP3-x86-ENU.exe
2013-04-06 19:56 - 2013-04-06 19:56 - 00000000 ____D C:\FRST
2013-04-05 23:49 - 2009-06-23 13:10 - 00032434 ____A C:\Windows\SchedLgU.Txt
2013-04-05 23:49 - 2009-06-23 13:05 - 01886111 ____A C:\Windows\WindowsUpdate.log
2013-04-05 23:48 - 2013-04-05 23:48 - 00034432 ____A C:\Windows\System32\.crusader
2013-04-05 23:48 - 2013-04-05 23:48 - 00012872 ____A (SurfRight B.V.) C:\Windows\System32\bootdelete.exe
2013-04-05 23:48 - 2013-04-05 23:48 - 00000528 ____A C:\Windows\System32\bootdelete.lst
2013-04-05 23:48 - 2013-04-05 23:40 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HitmanPro
2013-04-05 23:48 - 2010-01-16 16:22 - 00000178 __ASH C:\Documents and Settings\Marita XoXo\ntuser.ini
2013-04-05 23:48 - 2009-06-23 13:10 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-05 23:48 - 2009-06-23 06:00 - 00000275 ____A C:\Windows\wiadebug.log
2013-04-05 23:48 - 2009-06-23 06:00 - 00000048 ____A C:\Windows\wiaservc.log
2013-04-05 23:40 - 2009-06-23 05:57 - 00073244 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-05 23:37 - 2011-08-29 23:41 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Application Data\Skype
2013-04-05 23:36 - 2012-06-09 02:23 - 00000290 ____A C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-86660588-3392484834-3996328194-1006.job
2013-04-05 23:36 - 2009-06-23 12:49 - 00001158 ____A C:\Windows\System32\wpa.dbl
2013-04-05 23:35 - 2010-01-16 16:22 - 00000062 __ASH C:\Documents and Settings\Marita XoXo\Local Settings\desktop.ini
2013-04-05 23:35 - 2009-06-24 06:39 - 00000000 __HDC C:\Windows\$NtUninstallKB953155$
2013-04-05 23:35 - 2009-06-23 13:10 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2013-04-05 23:35 - 2009-06-23 13:10 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2013-04-05 23:15 - 2012-06-06 22:22 - 00001022 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-86660588-3392484834-3996328194-1006UA.job
2013-04-05 22:09 - 2013-04-05 22:08 - 09096848 ____A (SurfRight B.V.) C:\Documents and Settings\Marita XoXo\Desktop\HitmanPro.exe
2013-04-05 22:03 - 2013-04-05 22:03 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Application Data\Malwarebytes
2013-04-05 22:02 - 2010-10-15 10:53 - 00000000 __HDC C:\Windows\$NtUninstallKB2296011$
2013-04-05 22:01 - 2013-04-05 21:21 - 00000178 __ASH C:\Documents and Settings\Administrator\ntuser.ini
2013-04-05 21:37 - 2013-04-05 21:37 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2013-04-05 21:36 - 2013-04-05 21:36 - 00000784 ____A C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-04-05 21:36 - 2013-04-05 21:36 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-04-05 21:36 - 2013-04-05 21:36 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2013-04-05 21:28 - 2013-04-05 21:26 - 00004848 ____A C:\Documents and Settings\Administrator\Desktop\Rkill.txt
2013-04-05 21:27 - 2013-04-05 21:27 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Macromedia
2013-04-05 21:25 - 2013-04-05 21:25 - 00000000 __SHD C:\Documents and Settings\NetworkService\IETldCache
2013-04-05 21:25 - 2013-04-05 21:25 - 00000000 ____D C:\Documents and Settings\NetworkService\Application Data\Adobe
2013-04-05 21:23 - 2013-04-05 21:23 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
2013-04-05 21:23 - 2013-04-05 21:23 - 00000000 ____D C:\Documents and Settings\Administrator\Application Data\Mozilla
2013-04-05 21:22 - 2013-04-05 21:22 - 00000000 __SHD C:\Documents and Settings\Administrator\IETldCache
2013-04-05 21:21 - 2013-04-05 21:21 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2013-04-05 19:46 - 2012-03-01 12:20 - 00008192 _ASHC C:\Windows\Thumbs.db
2013-04-05 19:45 - 2013-04-04 22:08 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\E0413FE940FCAC790000E0405FB0B44C
2013-04-05 19:41 - 2013-02-20 16:38 - 00011718 ____A C:\Windows\setupapi.log
2013-04-04 22:15 - 2012-01-31 16:14 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Desktop\Fer...!
2013-04-04 22:13 - 2013-04-04 22:13 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Macromedia
2013-04-04 22:11 - 2013-04-04 22:11 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\Adobe
2013-04-04 22:07 - 2010-01-16 16:22 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Application Data\Adobe
2013-04-04 21:07 - 2012-04-26 00:16 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Application Data\vlc
2013-04-04 20:51 - 2010-01-20 02:44 - 00194048 ____A C:\Documents and Settings\Marita XoXo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-02 17:00 - 2012-06-09 02:23 - 00000298 ____A C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-86660588-3392484834-3996328194-1006.job
2013-04-01 19:52 - 2011-06-16 14:41 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2013-03-31 16:00 - 2013-03-17 20:09 - 00002265 ____A C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-03-28 08:15 - 2012-06-06 22:22 - 00001000 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-86660588-3392484834-3996328194-1006Core.job
2013-03-25 01:36 - 2013-03-03 17:55 - 00352568 ____A C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2013-03-23 14:45 - 2009-06-23 13:03 - 00047151 ___AC C:\Windows\wmsetup.log
2013-03-22 03:45 - 2010-01-20 02:02 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Tracing
2013-03-21 22:26 - 2012-05-03 03:03 - 00693976 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-03-21 22:26 - 2012-02-07 16:06 - 00073432 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-03-19 12:19 - 2010-01-20 02:16 - 00000284 ____A C:\Windows\Tasks\AppleSoftwareUpdate.job
2013-03-17 20:09 - 2013-03-17 20:09 - 00000000 ____D C:\Program Files\Common Files\Skype
2013-03-17 20:09 - 2012-10-22 22:18 - 00000000 ___RD C:\Program Files\Skype
2013-03-17 20:09 - 2011-08-29 23:41 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-03-12 23:25 - 2012-05-09 00:10 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-03-10 14:46 - 2013-03-10 14:45 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-03-10 14:45 - 2009-06-24 07:06 - 00000000 ____D C:\Program Files\Adobe
2013-03-10 14:45 - 2009-06-24 07:06 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Adobe
2013-03-10 14:44 - 2010-01-16 16:22 - 00000000 ____D C:\Documents and Settings\Marita XoXo\Local Settings\Application Data\Adobe
2013-03-10 14:43 - 2013-03-08 05:33 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points (XP) =====================
RP: -> 2013-04-05 20:06 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP610
RP: -> 2013-04-04 19:12 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP609
RP: -> 2013-04-03 17:37 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP608
RP: -> 2013-04-02 02:22 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP607
RP: -> 2013-04-01 00:37 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP606
RP: -> 2013-03-30 19:37 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP605
RP: -> 2013-03-29 15:26 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP604
RP: -> 2013-03-28 04:50 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP603
RP: -> 2013-03-26 20:02 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP602
RP: -> 2013-03-25 19:33 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP601
RP: -> 2013-03-24 19:20 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP600
RP: -> 2013-03-23 02:32 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP599
RP: -> 2013-03-22 00:59 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP598
RP: -> 2013-03-20 20:43 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP597
RP: -> 2013-03-19 20:02 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP596
RP: -> 2013-03-18 19:01 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP595
RP: -> 2013-03-17 18:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP594
RP: -> 2013-03-16 18:25 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP593
RP: -> 2013-03-15 18:01 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP592
RP: -> 2013-03-14 17:59 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP591
RP: -> 2013-03-13 14:52 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP590
RP: -> 2013-03-12 14:17 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP589
RP: -> 2013-03-11 05:11 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP588
RP: -> 2013-03-10 05:04 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP587
RP: -> 2013-03-09 02:06 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP586
RP: -> 2013-03-08 01:52 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP585
RP: -> 2013-03-07 01:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP584
RP: -> 2013-03-06 01:12 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP583
RP: -> 2013-03-04 23:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP582
RP: -> 2013-03-03 01:20 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP581
RP: -> 2013-03-01 21:37 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP580
RP: -> 2013-02-28 21:02 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP579
RP: -> 2013-02-27 19:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP578
RP: -> 2013-02-26 19:34 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP577
RP: -> 2013-02-25 19:20 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP576
RP: -> 2013-02-24 05:50 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP575
RP: -> 2013-02-23 02:14 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP574
RP: -> 2013-02-22 00:53 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP573
RP: -> 2013-02-20 23:32 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP572
RP: -> 2013-02-18 18:09 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP571
RP: -> 2013-02-17 16:06 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP570
RP: -> 2013-02-16 04:41 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP569
RP: -> 2013-02-15 00:04 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP568
RP: -> 2013-02-13 23:51 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP567
RP: -> 2013-02-12 22:50 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP566
RP: -> 2013-02-11 22:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP565
RP: -> 2013-02-10 21:36 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP564
RP: -> 2013-02-09 18:17 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP563
RP: -> 2013-02-08 16:25 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP562
RP: -> 2013-02-07 11:43 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP561
RP: -> 2013-02-06 01:07 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP560
RP: -> 2013-02-05 00:51 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP559
RP: -> 2013-02-03 17:30 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP558
RP: -> 2013-02-02 15:34 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP557
RP: -> 2013-02-01 02:04 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP556
RP: -> 2013-01-31 00:20 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP555
RP: -> 2013-01-29 20:52 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP554
RP: -> 2013-01-29 03:06 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP553
RP: -> 2013-01-28 01:52 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP552
RP: -> 2013-01-27 01:51 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP551
RP: -> 2013-01-26 01:39 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP550
RP: -> 2013-01-24 23:59 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP549
RP: -> 2013-01-23 16:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP548
RP: -> 2013-01-22 01:17 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP547
RP: -> 2013-01-20 04:49 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP546
RP: -> 2013-01-19 03:51 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP545
RP: -> 2013-01-15 20:07 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP544
RP: -> 2013-01-14 04:29 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP543
RP: -> 2013-01-13 02:56 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP542
RP: -> 2013-01-12 02:30 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP541
RP: -> 2013-01-11 01:42 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP540
RP: -> 2013-01-09 23:58 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP539
RP: -> 2013-01-08 21:27 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP538
RP: -> 2013-01-07 21:17 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP537
RP: -> 2013-01-06 19:52 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP536
RP: -> 2013-01-06 19:20 - 024576 _restore{A7DB428C-8EFC-4BF4-B34E-EAAE9CAA90E8}\RP535
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 1014.36 MB
Available physical RAM: 806.18 MB
Total Pagefile: 901.89 MB
Available Pagefile: 823.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1998.98 MB
==================== Partitions =============================
1 Drive b: (RAMDisk) (Fixed) (Total:0.06 GB) (Free:0.06 GB) NTFS
2 Drive c: () (Fixed) (Total:141.05 GB) (Free:35.47 GB) NTFS ==>[Drive with boot components (Windows XP)]
3 Drive x: (ReatogoPE) (Removable) (Total:7.45 GB) (Free:7.11 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 149 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 8190 MB 1024 KB
Partition 2 Primary 141 GB 8191 MB
Partition 3 Unknown 848 KB 149 GB
=========================================================
Disk: 0
Partition 1
Type : 12
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 0 NTFS Partition 8190 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 141 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Partition 1024 KB Healthy
=========================================================
==================== End Of Log ============================