Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-12-2012
Ran by SYSTEM at 22-12-2012 10:55:28
Running from J:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-07-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [106496 2010-01-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-01-24] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-12-14] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [222504 2010-12-22] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [230696 2011-08-23] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [452016 2011-01-14] ()
HKU\Jay\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\Jay\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-12] (Microsoft Corporation)
HKU\Jay\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin [x]
HKU\Yasuyo\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\Yasuyo\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-12] (Microsoft Corporation)
HKU\Yasuyo\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17877168 2012-11-08] (Skype Technologies S.A.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\AirStation ??????.lnk
ShortcutTarget: AirStation ??????.lnk -> C:\Program Files (x86)\BUFFALO\WDTool\bwdnotification.exe (BUFFALO INC.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Client Manager V.lnk
ShortcutTarget: Client Manager V.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (BUFFALO INC.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe ()
Startup: C:\Users\Jay\Start Menu\Programs\Startup\PCastTV for 地デジ Lite(タスクトレイ).lnk
ShortcutTarget: PCastTV for 地デジ Lite(タスクトレイ).lnk -> C:\Program Files (x86)\BUFFALO\PCastTV_HD\PCastHDTray.exe (BUFFALO INC.)
Startup: C:\Users\Jay\Start Menu\Programs\Startup\?????????????.lnk
ShortcutTarget: ?????????????.lnk -> C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe (BUFFALO INC.)
==================== Services (Whitelisted) ===================
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" [7391072 2012-01-30] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe" [269520 2011-02-07] (AVG Technologies CZ, s.r.o.)
2 BWH32S; "C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe" [126328 2009-07-08] (BUFFALO INC.)
2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-23] ()
2 CyberLink PowerDVD 11.0 Monitor Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe" [75048 2011-09-01] (CyberLink)
2 CyberLink PowerDVD 11.0 Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" [292136 2011-09-01] (CyberLink)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] ()
2 MrnTS_Sync5; "C:\Program Files (x86)\Common Files\Creoapp\MrnTS_Sync5.exe" [263712 2007-06-11] (????????)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-25] ()
2 TVersityMediaServer; "C:\ProgramData\TVersity\Media Server\MediaServer.exe" [1249064 2011-07-29] ()
2 WirelessDiagnosis; C:\Program Files (x86)\BUFFALO\WDTool\bwdbackground.exe [230776 2011-03-30] (BUFFALO INC.)
2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
2 PS3 Media Server; "C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe" -s "C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.conf" [x]
==================== Drivers (Whitelisted) =====================
3 AVGIDSDriver; C:\Windows\System32\Drivers\AVGIDSDriver.sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\Drivers\AVGIDSEH.sys [26704 2011-02-21] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\Drivers\AVGIDSFilter.sys [29264 2011-02-09] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [312160 2012-11-11] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [41552 2011-02-28] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [37456 2011-03-15] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2010-07-04] (BUFFALO INC.)
3 DTH10_Series; C:\Windows\System32\Drivers\DTH10_Series.sys [125496 2009-11-27] (Cobalt Technologies Co., Ltd.)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-02-18] (DT Soft Ltd)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] ()
3 libusb0; C:\Windows\System32\Drivers\libusb0.sys [52320 2012-08-29] ()
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-27] ()
3 ucgnsta; C:\Windows\System32\DRIVERS\ucgnstax.sys [987648 2009-08-05] (Ralink Technology Corp.)
2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-01] (CyberLink Corp.)
3 ALSysIO; \??\C:\Users\Jay\AppData\Local\Temp\ALSysIO64.sys [x]
3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [x]
0 mv91xx; C:\Windows\System32\DRIVERS\mv91xx.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-12-22 10:55 - 2012-12-22 10:55 - 00000000 ____D C:\FRST
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{FEB52D66-AA81-4264-A8D0-297C1129C333}
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Jay\AppData\Local\{AE046FF9-EDEC-4B52-8930-D73E711E72BE}
2012-12-16 13:25 - 2012-12-16 13:26 - 00000000 ____D C:\Users\Jay\AppData\Local\{9D17042B-1D0C-428A-A4C0-93FD4CA0A268}
2012-12-14 20:03 - 2012-12-14 20:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{7851E552-C317-416A-85B9-F2DCB2CD6B49}
2012-12-14 04:15 - 2012-12-16 13:26 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{DF715C3E-7114-432D-9576-B46F9D9B9736}
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-12-13 20:07 - 2012-12-13 20:07 - 00000000 ____D C:\Users\Jay\AppData\Local\{DD6A4EC9-793D-4111-8EB1-56D12ACD5FA8}
2012-12-11 06:17 - 2012-12-11 06:18 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{1B1794DD-42FC-475B-9B8C-14C1A2F51BC0}
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-12-10 17:26 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-10 17:26 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-10 17:26 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-10 17:26 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-10 17:09 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Jay\AppData\Local\{F49FE3E5-644E-4A3E-BE7E-36CAC77EA3D1}
2012-12-09 18:32 - 2012-12-09 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{EC86A969-A4A6-4A20-A2D2-11CC8C9EF8C2}
2012-12-09 06:32 - 2012-12-09 06:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{A3BD3D8A-AD75-4869-AFD6-2AD7202FD4B0}
2012-12-08 18:31 - 2012-12-08 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{24A53CF5-5776-409E-9EBD-7DE791D3CC46}
2012-12-08 06:31 - 2012-12-08 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{225777F9-890F-4645-9CE5-B16551D67308}
2012-12-07 18:31 - 2012-12-07 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{8287AA57-F1D8-4E07-84C3-15253915DCF3}
2012-12-07 06:31 - 2012-12-07 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E1478426-C0B3-4113-B177-DF3815721EAF}
2012-12-06 18:30 - 2012-12-06 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E32F3866-3A13-466E-A030-0500206E71BA}
2012-12-05 02:53 - 2012-12-05 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{C149B60D-FD78-46D2-8CBE-3C9F08F76193}
2012-12-04 14:53 - 2012-12-04 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{491CEE05-8995-4BFE-AD7C-CB3E18108F0B}
2012-12-04 02:53 - 2012-12-04 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{B7E21AA6-9DF1-4B84-BAE3-8C02CA9E2DF2}
2012-12-03 14:53 - 2012-12-03 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{A1448FBB-CE13-4365-96AF-BC81F50C3440}
2012-12-03 01:14 - 2012-12-03 01:15 - 00000000 ____D C:\Users\Jay\AppData\Local\{546CD61A-110F-4F39-B30B-3EC8AD884000}
2012-11-30 05:37 - 2012-11-30 05:38 - 00000000 ____D C:\Users\Jay\AppData\Local\{1D79730F-59BB-4B59-80BD-C4D3E16DBC71}
2012-11-29 02:59 - 2012-11-29 02:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{4418C7D5-0C2B-4FA1-8578-96A3A6250F13}
2012-11-28 14:59 - 2012-11-28 14:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{46A50999-CDA8-41F7-A0F3-1B1B13C5E31E}
2012-11-27 01:04 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{D2857AFF-359B-4821-92A9-E55C8130CECF}
2012-11-26 19:41 - 2012-11-26 19:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{70AE0BCC-B339-4C55-A616-3F7D99F05AE0}
2012-11-25 15:03 - 2012-11-26 07:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{00A1A77D-E6BC-4CD1-AFAA-0388B453ED93}
2012-11-24 22:13 - 2012-11-24 22:13 - 00000000 ____D C:\Users\Jay\AppData\Local\{FE739715-C62B-4087-AB38-9E4BD028B16A}
2012-11-23 21:22 - 2012-11-23 21:22 - 00000000 ____D C:\Users\Jay\AppData\Local\{4E50867B-7E84-467B-BFEA-330DA6E43A90}
2012-11-22 04:08 - 2012-11-22 04:08 - 00000000 ____D C:\Users\Jay\AppData\Local\{D0F80378-27EB-431D-A948-94FE3DC9688D}
==================== One Month Modified Files and Folders =======
2012-12-18 01:07 - 2011-09-17 16:28 - 00000000 ____D C:\Users\All Users\McAfee Security Scan
2012-12-18 01:07 - 2011-02-20 06:01 - 00000000 ____D C:\Users\Jay\AppData\Roaming\uTorrent
2012-12-18 01:07 - 2011-02-14 07:51 - 00000000 ____D C:\users\Yasuyo
2012-12-18 01:07 - 2011-02-14 07:20 - 00000000 ____D C:\users\???
2012-12-18 01:07 - 2011-02-13 05:29 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-12-18 01:07 - 2011-02-13 03:03 - 00000000 ____D C:\users\Jay
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-12-18 01:06 - 2011-03-14 22:34 - 00000000 ____D C:\Users\Yasuyo\AppData\Roaming\Skype
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{FEB52D66-AA81-4264-A8D0-297C1129C333}
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Jay\AppData\Local\{AE046FF9-EDEC-4B52-8930-D73E711E72BE}
2012-12-16 20:08 - 2011-03-29 23:11 - 00000000 ____D C:\Users\Yasuyo\Tracing
2012-12-16 20:08 - 2011-02-14 16:44 - 00121992 ____A C:\Users\Yasuyo\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-16 15:09 - 2011-03-05 04:23 - 00000000 ____D C:\Users\Jay\Tracing
2012-12-16 15:09 - 2011-02-13 04:16 - 00121992 ____A C:\Users\Jay\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-16 13:26 - 2012-12-16 13:25 - 00000000 ____D C:\Users\Jay\AppData\Local\{9D17042B-1D0C-428A-A4C0-93FD4CA0A268}
2012-12-16 13:26 - 2012-12-14 04:15 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{DF715C3E-7114-432D-9576-B46F9D9B9736}
2012-12-16 13:25 - 2012-04-14 22:54 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-16 13:25 - 2011-05-07 23:11 - 00340383 ____A C:\Windows\SysWOW64\TVersityMediaServer.log
2012-12-14 20:03 - 2012-12-14 20:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{7851E552-C317-416A-85B9-F2DCB2CD6B49}
2012-12-13 22:03 - 2012-04-14 22:54 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-13 22:03 - 2011-05-19 06:22 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2011-03-29 15:05 - 00000953 ____A C:\Users\Public\Desktop\AVG 2011.lnk
2012-12-13 20:14 - 2009-07-13 20:45 - 00018192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-13 20:14 - 2009-07-13 20:45 - 00018192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-13 20:12 - 2011-02-13 03:34 - 00396672 ____A C:\Windows\System32\perfh011.dat
2012-12-13 20:12 - 2011-02-13 03:34 - 00106538 ____A C:\Windows\System32\perfc011.dat
2012-12-13 20:12 - 2009-07-13 21:13 - 01220272 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-13 20:08 - 2011-02-13 03:03 - 02057536 ____A C:\Windows\WindowsUpdate.log
2012-12-13 20:08 - 2009-07-13 20:51 - 00051304 ____A C:\Windows\setupact.log
2012-12-13 20:07 - 2012-12-13 20:07 - 00000000 ____D C:\Users\Jay\AppData\Local\{DD6A4EC9-793D-4111-8EB1-56D12ACD5FA8}
2012-12-13 20:06 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-11 06:18 - 2012-12-11 06:17 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{1B1794DD-42FC-475B-9B8C-14C1A2F51BC0}
2012-12-11 00:26 - 2012-05-05 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-10 17:40 - 2011-03-13 16:11 - 00000000 ____D C:\Users\Jay\AppData\Roaming\Skype
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-12-10 17:09 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Jay\AppData\Local\{F49FE3E5-644E-4A3E-BE7E-36CAC77EA3D1}
2012-12-10 17:09 - 2012-11-27 01:04 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{D2857AFF-359B-4821-92A9-E55C8130CECF}
2012-12-09 18:32 - 2012-12-09 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{EC86A969-A4A6-4A20-A2D2-11CC8C9EF8C2}
2012-12-09 06:32 - 2012-12-09 06:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{A3BD3D8A-AD75-4869-AFD6-2AD7202FD4B0}
2012-12-08 18:32 - 2012-12-08 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{24A53CF5-5776-409E-9EBD-7DE791D3CC46}
2012-12-08 06:31 - 2012-12-08 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{225777F9-890F-4645-9CE5-B16551D67308}
2012-12-07 20:10 - 2012-10-27 22:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-07 18:31 - 2012-12-07 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{8287AA57-F1D8-4E07-84C3-15253915DCF3}
2012-12-07 16:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\LiveKernelReports
2012-12-07 06:31 - 2012-12-07 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E1478426-C0B3-4113-B177-DF3815721EAF}
2012-12-06 18:31 - 2012-12-06 18:30 - 00000000 ____D C:\Users\Jay\AppData\Local\{E32F3866-3A13-466E-A030-0500206E71BA}
2012-12-05 02:53 - 2012-12-05 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{C149B60D-FD78-46D2-8CBE-3C9F08F76193}
2012-12-04 14:53 - 2012-12-04 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{491CEE05-8995-4BFE-AD7C-CB3E18108F0B}
2012-12-04 02:53 - 2012-12-04 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{B7E21AA6-9DF1-4B84-BAE3-8C02CA9E2DF2}
2012-12-03 14:53 - 2012-12-03 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{A1448FBB-CE13-4365-96AF-BC81F50C3440}
2012-12-03 01:15 - 2012-12-03 01:14 - 00000000 ____D C:\Users\Jay\AppData\Local\{546CD61A-110F-4F39-B30B-3EC8AD884000}
2012-11-30 05:38 - 2012-11-30 05:37 - 00000000 ____D C:\Users\Jay\AppData\Local\{1D79730F-59BB-4B59-80BD-C4D3E16DBC71}
2012-11-29 02:59 - 2012-11-29 02:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{4418C7D5-0C2B-4FA1-8578-96A3A6250F13}
2012-11-28 14:59 - 2012-11-28 14:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{46A50999-CDA8-41F7-A0F3-1B1B13C5E31E}
2012-11-26 19:41 - 2012-11-26 19:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{70AE0BCC-B339-4C55-A616-3F7D99F05AE0}
2012-11-26 07:52 - 2011-06-20 01:55 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-11-26 07:52 - 2011-06-20 01:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-11-26 07:52 - 2011-03-13 16:11 - 00000000 ____D C:\Users\All Users\Skype
2012-11-26 07:41 - 2012-11-25 15:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{00A1A77D-E6BC-4CD1-AFAA-0388B453ED93}
2012-11-26 07:41 - 2012-11-20 03:26 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{3E201402-1458-4203-9DF1-CBA442E337A8}
2012-11-25 06:15 - 2011-02-26 05:07 - 00000000 ____D C:\Users\Jay\AppData\Roaming\vlc
2012-11-24 22:13 - 2012-11-24 22:13 - 00000000 ____D C:\Users\Jay\AppData\Local\{FE739715-C62B-4087-AB38-9E4BD028B16A}
2012-11-23 21:22 - 2012-11-23 21:22 - 00000000 ____D C:\Users\Jay\AppData\Local\{4E50867B-7E84-467B-BFEA-330DA6E43A90}
2012-11-22 04:08 - 2012-11-22 04:08 - 00000000 ____D C:\Users\Jay\AppData\Local\{D0F80378-27EB-431D-A948-94FE3DC9688D}
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-12-16 13:26:29
==================== Memory info ===========================
Percentage of memory in use: 9%
Total physical RAM: 8183.05 MB
Available physical RAM: 7364.89 MB
Total Pagefile: 8181.2 MB
Available Pagefile: 7358.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:14.1 GB) NTFS
2 Drive d: (WD20EARS) (Fixed) (Total:1863.01 GB) (Free:562.02 GB) NTFS
3 Drive e: (WD15EARS) (Fixed) (Total:1397.26 GB) (Free:418.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (Seagate320) (Fixed) (Total:298.09 GB) (Free:93.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: (Seagate1000) (Fixed) (Total:931.51 GB) (Free:7.74 GB) NTFS
6 Drive i: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
7 Drive j: (USB DISK) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
9 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 111 GB 0 B
Disk 1 Online 1863 GB 0 B
Disk 2 Online 1397 GB 0 B
Disk 3 Online 298 GB 0 B
Disk 4 Online 931 GB 0 B
Disk 5 Online 3817 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 111 GB 101 MB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 111 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB
==================================================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D WD20EARS NTFS Partition 1863 GB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1397 GB 1024 KB
==================================================================================
Disk: 2
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E WD15EARS NTFS Partition 1397 GB Healthy
=========================================================
Partitions of Disk 3:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 31 KB
==================================================================================
Disk: 3
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F Seagate320 NTFS Partition 298 GB Healthy
=========================================================
Partitions of Disk 4:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB
==================================================================================
Disk: 4
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 G Seagate1000 NTFS Partition 931 GB Healthy
=========================================================
Partitions of Disk 5:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3813 MB 4032 KB
==================================================================================
Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J USB DISK FAT32 Removable 3813 MB Healthy
=========================================================
Last Boot: 2012-12-14 07:03
==================== End Of Log =============================